Popup i IE.

25 Maj, 2014

17:35:07.0500 0x0fe4 viaide - ok

17:35:07.0537 0x0fe4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys

17:35:07.0542 0x0fe4 volmgr - ok

17:35:07.0614 0x0fe4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

17:35:07.0626 0x0fe4 volmgrx - ok

17:35:07.0678 0x0fe4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys

17:35:07.0688 0x0fe4 volsnap - ok

17:35:07.0740 0x0fe4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

17:35:07.0748 0x0fe4 vsmraid - ok

17:35:07.0819 0x0fe4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe

17:35:07.0886 0x0fe4 VSS - ok

17:35:08.0096 0x0fe4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

17:35:08.0099 0x0fe4 vwifibus - ok

17:35:08.0158 0x0fe4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll

17:35:08.0181 0x0fe4 W32Time - ok

17:35:08.0225 0x0fe4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

17:35:08.0229 0x0fe4 WacomPen - ok

17:35:08.0264 0x0fe4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

17:35:08.0269 0x0fe4 WANARP - ok

17:35:08.0277 0x0fe4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

17:35:08.0281 0x0fe4 Wanarpv6 - ok

17:35:08.0782 0x0fe4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

17:35:08.0869 0x0fe4 WatAdminSvc - ok

17:35:08.0981 0x0fe4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe

17:35:09.0072 0x0fe4 wbengine - ok

17:35:09.0160 0x0fe4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

17:35:09.0171 0x0fe4 WbioSrvc - ok

17:35:09.0206 0x0fe4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll

17:35:09.0229 0x0fe4 wcncsvc - ok

17:35:09.0252 0x0fe4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

17:35:09.0258 0x0fe4 WcsPlugInService - ok

17:35:09.0338 0x0fe4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys

17:35:09.0342 0x0fe4 Wd - ok

17:35:09.0380 0x0fe4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

17:35:09.0425 0x0fe4 Wdf01000 - ok

17:35:09.0524 0x0fe4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll

17:35:09.0532 0x0fe4 WdiServiceHost - ok

17:35:09.0648 0x0fe4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll

17:35:09.0653 0x0fe4 WdiSystemHost - ok

17:35:09.0697 0x0fe4 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll

17:35:09.0709 0x0fe4 WebClient - ok

17:35:09.0734 0x0fe4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll

17:35:09.0744 0x0fe4 Wecsvc - ok

17:35:09.0766 0x0fe4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll

17:35:09.0773 0x0fe4 wercplsupport - ok

17:35:09.0799 0x0fe4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll

17:35:09.0806 0x0fe4 WerSvc - ok

17:35:09.0848 0x0fe4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

17:35:09.0850 0x0fe4 WfpLwf - ok

17:35:10.0009 0x0fe4 [ CFCA0B57C59495BAA5A33E391A5F7C5F, 72FBE8D0258530781AEC97D4D3EC4D0BC214A946BC1574A52701E0FD6489633D ] wifimansvc C:\Program Files\Mobile Broadband\eap\wifimansvc.exe

17:35:10.0043 0x0fe4 wifimansvc - ok

17:35:10.0069 0x0fe4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys

17:35:10.0072 0x0fe4 WIMMount - ok

17:35:10.0134 0x0fe4 [ 8B976D4CA270110111DF4F313DA0E6E8, 7A70CBACF65D8A8CB4FE0667B6F7FC1E57AF939A0319CC4CC13BB24F193E759F ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys

17:35:10.0168 0x0fe4 winachsf - ok

17:35:10.0269 0x0fe4 [ 3FA87D56769838AAC82FAFC3E78FC732, E1D942D59A7EDB1768D39D87D637C6F87C84711D0776FF2C69161350D037663B ] winbondcir C:\Windows\system32\DRIVERS\winbondcir.sys

17:35:10.0273 0x0fe4 winbondcir - ok

17:35:10.0417 0x0fe4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll

17:35:10.0470 0x0fe4 WinDefend - ok

17:35:10.0487 0x0fe4 WinHttpAutoProxySvc - ok

17:35:10.0721 0x0fe4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

17:35:10.0729 0x0fe4 Winmgmt - ok

17:35:10.0810 0x0fe4 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll

17:35:10.0893 0x0fe4 WinRM - ok

17:35:11.0009 0x0fe4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

17:35:11.0013 0x0fe4 WinUsb - ok

17:35:11.0079 0x0fe4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll

17:35:11.0125 0x0fe4 Wlansvc - ok

17:35:11.0245 0x0fe4 [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

17:35:11.0251 0x0fe4 wlcrasvc - ok

17:35:11.0572 0x0fe4 [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:35:11.0640 0x0fe4 wlidsvc - ok

17:35:11.0705 0x0fe4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

17:35:11.0708 0x0fe4 WmiAcpi - ok

17:35:11.0766 0x0fe4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

17:35:11.0773 0x0fe4 wmiApSrv - ok

17:35:11.0967 0x0fe4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe

17:35:12.0046 0x0fe4 WMPNetworkSvc - ok

17:35:12.0084 0x0fe4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll

17:35:12.0090 0x0fe4 WPCSvc - ok

17:35:12.0144 0x0fe4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

17:35:12.0154 0x0fe4 WPDBusEnum - ok

17:35:12.0200 0x0fe4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

17:35:12.0203 0x0fe4 ws2ifsl - ok

17:35:12.0248 0x0fe4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll

17:35:12.0255 0x0fe4 wscsvc - ok

17:35:12.0286 0x0fe4 WSearch - ok

17:35:12.0548 0x0fe4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll

17:35:12.0675 0x0fe4 wuauserv - ok

17:35:12.0715 0x0fe4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

17:35:12.0719 0x0fe4 WudfPf - ok

17:35:12.0816 0x0fe4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

17:35:12.0823 0x0fe4 WUDFRd - ok

17:35:12.0848 0x0fe4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll

17:35:12.0856 0x0fe4 wudfsvc - ok

17:35:12.0898 0x0fe4 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll

17:35:12.0908 0x0fe4 WwanSvc - ok

17:35:12.0950 0x0fe4 [ 894F963BE999BA9DB5AAC3AED55B115D, F4ECDD57FC5F6E295414745C2B8A2D9F9074C7035A6902456EE4447560863710 ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys

17:35:12.0953 0x0fe4 XAudio - ok

17:35:13.0219 0x0fe4 ================ Scan global ===============================

17:35:13.0254 0x0fe4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll

17:35:13.0321 0x0fe4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

17:35:13.0343 0x0fe4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll

17:35:13.0429 0x0fe4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll

17:35:13.0482 0x0fe4 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe

17:35:13.0506 0x0fe4 [ Global ] - ok

17:35:13.0544 0x0fe4 ================ Scan MBR ==================================

17:35:13.0573 0x0fe4 [ BB9D3A6A13C5010348DA7C900BB6AF50 ] \Device\Harddisk0\DR0

17:35:14.0916 0x0fe4 \Device\Harddisk0\DR0 - ok

17:35:14.0916 0x0fe4 ================ Scan VBR ==================================

17:35:14.0922 0x0fe4 [ 73F6DCC8AAB69FD3956532D24EC384FE ] \Device\Harddisk0\DR0\Partition1

17:35:14.0924 0x0fe4 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )

17:35:14.0924 0x0fe4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected

17:35:18.0424 0x0fe4 [ 1F26B0137CB8BC84F2BB7038277EF705 ] \Device\Harddisk0\DR0\Partition2

17:35:18.0641 0x0fe4 \Device\Harddisk0\DR0\Partition2 - ok

17:35:18.0642 0x0fe4 Waiting for KSN requests completion. In queue: 132

17:35:19.0642 0x0fe4 Waiting for KSN requests completion. In queue: 132

17:35:21.0176 0x0fe4 AV detected via SS2: McAfee Antivirus och antispionprogram, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51000 ( enabled : updated )

17:35:21.0340 0x0fe4 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 12.8.0.0 ), 0x51010 ( enabled )

17:35:24.0450 0x0fe4 ============================================================

17:35:24.0450 0x0fe4 Scan finished

17:35:24.0450 0x0fe4 ============================================================

17:35:24.0486 0x1074 Detected object count: 1

17:35:24.0486 0x1074 Actual detected object count: 1

17:44:54.0797 0x1074 \Device\Harddisk0\DR0\Partition1 - copied to quarantine

17:44:54.0872 0x1074 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot

17:44:54.0889 0x1074 \Device\Harddisk0\DR0\Partition1 - ok

17:44:54.0889 0x1074 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure

17:44:55.0586 0x1074 KLMD registered as C:\Windows\system32\drivers\83132287.sys

17:45:09.0907 0x1a48 Deinitialize success

25 Maj, 2014

1. Kör TDSSKiller igen för att vara säker på att Rootkit.Boot.Cidox.b fortfarande är borta. Om inget hittas behöver du inte klistra in loggen.

2. Starta Anteckningar.
Kopiera alla rader i rutan:

HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"

BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

3. Kör RogueKiller enligt anvisningarna i inlägg 8 och klistra in den loggen.

Nu verkar ju Explorer funka igen men det går inte att använda google???

4. Vad gör du och vad händer?

26 Maj, 2014

Se nedan för loggar. Körde TDSkiller och fick inga träffar.

När det gäller IE så körde "Återställ" och det verkade lösa alla problemen med explorer.

Känns som datorn är fullt normal nu. :-) Verkligen tacksam för all hjälp!!

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-05-2014 02

Ran by Kalle at 2014-05-26 23:15:01 Run:3

Running from C:\Users\Kalle\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] - rmdir /s /q "\SearchProtect"

BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File

*****************

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => Value deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.

HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

==== End of Fixlog ====

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version

Started in : Normal mode

User : Kalle [Admin rights]

Mode : Scan -- Date : 05/26/2014 23:28:17

| ARK || FAK || MBR |

¤¤¤ Bad processes : 2 ¤¤¤

[sUSP PATH] DiinoService_win7_i386.exe -- C:\Users\Kalle\AppData\Roaming\Diino\DiinoService_win7_i386.exe [7] -> KILLED [TermProc]

[sUSP PATH] ouc.exe -- C:\ProgramData\Mobile Broadband\OnlineUpdate\ouc.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 3 ¤¤¤

[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

[Address] EAT @explorer.exe (BeginBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D09AE)

[Address] EAT @explorer.exe (BeginBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C49A1)

[Address] EAT @explorer.exe (BeginPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F0731)

[Address] EAT @explorer.exe (BufferedPaintClear) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C6395)

[Address] EAT @explorer.exe (BufferedPaintInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C940E)

[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D08ED)

[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747DE6B3)

[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747DD395)

[Address] EAT @explorer.exe (BufferedPaintUnInit) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C94AB)

[Address] EAT @explorer.exe (CloseThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C6A18)

[Address] EAT @explorer.exe (DrawThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C3982)

[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747DD9DA)

[Address] EAT @explorer.exe (DrawThemeEdge) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747E3B52)

[Address] EAT @explorer.exe (DrawThemeIcon) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F35E7)

[Address] EAT @explorer.exe (DrawThemeParentBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C53E5)

[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C51BF)

[Address] EAT @explorer.exe (DrawThemeText) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C4EA1)

[Address] EAT @explorer.exe (DrawThemeTextEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C63E6)

[Address] EAT @explorer.exe (EnableThemeDialogTexture) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CFCAF)

[Address] EAT @explorer.exe (EnableTheming) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2FEB)

[Address] EAT @explorer.exe (EndBufferedAnimation) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C3F9A)

[Address] EAT @explorer.exe (EndBufferedPaint) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C3F9A)

[Address] EAT @explorer.exe (EndPanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F06CC)

[Address] EAT @explorer.exe (GetBufferedPaintBits) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C4BAF)

[Address] EAT @explorer.exe (GetBufferedPaintDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D04BC)

[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D0473)

[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2E7F)

[Address] EAT @explorer.exe (GetCurrentThemeName) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D05DD)

[Address] EAT @explorer.exe (GetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D0FB1)

[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CCD2E)

[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CF8BF)

[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D165D)

[Address] EAT @explorer.exe (GetThemeBitmap) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CBF93)

[Address] EAT @explorer.exe (GetThemeBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C7C1F)

[Address] EAT @explorer.exe (GetThemeColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C616C)

[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2932)

[Address] EAT @explorer.exe (GetThemeEnumValue) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C616C)

[Address] EAT @explorer.exe (GetThemeFilename) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2412)

[Address] EAT @explorer.exe (GetThemeFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CFF21)

[Address] EAT @explorer.exe (GetThemeInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C616C)

[Address] EAT @explorer.exe (GetThemeIntList) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F23B1)

[Address] EAT @explorer.exe (GetThemeMargins) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C86E9)

[Address] EAT @explorer.exe (GetThemeMetric) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D06E2)

[Address] EAT @explorer.exe (GetThemePartSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CCDB1)

[Address] EAT @explorer.exe (GetThemePosition) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2350)

[Address] EAT @explorer.exe (GetThemePropertyOrigin) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747E3FBB)

[Address] EAT @explorer.exe (GetThemeRect) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D3611)

[Address] EAT @explorer.exe (GetThemeStream) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D39D9)

[Address] EAT @explorer.exe (GetThemeString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F22E4)

[Address] EAT @explorer.exe (GetThemeSysBool) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F3172)

[Address] EAT @explorer.exe (GetThemeSysColor) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747E3274)

[Address] EAT @explorer.exe (GetThemeSysColorBrush) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F301E)

[Address] EAT @explorer.exe (GetThemeSysFont) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F29C4)

[Address] EAT @explorer.exe (GetThemeSysInt) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2BD3)

[Address] EAT @explorer.exe (GetThemeSysSize) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F320B)

[Address] EAT @explorer.exe (GetThemeSysString) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F2B3F)

[Address] EAT @explorer.exe (GetThemeTextExtent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C2D57)

[Address] EAT @explorer.exe (GetThemeTextMetrics) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CF992)

[Address] EAT @explorer.exe (GetThemeTransitionDuration) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D1081)

[Address] EAT @explorer.exe (GetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CDF46)

[Address] EAT @explorer.exe (HitTestThemeBackground) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D3CE3)

[Address] EAT @explorer.exe (IsAppThemed) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CF869)

[Address] EAT @explorer.exe (IsCompositionActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C2E9A)

[Address] EAT @explorer.exe (IsThemeActive) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CF785)

[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C60AB)

[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F312B)

[Address] EAT @explorer.exe (IsThemePartDefined) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C85B4)

[Address] EAT @explorer.exe (OpenThemeData) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747C73D2)

[Address] EAT @explorer.exe (OpenThemeDataEx) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747E3D43)

[Address] EAT @explorer.exe (SetThemeAppProperties) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F3296)

[Address] EAT @explorer.exe (SetWindowTheme) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747D0134)

[Address] EAT @explorer.exe (SetWindowThemeAttribute) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747DCFE6)

[Address] EAT @explorer.exe (ThemeInitApiHook) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747CB176)

[Address] EAT @explorer.exe (UpdatePanningFeedback) : SAMLIB.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x747F068D)

[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439CF9D)

[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E000)

[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E029)

[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E049)

[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD2A)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA9A)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EABD)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EAE0)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9D3)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9F6)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA1F)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA71)

[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EA48)

[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D845)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9AA)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9A2)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D868)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8DA)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC74)

[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9D3)

[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC05)

[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB87)

[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB5E)

[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9A2)

[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB32)

[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DBDC)

[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DBB3)

[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD2A)

[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D88E)

[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8DA)

[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8B7)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9C5)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB03)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DFB7)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DB06)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DA17)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9E5)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DADD)

[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DA71)

[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)

[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)

[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DCFE)

[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)

[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC48)

[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)

[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)

[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D91D)

[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E981)

[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC74)

[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC97)

[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB75)

[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7AA)

[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7D3)

[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E958)

[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)

[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E9AA)

[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D88E)

[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E981)

[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8FD)

[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)

[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DCC7)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D557)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D580)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D6BA)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D6E6)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D656)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D62D)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D52E)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D68B)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D4D9)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D4A1)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D466)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D42E)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D5D2)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D70C)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxÝ½cÚ¸Zø"ÿÿÿÿÄZtD}½cÚM) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D732)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D505)

[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DADD)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D781)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D758)

[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D5A9)

[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DC25)

[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)

[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DFB7)

[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)

[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E049)

[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D7FC)

[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D8DA)

[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DFDA)

[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D96C)

[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D88E)

[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D845)

[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D9A2)

[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB75)

[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D943)

[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D822)

[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D91D)

[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB03)

[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD50)

[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB26)

[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD50)

[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD73)

[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DDB8)

[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DF8D)

[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DE8C)

[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439EB52)

[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D02B)

[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E61D)

[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D0EC)

[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D2E0)

[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439D217)

[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E072)

[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439E1B4)

[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7439DD99)

[Address] EAT @explorer.exe (DllCanUnloadNow) : wpdshserviceobj.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x739B3418)

[Address] EAT @explorer.exe (DllGetClassObject) : wpdshserviceobj.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x739B34C5)

[Address] EAT @explorer.exe (DllRegisterServer) : wpdshserviceobj.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x739B33A5)

[Address] EAT @explorer.exe (DllUnregisterServer) : wpdshserviceobj.dll -> HOOKED (C:\Windows\system32\Syncreg.dll @ 0x739B3408)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++

--- User ---

[MBR] 877f8e10964c2bd20ec7de97167f3edf

[bSP] 0a3dbe199a98ed72a848fda2903dcfb4 : Acer MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 12288 MB

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25167872 | Size: 232324 MB

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 500967424 | Size: 228761 MB

3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 969469952 | Size: 3565 MB

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[0]_S_05262014_232817.txt >>

RKreport[0]_S_05202014_002629.txt

26 Maj, 2014

Utmärkt!

Några fler frågor innan jag skriver hur du ska avinstallera specialprogrammen?

27 Maj, 2014

Det verkar fortfarande fungera som det ska så det känns som du har lyckats att få bort skiten. Så jag har nog inga mer frågor. :-)

27 Maj, 2014

Nu återstår bara en sista städomgång:

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

2. Tryck Windows-tangenten + R
Kopiera och klistra in denna rad:
ComboFix /Uninstall

Observera att det är ett mellanrum före /
Klicka på OK.

3. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST m.fl. rensningsprogram kommer att avinstalleras efter en omstart av datorn. Om något sådant program är kvar efter det så fråga hur du ska ta bort det. Ta bort eventuella loggar.

4. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer.
http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc.

5. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

28 Maj, 2014

Nu har jag nog rensat allt. Tack än en gång för all hjälp!!

28 Maj, 2014

Bara trevligt att kunna hjälpa till

Logga in

Popup i IE.

Rekommendera Poster

charlesjj

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

charlesjj

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

charlesjj

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

charlesjj

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Arkiverat

Vem är online 0 Medlemmar, 0 anonym, 46 gäster (Visa hela listan)

Populära medlemmar

Publika meddelanden

Liknande Innehåll

Senaste som Tittar

Senaste inlägg

Forum

Aktivitet

pcforalla.se