Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.05.2014, 18:19   #1
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Unglücklich

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Liebes Forum und geschätze Helfer,
Ich habe seit einigen Tagen regelmäßig die Fehlermeldung 'Explorer kann nicht mehr ausgeführt werden und muss geschlossen werden' erhalten obwohl kein Explorerfenster offen war.

Danach habe ich immer mehr Probleme gehabt und daher das Malware S&D laufen lassen und die (es waren viele) Objekte entfernen lassen. Danach konnte ich nach dem Hochfahren garnichts mehr ausführen. Die Log files habe ich nun auch gefunden, wenn diese wichtig wären kann ich die auch noch hier reinkopieren.

Nach einem Start im abgesicherten Modus lief es wieder und ich habe mit meinem MS Security Essentials einen Komplettscan vorgenommen. Hier bei wurde der TrojanDropper:Win32/Lecpetex.B entdeckt und angeblich entfernt. Ich wollte eine Systemwiederherstellung durchführen, aber die Computer Sicherheit ist angeblich ausgeschaltet (keine Ahnung davon).

Ich hab wirklich extrem wenig Ahnung von der Materie und habe den Verdacht, dass ich noch immer nicht ganz CLEAN bin.

Da ich hier neu bin und alles richtig machen will, habe ich gleich die Defogger, Frst und GMER Programme durchgeführt und versuche diese auch entsprechend hier einzufügen, um euch ein Bild zu geben wie es hier aussieht. Musste sie alle Zippen.

Ich wäre unendlich froh, wenn ich zumindest sicher hier arbeiten kann.
Falls ihr der Meinung wärt, ich solle lieber mein Betriebssystem neu installieren muss ich mir erst nochmal eines kaufen, da ich den PC 'geerbt' habe und keine Version hier habe.

Ich hoffe ich kann noch was retten, schließlich bin ich eine Schrotterin!

Alt 18.05.2014, 18:21   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 18.05.2014, 18:36   #3
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Hallo Schrauber,
ich mache mich sofort an die Arbeit. Danke für den schnellen Hinweis!

1) Defogger:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:26 on 18/05/2014 (Jessi)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
2) FRST

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014
Ran by Jessi (administrator) on JESSI-PC on 18-05-2014 18:29:03
Running from C:\Users\Jessi\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Advanced Micro Devices Inc.) D:\Software\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(ATI Technologies Inc.) D:\Software\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) D:\Software\Firefox\firefox.exe
(Mozilla Corporation) D:\Software\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [AVG_TRAY] => "C:\Program Files\AVG\AVG2012\avgtray.exe"
HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656 2012-03-27] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => D:\Software\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Facebook Update] => "C:\Users\Jessi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Amazon Cloud Player] => C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.195.120.158:8080
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1377277000241&tguid=66920-6787-1377277000241-00EE90ABAC57ECA2DE985BDF5E0C4CF3&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1377277000241&tguid=66920-6787-1377277000241-00EE90ABAC57ECA2DE985BDF5E0C4CF3&st=chrome&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1377277000241&tguid=66920-6787-1377277000241-00EE90ABAC57ECA2DE985BDF5E0C4CF3&st=chrome&q=
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -  No File
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: TBSB01620 Class - {58124A0B-DC32-4180-9BFF-E0E21AE34026} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.185.97 83.169.185.33

FireFox:
========
FF ProfilePath: C:\Users\Jessi\AppData\Roaming\Mozilla\Firefox\C:\Users\Jessi\AppData\Roaming\Mozilla\Profiles\excbqpn8.Standard-Benutzer
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=1.1.11 - D:\Software\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - D:\Software\Adobe\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF StartMenuInternet: FIREFOX.EXE - D:\Software\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C
CHR RestoreOnStartup: "hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C"
CHR Extension: (Iminent) - C:\Users\Jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-04-04]
CHR HKLM\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files\Movie2KDownloader.com\Movie2KDownloader10.crx [2013-04-04]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2013-04-04]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2013-04-04]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx [2013-04-04]
CHR HKLM\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\Jessi\AppData\Local\Temp\ccex.crx [2013-04-04]

========================== Services (Whitelisted) =================

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S4 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [301248 2012-03-19] (AVG Technologies CZ, s.r.o.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 18:29 - 2014-05-18 18:29 - 00014001 _____ () C:\Users\Jessi\Desktop\FRST.txt
2014-05-18 18:28 - 2014-05-18 18:29 - 00000000 ____D () C:\FRST
2014-05-18 18:27 - 2014-05-18 18:27 - 01056768 _____ (Farbar) C:\Users\Jessi\Desktop\FRST.exe
2014-05-18 18:26 - 2014-05-18 18:26 - 00000472 _____ () C:\Users\Jessi\Desktop\defogger_disable.log
2014-05-18 18:26 - 2014-05-18 18:26 - 00000000 _____ () C:\Users\Jessi\defogger_reenable
2014-05-18 18:25 - 2014-05-18 18:25 - 00050477 _____ () C:\Users\Jessi\Desktop\Defogger.exe
2014-05-18 13:56 - 2014-05-18 18:02 - 00271751 _____ () C:\Users\Jessi\AppData\Local\census.cache
2014-05-18 13:56 - 2014-05-18 18:02 - 00158115 _____ () C:\Users\Jessi\AppData\Local\ars.cache
2014-05-18 13:28 - 2014-05-18 13:28 - 00000036 _____ () C:\Users\Jessi\AppData\Local\housecall.guid.cache
2014-05-18 13:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 13:00 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-18 13:00 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-18 13:00 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-18 12:59 - 2014-05-18 13:00 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-15 06:12 - 2014-05-07 02:26 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 06:12 - 2014-05-07 02:26 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 06:12 - 2014-05-07 00:58 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:43 - 2014-05-14 22:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:36 - 2014-05-14 22:36 - 00000442 _____ () C:\Windows\wininit.ini
2014-05-14 18:32 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

==================== One Month Modified Files and Folders =======

2014-05-18 18:29 - 2014-05-18 18:29 - 00014001 _____ () C:\Users\Jessi\Desktop\FRST.txt
2014-05-18 18:29 - 2014-05-18 18:28 - 00000000 ____D () C:\FRST
2014-05-18 18:27 - 2014-05-18 18:27 - 01056768 _____ (Farbar) C:\Users\Jessi\Desktop\FRST.exe
2014-05-18 18:27 - 2012-04-07 15:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-18 18:26 - 2014-05-18 18:26 - 00000472 _____ () C:\Users\Jessi\Desktop\defogger_disable.log
2014-05-18 18:26 - 2014-05-18 18:26 - 00000000 _____ () C:\Users\Jessi\defogger_reenable
2014-05-18 18:26 - 2011-10-15 13:47 - 00000000 ____D () C:\Users\Jessi
2014-05-18 18:25 - 2014-05-18 18:25 - 00050477 _____ () C:\Users\Jessi\Desktop\Defogger.exe
2014-05-18 18:02 - 2014-05-18 13:56 - 00271751 _____ () C:\Users\Jessi\AppData\Local\census.cache
2014-05-18 18:02 - 2014-05-18 13:56 - 00158115 _____ () C:\Users\Jessi\AppData\Local\ars.cache
2014-05-18 17:23 - 2006-11-02 12:33 - 01567294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 17:21 - 2006-11-02 14:52 - 01820133 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 17:16 - 2013-09-23 18:38 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-18 17:16 - 2011-12-21 18:48 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-05-18 17:16 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 17:16 - 2006-11-02 14:47 - 00005328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-18 17:16 - 2006-11-02 14:47 - 00005328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-18 17:15 - 2011-10-20 06:39 - 00395338 _____ () C:\Windows\PFRO.log
2014-05-18 17:15 - 2006-11-02 15:01 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 15:34 - 2011-12-22 19:24 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-46167276-2374577593-1786467520-1000UA.job
2014-05-18 14:28 - 2013-09-25 18:37 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-18 13:28 - 2014-05-18 13:28 - 00000036 _____ () C:\Users\Jessi\AppData\Local\housecall.guid.cache
2014-05-18 13:14 - 2012-08-01 20:29 - 00000000 ____D () C:\Users\Jessi\AppData\Roaming\Dropbox
2014-05-18 13:01 - 2014-02-24 22:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 13:00 - 2014-05-18 12:59 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-18 13:00 - 2013-07-03 18:33 - 00000000 ____D () C:\Program Files\Java
2014-05-17 09:33 - 2012-02-22 19:20 - 00001356 _____ () C:\Users\Jessi\AppData\Local\d3d9caps.dat
2014-05-16 18:34 - 2011-12-22 19:24 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-46167276-2374577593-1786467520-1000Core.job
2014-05-15 06:15 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-14 22:45 - 2011-10-26 21:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:43 - 2014-05-14 22:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:43 - 2013-08-14 07:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:41 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-14 22:36 - 2014-05-14 22:36 - 00000442 _____ () C:\Windows\wininit.ini
2014-05-14 22:05 - 2013-09-23 18:38 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-05-14 19:28 - 2012-04-07 15:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 19:28 - 2011-10-15 18:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-08 21:00 - 2011-12-27 16:29 - 00098816 _____ () C:\Users\Jessi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-07 02:26 - 2014-05-15 06:12 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-07 02:26 - 2014-05-15 06:12 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-07 00:58 - 2014-05-15 06:12 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 00:30 - 2013-09-23 18:38 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

Some content of TEMP:
====================
C:\Users\Jessi\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Jessi\AppData\Local\Temp\libcurl-4.dll
C:\Users\Jessi\AppData\Local\Temp\pthreadGC2.dll
C:\Users\Jessi\AppData\Local\Temp\zlib1.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-18 17:22

==================== End Of Log ============================
         
--- --- ---

--- --- ---


und

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-05-2014
Ran by Jessi at 2014-05-18 18:29:30
Running from C:\Users\Jessi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-PDF Maker Version 1.4.1 (Build 128) (HKLM\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.4.1 (Build 128) - 7-PDF, Germany - Thorsten Hodes)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AVG 2012 (Version: 12.0.2180 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2437 - AVG Technologies) Hidden
CameraHelperMsi (Version: 13.31.1038.0 - Logitech) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
Chaos auf Deponia (HKLM\...\Deponia 2) (Version: 1.0 - Daedalic Entertainment)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.6.0.2 (HKCU\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS Facebook (Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (Version: 13.31.1038.0 - Logitech) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Picture It!-Bibliothek 10 (Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 22.0 (x86 de) (HKLM\...\Mozilla Firefox 22.0 (x86 de)) (Version: 22.0 - Mozilla)
Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
NAVIGON Fresh 3.4.1 (HKLM\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
Pazera Free MOV to AVI Converter 1.4 (HKLM\...\{770103E9-E1C3-48C9-812B-2982C7070575}_is1) (Version: 1.4 - Jacek Pazera)
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Sam and Max Save The World (HKLM\...\Sam and Max Save The World) (Version: 2.0.0.0 - Daedalic Entertainment)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (Version:  - Microsoft) Hidden
Simon the Sorcerer - Chaos ist das halbe Leben (HKLM\...\{F26F0A2B-4CA4-4B79-B6E8-F0001CEAC5DC}) (Version: 1.00.0000 - Silver Style Entertainment)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12979 - TeamViewer)
The Witcher Enhanced Edition (HKLM\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.4.5.1280 - CD Projekt Red)
Tinypic 3.17a (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.17a - E. Fiedler)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
VirtualDJ Home FREE (HKLM\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0BAC0BC7-31DA-4AE7-96DC-B9F940DFF1EF} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {0EC3E630-E52F-44E0-9483-F773FF777466} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {0F235A96-9DEC-4A4D-A39E-62A9B90E9C6B} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3CCBFDE4-5783-4753-9C01-84DA39F9336D} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {49235857-5ACF-42FF-93E3-63D2B93EA6F7} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe
Task: {6F74C762-1DEE-4B15-890A-12E5C3F4B4D2} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {73E9837D-B15B-464A-A48A-DDAB8ECE6CC8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-46167276-2374577593-1786467520-1000UA => C:\Users\Jessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {8E9E9060-A576-459E-B7E7-A418A5582912} - System32\Tasks\Microsoft\Windows\RestartManager\{4CD50E6F-6222-44d7-B45A-79B1CB8B97BF} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {931661C2-DDD8-4086-A05F-BCF291C0BBD0} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A34F5375-C7EB-46AF-968B-BFEF720384CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {B270DEB8-C11F-4F26-BD4B-D3D0CC4B3C12} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {B3427CB9-D0B8-4F9A-B95E-3419BF470D4C} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {BC69538A-8CCB-4C03-BDCD-00B18CE7DCB4} - System32\Tasks\{85D75ABC-F653-4EFA-B7F9-DBB19B7964BC} => C:\Program Files\Skype\Phone\Skype.exe
Task: {C8CC8303-7261-4DA4-BD5B-AF2C4367F748} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2011-10-16] ()
Task: {E5516954-8EC8-453D-9E56-60C43A34EA94} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-46167276-2374577593-1786467520-1000Core => C:\Users\Jessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F7727C44-EFC5-41B9-95B9-0B0087DD612B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-46167276-2374577593-1786467520-1000Core.job => C:\Users\Jessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-46167276-2374577593-1786467520-1000UA.job => C:\Users\Jessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2012-11-29 23:59 - 2012-11-29 23:59 - 00093696 _____ () D:\Software\Filezilla\FileZilla FTP Client\fzshellext.dll
2011-10-16 22:32 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-09-23 18:38 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-23 18:38 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-04 23:15 - 2010-04-26 19:03 - 00200192 _____ () D:\Software\7-PDF Maker\7p.dll
2011-09-08 18:51 - 2012-11-16 21:37 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 02145304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 07956504 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00342552 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00029208 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00128536 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2011-11-11 15:07 - 2011-11-11 15:07 - 00265240 _____ () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-11-11 15:09 - 2011-11-11 15:09 - 00336408 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-03-14 16:40 - 2014-03-07 22:39 - 03168576 _____ () C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-09-23 18:38 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-23 18:38 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-23 18:38 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-08-12 13:19 - 2011-08-12 13:19 - 00680984 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () D:\Software\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-11 20:57 - 2014-05-11 20:57 - 03839088 _____ () D:\Software\Firefox\mozjs.dll
2014-05-14 19:28 - 2014-05-14 19:28 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:srv

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/18/2014 05:04:27 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x80070422).

Error: (05/18/2014 05:00:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Hr = 0x80070422).

Error: (05/18/2014 01:10:23 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x80070422).

Error: (05/18/2014 00:59:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed Java 7 Update 55; Hr = 0x80070422).

Error: (05/18/2014 00:59:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed Java 7 Update 55; Hr = 0x80070422).

Error: (05/18/2014 00:50:45 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/18/2014 11:55:21 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/17/2014 09:53:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x80070422).

Error: (05/17/2014 09:19:09 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/17/2014 02:30:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 7b8
Anfangszeit: 01cf71671c8867b2
Zeitpunkt der Beendigung: 0


System errors:
=============
Error: (05/18/2014 02:27:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053

Error: (05/18/2014 02:27:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search

Error: (05/18/2014 02:27:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/18/2014 00:51:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (05/18/2014 00:51:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (05/18/2014 00:51:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (05/18/2014 00:51:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (05/18/2014 00:51:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: AFD
Avgtdix
DfsC
MpFilter
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6

Error: (05/18/2014 00:51:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (05/18/2014 00:51:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NLA (Network Location Awareness)Netzwerkspeicher-Schnittstellendienst%%1068


Microsoft Office Sessions:
=========================
Error: (05/18/2014 05:04:27 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (05/18/2014 05:00:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422

Error: (05/18/2014 01:10:23 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (05/18/2014 00:59:33 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VInstalled Java 7 Update 550x80070422

Error: (05/18/2014 00:59:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VInstalled Java 7 Update 550x80070422

Error: (05/18/2014 00:50:45 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/18/2014 11:55:21 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/17/2014 09:53:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422

Error: (05/17/2014 09:19:09 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (05/17/2014 02:30:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.0.6002.180057b801cf71671c8867b20


CodeIntegrity Errors:
===================================
  Date: 2014-05-18 18:29:09.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 18:29:09.686
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 18:29:09.442
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 18:29:09.194
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 17:36:42.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 17:36:41.787
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 17:36:41.521
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 17:36:41.257
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 13:30:09.626
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-18 13:30:09.328
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 3069.77 MB
Available physical RAM: 1524.79 MB
Total Pagefile: 10471.8 MB
Available Pagefile: 8618.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:40 GB) (Free:1.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:891.51 GB) (Free:329.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: F81CD813)
Partition 1: (Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=892 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
4) Desweiteren noch GMER Teil 1:

Code:
ATTFilter
IAT  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3016] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [sqmapi.dll!SqmAddToStreamDWord]                                              [6D3D97AD] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!SetFileAttributesA]                                                                         [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!MoveFileExW]                                                                                [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!MoveFileW]                                                                                  [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!GetProcAddress]                                                                             [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!GetFileAttributesA]                                                                         [6C55638D] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!GetFileAttributesW]                                                                         [6C556488] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!DeleteFileA]                                                                                [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!DeleteFileW]                                                                                [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!CreateProcessW]                                                                             [6C55689C] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!CreateFileA]                                                                                [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!CreateFileW]                                                                                [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [kernel32.dll!CopyFileW]                                                                                  [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [advapi32.dll!RegSetValueExW]                                                                             [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [advapi32.dll!RegOpenKeyExW]                                                                              [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [advapi32.dll!RegOpenKeyExW]                                                                                [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!GetProcAddress]                                                                               [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!MoveFileW]                                                                                    [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!DeleteFileW]                                                                                  [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!CreateFileW]                                                                                  [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!SetFileAttributesW]                                                                           [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!MoveFileW]                                                                                    [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!GetProcAddress]                                                                               [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!GetFileAttributesExW]                                                                         [6C556686] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!GetFileAttributesW]                                                                           [6C556488] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!DeleteFileW]                                                                                  [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!CreateFileW]                                                                                  [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [kernel32.dll!CopyFileW]                                                                                    [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [advapi32.dll!RegSetValueExW]                                                                               [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [advapi32.dll!RegOpenKeyExW]                                                                                [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [advapi32.dll!RegDeleteValueW]                                                                              [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl [advapi32.dll!RegCreateKeyExW]                                                                              [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [KERNEL32.dll!_lwrite]                                                                                                             [6C55FA41] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [KERNEL32.dll!CreateFileA]                                                                                                         [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [ADVAPI32.dll!RegSetValueW]                                                                                                        [6C560623] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [ADVAPI32.dll!RegCreateKeyA]                                                                                                       [6C55FF50] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                      [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [ADVAPI32.dll!RegCreateKeyW]                                                                                                       [6C560068] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleaut32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
         
__________________

Alt 18.05.2014, 18:39   #4
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Gmer Teil 2:

Code:
ATTFilter
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateProcessW]                                                                                                         [6C55689C] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW]                                                                                                            [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW]                                                                                                   [6C556686] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW]                                                                                                            [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW]                                                                                                     [6C556488] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!AccessCheck]                                                                                                            [6C55F40A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW]                                                                                                           [6C560623] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                        [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                          [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                         [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                        [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                          [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA]                                                                                                    [6C55638D] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA]                                                                                                    [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA]                                                                                                           [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW]                                                                                                    [6C556488] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                    [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW]                                                                                                           [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW]                                                                                                             [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA]                                                                                                             [6C55F68A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA]                                                                                                        [6C55678A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW]                                                                                                        [6C55689C] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA]                                                                                                           [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW]                                                                                                              [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW]                                                                                                            [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW]                                                                                                            [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW]                                                                                                             [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW]                                                                                                             [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW]                                                                                                           [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                       [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                        [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!OpenFile]                                                                                                            [6C55F854] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CopyFileW]                                                                                                           [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!DeleteFileW]                                                                                                         [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!MoveFileW]                                                                                                           [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                       [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                        [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\RPCRT4.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!_lopen]                                                                                                               [6C55F8FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!_lwrite]                                                                                                              [6C55FA41] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!_lcreat]                                                                                                              [6C55F9A0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!DeleteFileA]                                                                                                          [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!MoveFileW]                                                                                                            [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\version.dll [KERNEL32.dll!DeleteFileW]                                                                                                          [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mpr.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                          [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mpr.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                          [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mpr.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                           [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mpr.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                            [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mpr.dll [KERNEL32.dll!GetProcAddress]                                                                                                           [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!CopyFileW]                                                                                                           [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!SetFileAttributesW]                                                                                                  [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!CreateFileA]                                                                                                         [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!DeleteFileA]                                                                                                         [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!SetFileAttributesA]                                                                                                  [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [KERNEL32.dll!CopyFileA]                                                                                                           [6C55F46E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMAGEHLP.DLL [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW]                                                                                                            [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW]                                                                                                            [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW]                                                                                                          [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                   [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW]                                                                                                          [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                      [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW]                                                                                                         [6C560623] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!AccessCheck]                                                                                                          [6C55F40A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW]                                                                                                        [6C560068] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!SetFileSecurityW]                                                                                                     [6C5609C4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW]                                                                                                          [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                   [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA]                                                                                                   [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA]                                                                                                          [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                       [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                      [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueA]                                                                                                      [6C560827] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                      [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                       [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                        [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WS2_32.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                        [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NSI.dll [KERNEL32.dll!CreateFileW]                                                                                                              [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleacc.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleacc.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                        [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleacc.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleacc.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                       [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oleacc.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                       [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [kernel32.dll!GetProcAddress]                                                                               [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [advapi32.dll!RegOpenKeyExW]                                                                                [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [advapi32.dll!CreateServiceW]                                                                               [6C5518C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [ADVAPI32.dll!RegOpenKeyExA]            [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [ADVAPI32.dll!RegCreateKeyExW]          [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [ADVAPI32.dll!RegSetValueExW]           [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [ADVAPI32.dll!RegOpenKeyExW]            [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [ADVAPI32.dll!RegCreateKeyW]            [6C560068] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [KERNEL32.dll!GetProcAddress]           [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [KERNEL32.dll!CreateFileW]              [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [KERNEL32.dll!CreateFileA]              [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!DeleteFileW]                                                                                                         [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!MoveFileExW]                                                                                                         [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!CopyFileW]                                                                                                           [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [KERNEL32.dll!SetFileAttributesW]                                                                                                  [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [ADVAPI32.dll!RegCreateKeyExW]                                                                                                     [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [ADVAPI32.dll!RegDeleteValueW]                                                                                                     [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winspool.drv [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!DeleteFileW]                                                                                                         [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\comdlg32.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\comdlg32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\comdlg32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\comdlg32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oledlg.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oledlg.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\oledlg.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [kernel32.dll!GetProcAddress]                                                                           [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [kernel32.dll!CreateFileW]                                                                              [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [advapi32.dll!SetFileSecurityA]                                                                         [6C560969] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [advapi32.dll!SetFileSecurityW]                                                                         [6C5609C4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [advapi32.dll!RegSetValueExA]                                                                           [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [advapi32.dll!RegOpenKeyExA]                                                                            [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [advapi32.dll!RegOpenKeyExW]                                                                            [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlBase150.bpl [advapi32.dll!RegCreateKeyExW]                                                                          [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl [kernel32.dll!CreateFileW]                                                                        [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [user32.dll!ExitWindowsEx]                                                                                  [6C554B8D] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!SetFileAttributesW]                                                                           [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!MoveFileExW]                                                                                  [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!GetProcAddress]                                                                               [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!GetFileAttributesExW]                                                                         [6C556686] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!GetFileAttributesW]                                                                           [6C556488] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!DeleteFileW]                                                                                  [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!CreateProcessW]                                                                               [6C55689C] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!CreateFileW]                                                                                  [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [kernel32.dll!CopyFileW]                                                                                    [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegSetValueExA]                                                                               [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegSetValueExW]                                                                               [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegSetValueW]                                                                                 [6C560623] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegOpenKeyExA]                                                                                [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegOpenKeyExW]                                                                                [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegDeleteValueW]                                                                              [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!RegCreateKeyExW]                                                                              [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [advapi32.dll!CreateServiceW]                                                                               [6C5518C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [KERNEL32.dll!MoveFileW]                                                                                                              [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [KERNEL32.dll!CreateFileW]                                                                                                            [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [KERNEL32.dll!_lwrite]                                                                                                                [6C55FA41] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [KERNEL32.dll!DeleteFileW]                                                                                                            [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                         [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                          [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\winmm.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                        [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                      [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                      [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                       [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [KERNEL32.dll!DeleteFileW]                                                                                                          [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                   [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\crypt32.dll [KERNEL32.dll!CreateFileA]                                                                                                          [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSASN1.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!PrivCopyFileExW]                                                                                                      [6C55FABA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!MoveFileExW]                                                                                                          [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!DeleteFileW]                                                                                                          [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                   [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!SetFileSecurityW]                                                                                                     [6C5609C4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USERENV.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\Secur32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl [kernel32.dll!DeleteFileW]                                                                       [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl [kernel32.dll!CreateFileW]                                                                       [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl [kernel32.dll!CopyFileW]                                                                         [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iphlpapi.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [KERNEL32.dll!MoveFileExW]                                                                                                         [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [ADVAPI32.dll!AccessCheck]                                                                                                         [6C55F40A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [ADVAPI32.dll!RegDeleteValueW]                                                                                                     [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [ADVAPI32.dll!RegCreateKeyExW]                                                                                                     [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc.DLL [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\DNSAPI.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                       [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\DNSAPI.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                        [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\DNSAPI.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\DNSAPI.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!MoveFileExW]                                                                                                        [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [KERNEL32.dll!GetProcAddress]                                                                                                     [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [ADVAPI32.dll!RegCreateKeyExW]                                                                                                    [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [ADVAPI32.dll!AccessCheck]                                                                                                        [6C55F40A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [ADVAPI32.dll!RegSetValueExW]                                                                                                     [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [ADVAPI32.dll!RegOpenKeyExW]                                                                                                      [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dhcpcsvc6.DLL [ADVAPI32.dll!RegDeleteValueW]                                                                                                    [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                      [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegDeleteValueA]                                                                                                      [6C560827] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                      [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                       [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
         

Alt 18.05.2014, 18:40   #5
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Und GMER Teil 3:

Code:
ATTFilter
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CopyFileA]                                                                                                            [6C55F46E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetFileAttributesA]                                                                                                   [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!MoveFileExA]                                                                                                          [6C55F774] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!MoveFileA]                                                                                                            [6C55F68A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!DeleteFileW]                                                                                                          [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!DeleteFileA]                                                                                                          [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!CreateFileA]                                                                                                          [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                   [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                  [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                     [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                     [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\iertutil.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cabinet.dll [KERNEL32.dll!DeleteFileA]                                                                                                          [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cabinet.dll [KERNEL32.dll!SetFileAttributesA]                                                                                                   [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cabinet.dll [KERNEL32.dll!CreateFileA]                                                                                                          [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\UxTheme.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\UxTheme.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                      [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\UxTheme.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\UxTheme.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\UxTheme.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!SetFileSecurityW]                                                                                                    [6C5609C4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                     [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [ADVAPI32.dll!AccessCheck]                                                                                                         [6C55F40A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!MoveFileExW]                                                                                                         [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegCreateKeyA]                                                                                                        [6C55FF50] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegDeleteValueA]                                                                                                      [6C560827] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                      [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegCreateKeyW]                                                                                                        [6C560068] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSACM32.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                       [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\sfc.dll [KERNEL32.dll!GetProcAddress]                                                                                                           [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\sfc_os.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                     [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [ADVAPI32.dll!SetFileSecurityW]                                                                                                    [6C5609C4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                     [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!PrivCopyFileExW]                                                                                                     [6C55FABA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!CreateFileA]                                                                                                         [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!DeleteFileW]                                                                                                         [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                  [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!MoveFileW]                                                                                                           [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!MoveFileExW]                                                                                                         [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SETUPAPI.dll [KERNEL32.dll!CopyFileW]                                                                                                           [6C55F4C6] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dwmapi.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dwmapi.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                       [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dwmapi.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\dwmapi.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                        [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                        [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegCreateKeyA]                                                                                                         [6C55FF50] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                       [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                        [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                       [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegDeleteValueA]                                                                                                       [6C560827] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                       [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!DeleteFileW]                                                                                                           [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!CopyFileA]                                                                                                             [6C55F46E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!DeleteFileA]                                                                                                           [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!CreateFileA]                                                                                                           [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!SetFileAttributesA]                                                                                                    [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\urlmon.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!OpenFile]                                                                                                               [6C55F854] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMM32.DLL [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMM32.DLL [ADVAPI32.dll!RegSetValueExW]                                                                                                         [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\IMM32.DLL [ADVAPI32.dll!RegCreateKeyW]                                                                                                          [6C560068] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSCTF.dll [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSCTF.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                          [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSCTF.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                        [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSCTF.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                         [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\MSCTF.dll [ADVAPI32.dll!RegDeleteValueW]                                                                                                        [6C5608C9] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USP10.dll [KERNEL32.dll!CreateFileA]                                                                                                            [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USP10.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                          [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\USP10.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                          [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [ADVAPI32.dll!RegCreateKeyW]             [6C560068] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [ADVAPI32.dll!RegOpenKeyExW]             [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [ADVAPI32.dll!RegSetValueExW]            [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [ADVAPI32.dll!RegCreateKeyExW]           [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [KERNEL32.dll!GetProcAddress]            [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [KERNEL32.dll!CreateFileW]               [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\jsproxy.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\jsproxy.dll [KERNEL32.dll!CreateFileA]                                                                                                          [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\jsproxy.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                      [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                     [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                      [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                  [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\wintrust.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll [kernel32.dll!GetProcAddress]                                                                            [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\SDLicense.dll [advapi32.dll!RegOpenKeyExA]                                                                             [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!MoveFileExW]                                                                                                           [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!DeleteFileW]                                                                                                           [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                       [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                        [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\rsaenh.dll [ADVAPI32.dll!RegDeleteValueA]                                                                                                       [6C560827] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!CreateFileW]                                                                                                           [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!MoveFileExW]                                                                                                           [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ncrypt.dll [KERNEL32.dll!DeleteFileW]                                                                                                           [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ncrypt.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\ncrypt.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\BCRYPT.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NTMARTA.DLL [KERNEL32.dll!CreateFileW]                                                                                                          [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NTMARTA.DLL [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NTMARTA.DLL [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\NTMARTA.DLL [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WLDAP32.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\WLDAP32.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                         [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegCreateKeyExA]                                                                                                       [6C5600FA] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                        [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SAMLIB.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                         [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\SAMLIB.dll [KERNEL32.dll!GetProcAddress]                                                                                                        [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!GetProcAddress]                                                                                                         [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!CreateFileW]                                                                                                            [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!MoveFileExW]                                                                                                            [6C55F7E4] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GPAPI.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                     [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GPAPI.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                         [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\GPAPI.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                          [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\slc.dll [KERNEL32.dll!GetProcAddress]                                                                                                           [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\slc.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                            [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\slc.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                           [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\slc.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                          [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cryptnet.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                       [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cryptnet.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                       [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!CreateFileW]                                                                                                         [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!GetProcAddress]                                                                                                      [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!DeleteFileW]                                                                                                         [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\cryptnet.dll [KERNEL32.dll!SetFileAttributesW]                                                                                                  [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Program Files\Spybot - Search & Destroy 2\LIBEAY32.dll [KERNEL32.dll!GetProcAddress]                                                                             [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!GetProcAddress]                            [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!SetFileAttributesA]                        [6C55FB1E] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!MoveFileA]                                 [6C55F68A] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!DeleteFileA]                               [6C55F5E0] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!SetFileAttributesW]                        [6C55FB76] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!MoveFileW]                                 [6C55F6FF] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!DeleteFileW]                               [6C55F635] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!CreateFileA]                               [6C560E45] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll [KERNEL32.dll!CreateFileW]                               [6C560F61] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mswsock.dll [KERNEL32.dll!GetProcAddress]                                                                                                       [6CB14618] C:\Windows\system32\ShimEng.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mswsock.dll [ADVAPI32.dll!RegSetValueExA]                                                                                                       [6C5606CB] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mswsock.dll [ADVAPI32.dll!RegCreateKeyExW]                                                                                                      [6C560209] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mswsock.dll [ADVAPI32.dll!RegSetValueExW]                                                                                                       [6C560777] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mswsock.dll [ADVAPI32.dll!RegOpenKeyExA]                                                                                                        [6C560311] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe[3160] @ C:\Windows\system32\mswsock.dll [ADVAPI32.dll!RegOpenKeyExW]                                                                                                        [6C5603E5] C:\Windows\AppPatch\AcGenral.DLL
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!InitializeFlatSB]                                                                             [7441D0CF] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!FlatSB_SetScrollProp]                                                                         [74393386] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!FlatSB_SetScrollPos]                                                                          [743933A1] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!FlatSB_SetScrollInfo]                                                                         [743933C3] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!FlatSB_GetScrollPos]                                                                          [7441D0DA] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!FlatSB_GetScrollInfo]                                                                         [74393390] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!_TrackMouseEvent]                                                                             [7439D412] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_GetImageInfo]                                                                       [7442D007] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_SetIconSize]                                                                        [7442CFA8] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_GetIconSize]                                                                        [74373A6D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Write]                                                                              [7442CDBA] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Read]                                                                               [74351F9D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_GetDragImage]                                                                       [7442C9EF] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_DragShowNolock]                                                                     [7442CB95] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_DragMove]                                                                           [7442CB24] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_DragLeave]                                                                          [7442CB5E] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_DragEnter]                                                                          [7442CAE7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_EndDrag]                                                                            [7442B8C7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_BeginDrag]                                                                          [7442CA55] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Copy]                                                                               [7442CF40] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_LoadImageW]                                                                         [7436E138] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_GetIcon]                                                                            [74368EFF] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Remove]                                                                             [7438A451] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_DrawEx]                                                                             [7436486C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Replace]                                                                            [7442CED8] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Draw]                                                                               [743E6B72] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_SetOverlayImage]                                                                    [7442CE79] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_GetBkColor]                                                                         [7438217F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_SetBkColor]                                                                         [743EE7C8] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_ReplaceIcon]                                                                        [7438C95F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Add]                                                                                [743E092D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_SetImageCount]                                                                      [74392AA7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_GetImageCount]                                                                      [74357E57] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Destroy]                                                                            [74381FE7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!ImageList_Create]                                                                             [743729CC] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl [comctl32.dll!InitCommonControls]                                                                           [74373299] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!InitCommonControlsEx]                                                                                                [743712B0] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!PropertySheetW]                                                                                                      [7442881C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!CreatePropertySheetPageW]                                                                                            [744231F5] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!CreateToolbarEx]                                                                                                     [7442A244] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_Destroy]                                                                                                   [74381FE7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_Draw]                                                                                                      [743E6B72] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Windows\system32\comdlg32.dll [COMCTL32.dll!ImageList_GetIconSize]                                                                                               [74373A6D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [comctl32.dll!ImageList_Merge]                                                                              [7442D069] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [comctl32.dll!ImageList_GetIcon]                                                                            [74368EFF] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [comctl32.dll!ImageList_ReplaceIcon]                                                                        [7438C95F] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [comctl32.dll!ImageList_Destroy]                                                                            [74381FE7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [comctl32.dll!ImageList_Create]                                                                             [743729CC] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe[3484] @ C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl [comctl32.dll!PropertySheetW]                                                                               [7442881C] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_Replace]                                                                                                               [7264D0E4] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_SetImageCount]                                                                                                         [726A6E73] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!CreatePropertySheetPageW]                                                                                                        [726631DE] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!PropertySheetW]                                                                                                                  [7266830B] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!DestroyPropertySheetPage]                                                                                                        [72662C99] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_Remove]                                                                                                                [726A6EFF] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_SetOverlayImage]                                                                                                       [72647F8D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_Add]                                                                                                                   [726A6EB8] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_AddMasked]                                                                                                             [7264C6B7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_GetImageCount]                                                                                                         [72648037] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_Draw]                                                                                                                  [726504F7] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!_TrackMouseEvent]                                                                                                                [72675AAE] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_LoadImageW]                                                                                                            [72654E4A] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_GetIconSize]                                                                                                           [72647F45] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!InitCommonControlsEx]                                                                                                            [72647010] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_Destroy]                                                                                                               [726478A6] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_Create]                                                                                                                [7264CB8E] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_ReplaceIcon]                                                                                                           [72647FD5] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!CreateStatusWindowW]                                                                                                             [72668601] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\wmp.dll [COMCTL32.dll!ImageList_DrawIndirect]                                                                                                          [7264916D] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll
IAT  C:\Program Files\Windows Media Player\wmpnetwk.exe[3616] @ C:\Windows\system32\MSVFW32.dll [COMCTL32.dll!CreateToolbarEx]                                                                                                             [7266A0BC] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\COMCTL32.dll

---- EOF - GMER 2.1 ----
         


Alt 19.05.2014, 11:51   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?

Alt 19.05.2014, 17:18   #7
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Ich habe mein bestes gegeben, allerdings habe ich wohl nicht alle Security essentials ausschalten können (ging einfach nicht).

Hier ist der Combofix Log:
Code:
ATTFilter
ComboFix 14-05-19.01 - Jessi 19.05.2014  18:01:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3070.1544 [GMT 2:00]
ausgeführt von:: c:\users\Jessi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jessi\AppData\Roaming\Microsoft\Windows\Recent\crimsoncow.url
c:\windows\system32\tmp14A9.tmp
c:\windows\system32\tmp14C9.tmp
c:\windows\system32\tmp9C60.tmp
c:\windows\system32\tmp9FA8.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-19 bis 2014-05-19  ))))))))))))))))))))))))))))))
.
.
2014-05-19 16:09 . 2014-05-19 16:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-19 15:50 . 2014-05-19 15:50	39464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E4D8F491-3C2D-49ED-96A6-8373DA406257}\MpKsl9496f287.sys
2014-05-18 19:31 . 2014-04-16 09:25	8050496	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E4D8F491-3C2D-49ED-96A6-8373DA406257}\mpengine.dll
2014-05-18 16:41 . 2014-04-16 09:25	8050496	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-18 16:28 . 2014-05-18 16:29	--------	d-----w-	C:\FRST
2014-05-18 11:00 . 2014-04-14 18:13	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2014-05-17 07:54 . 2014-05-05 12:21	765968	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AE21C5ED-0118-4D8A-AFF3-39A8B4AEB10E}\gapaengine.dll
2014-05-15 04:12 . 2014-05-06 22:58	1383424	----a-w-	c:\windows\system32\mshtml.tlb
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 17:28 . 2012-04-07 13:19	692400	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-05-14 17:28 . 2011-10-15 16:51	70832	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-05 12:21 . 2012-07-04 05:04	765968	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-15 00:34 . 2014-04-15 00:34	1070232	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2014-03-11 07:52 . 2012-03-20 18:44	104264	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-27 17:24 . 2014-04-17 18:18	834048	----a-w-	c:\windows\system32\wininet.dll
2014-02-27 17:23 . 2014-04-17 18:18	53760	----a-w-	c:\windows\apppatch\iebrshim.dll
2014-02-27 17:23 . 2014-04-17 18:18	19456	----a-w-	c:\windows\system32\corpol.dll
2014-02-27 16:01 . 2014-04-17 18:18	389632	----a-w-	c:\windows\system32\html.iec
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-10-30 . 040D79A1F84A25909256C3F4BBAFDC6C . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"="1" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Amazon Cloud Player"="c:\users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-03-07 3168576]
"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2013-05-16 3642312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-03-27 10967656]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"StartCCC"="d:\software\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MPKSL9496F287
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 17:28]
.
2014-05-19 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-23 08:58]
.
2014-02-19 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-23 08:57]
.
2014-04-30 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-09-23 08:58]
.
.
------- Zusätzlicher Suchlauf -------
.
uDefault_Search_URL = about:blank
mStart Page = about:newtab
mSearch Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1377277000241&tguid=66920-6787-1377277000241-00EE90ABAC57ECA2DE985BDF5E0C4CF3&st=chrome&q=
uInternet Settings,ProxyServer = 10.195.120.158:8080
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 83.169.185.97 83.169.185.33
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{58124A0B-DC32-4180-9BFF-E0E21AE34026} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
HKLM-Run-AVG_TRAY - c:\program files\AVG\AVG2012\avgtray.exe
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-05-19 18:09
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-19  18:12:20
ComboFix-quarantined-files.txt  2014-05-19 16:12
.
Vor Suchlauf: 1,911,877,632 Bytes frei
Nach Suchlauf: 2,044,768,256 Bytes frei
.
- - End Of File - - 6BBC1CC89A7DE8D0F9DEBF4A7D0F3384
5C616939100B85E558DA92B899A0FC36
         
Nun habe ich ein Internetexplorersymbol auf dem Desktop und nicht alle Autostartprogramme werden mehr angezeigt...darf ich einen Neustart machen?

Danke
__________________
ICH HABS KOMMEN SEHEN

Alt 20.05.2014, 11:45   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Ja starte mal neu.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.05.2014, 12:25   #9
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Das muss ich die nächsten Tage machen.
Gibt es hier eine Anleitung für Dumpfbacken wie mich, wie ich die Firewall und die Security Essentials ausschalten kann? Ich finde die Option nicht. Und muss ich auch Spyware S&D seperat noch abschalten?

Danke
__________________
ICH HABS KOMMEN SEHEN

Alt 21.05.2014, 07:50   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Rechtsklick auf das icon in der Taskleiste, dann solltest du was im Kontextmenü finden.
Firewall kannste anlassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.05.2014, 18:00   #11
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Moin Schrauber,
alles wie empfohlen durchgeführt.
Allerdings macht mir sorgen, dass bei eine Abschaltung der Windowssicherheitssoftware hinterher immer die entsprechenden Symbole aus dem Autostartmenü verschwinden. Naja es ist angegeben, dass alles aktuell ist, allerdings flackert die Anzeige Im Windows Sicherheitscenter in der Rubrik Schutz vor Spyware,...das sieht verdächtig komisch aus, das aber nur nebenbei. Nun folgen die Logs:

1) Malwarebytes:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 21.05.2014
Suchlauf-Zeit: 18:17:24
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.03.04.09
Rootkit Datenbank: v2014.02.20.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Jessi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 221488
Verstrichene Zeit: 6 Min, 26 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
2) ADW Cleaner
Code:
ATTFilter
# AdwCleaner v3.210 - Bericht erstellt am 21/05/2014 um 18:30:37
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Jessi - JESSI-PC
# Gestartet von : C:\Users\Jessi\Desktop\adwcleaner_3.210.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\HomeTab
Ordner Gelöscht : C:\Users\Jessi\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Jessi\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Jessi\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Jessi\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Jessi\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\Jessi\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Jessi\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Jessi\AppData\Roaming\pdfforge
[!] Ordner Gelöscht : C:\Users\Jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Datei Gelöscht : C:\Users\Jessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater
Datei Gelöscht : C:\Windows\System32\Tasks\FreeDriverScout
Datei Gelöscht : C:\Windows\System32\Tasks\ProtectedSearch
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CCBFDE4-5783-4753-9C01-84DA39F9336D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CCBFDE4-5783-4753-9C01-84DA39F9336D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49235857-5ACF-42FF-93E3-63D2B93EA6F7}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49235857-5ACF-42FF-93E3-63D2B93EA6F7}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0EC3E630-E52F-44E0-9483-F773FF777466}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EC3E630-E52F-44E0-9483-F773FF777466}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

***** [ Browser ] *****

-\\ Internet Explorer v7.0.6002.18005

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Google Chrome v

[ Datei : C:\Users\Jessi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Homepage] : hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C
Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
Gelöscht [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [29010 octets] - [21/05/2014 18:26:46]
AdwCleaner[S0].txt - [28317 octets] - [21/05/2014 18:30:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28378 octets] ##########
         
3) Junkware Removal Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Jessi on 21.05.2014 at 18:37:24.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{0016045E-EA29-495C-ABAA-DFEB747A1A31}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{00C0D23D-99D0-49BE-A9E4-3C945990DBC7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{016CE4E2-2BAA-4D9E-A7E7-55D16474926E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{020E0A7E-D231-478E-9C0E-6230C1175C6E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{02293AFA-587E-48EC-8473-331ED2144785}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{03203CF2-B7EF-48DF-9455-373DC6EC25A3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{035B5511-6CF1-440C-B51A-B08E5B70BE1F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{035CBF1A-0363-4185-A2D8-5C627D0644C9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{040FAEAD-B1A9-481A-87EF-C7CC5CB08687}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{0417718C-0B80-400D-9E95-6DDF7981F69B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{042B980D-850D-49B2-83C8-178CBF16BEE3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{0479E182-5EE5-4320-BC1D-EFD71CB89C91}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{05CCED9C-9637-43B0-B713-5F0BD459721A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{06690690-0561-4E86-8355-9492F5B448FB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{08B5C23C-4157-4729-80D5-2B98726598B0}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{09BA9AC2-0DF0-486F-80F6-6BB40C386F35}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{0A11B444-7CCA-450E-BAE0-2FDB79D4A5F2}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{0B9D6B9F-A5D0-4658-B4BE-29CB4A78B4B7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{0ECDC2B3-FC3D-4055-8B65-172928BB512B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{10735BBC-6D07-4C0E-B80A-D8E3D986E942}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{10E94845-5ACD-47B5-89D5-3FF1E95E2B93}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{111B51A6-C55A-4786-8C99-67382423CA82}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{12868EEE-A766-48F9-A434-617C9E352DF4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{141D9413-8902-4A9E-834A-81BC6378B7E7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{178170CB-EDAB-4757-85D0-24FB41DBD663}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{18950D49-9E86-475D-8D7E-FCCF83A4CACD}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{197CFBD0-30FF-41F4-B499-CC8ABAE21621}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1982D143-9484-4F82-8F3B-A7A540CC3291}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{19C10DE9-3BD7-408F-B2DE-FC12D8088103}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1AB8CC97-A23F-4C3C-B283-1893BBB8C488}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1AE70D4F-9356-4CDC-9717-7807F6E741F5}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1B302567-A7B8-42F1-8F35-7DC913D2D8D7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1C47E18E-C92B-43E0-A7C6-4BD0D2D4A2FA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1C547836-B2CE-4926-9A52-31E504F18F79}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1D603A9D-C785-49C7-8275-88D1766BE22B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1DE0896D-2FC0-4124-8A35-9FC11F86B0B9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1F6C2595-FB61-4279-BDAF-777B0C6EA813}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1FC5CFF2-A1C3-45DF-8DFC-A96B9C50EC5D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{1FFBEB4A-5718-4904-8D85-9F71C01E1770}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{20AC0EBC-8E83-4541-BCB6-95F3D2E046BA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{210FA79F-5C8B-48A2-BFD7-CF2CA333F6DE}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{22A105BC-89E3-456B-97F2-87E5D90AF5E7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{22C32315-1AC1-42D8-9822-230F94A70227}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{22D8593E-E1E6-4572-A34E-C8C9C600B347}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{23353663-DA6D-41C0-893B-277120B8CF04}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{233ADABA-24FB-4866-BF8F-B7271296F0FE}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{23D69696-1547-4D29-A1E1-4EC9698EF045}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{25032066-5A32-4F3A-A9C2-319D6C5ECF52}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{25443875-2EAB-4ACF-A72E-B8029F856376}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{25F2171D-B34F-445C-9645-F970B03E3E37}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2646FE8B-A53C-4051-8BDE-51B5F8BEA881}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{269D1A45-A3E3-48B1-A6C1-2AE761FB7AC0}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{26FE7986-D11D-4D79-8C17-F44B131732A4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2747C21F-E5F4-481E-A30F-5D4CD49910D1}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{27611CDF-745E-43B4-A7FB-BD9EA037F714}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2885B348-47ED-4CB0-A653-FC029DC547C3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{28B2A35F-4A90-4492-85D7-4EE8440733F4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{29AD33E5-1BBC-43E3-98EC-C606E880081D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2AF16561-6A74-4728-8C44-DF2BC062DB91}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2BA0872C-45CC-43F9-9A5E-4DAD9989C4C8}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2C0B89B3-2645-4F94-8F58-458A17357D95}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2C71101B-D6EB-4AEC-A9B1-DD0B6131E568}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2EC08D0F-5519-4A81-81A7-BE5C1D869F81}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{2F392E62-23CA-4D9A-8302-F3C6C3E6782B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3090E97A-5E72-47F1-A876-A80A07F5DABA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{309AF30E-D62C-4387-B06E-98D4E3770DFF}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3163DBD2-4A37-4B03-AD77-36A1FFEE8867}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3253337F-6F7F-4CF0-9AF0-80D1ED8C5863}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{32ED7A63-A524-4AD0-AF89-E98B11A8C19B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{338B8906-D0E4-496E-9A12-367F0C4A3982}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{34F3406A-1844-416A-8E18-0E9097253E7A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{35551BF1-18E5-4102-AFDF-E5ECB949ABEB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3660E2B9-7EA5-4530-9591-6A1BA823F697}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{373C5FA2-E728-4B9E-AFDC-266112B0FEFB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3901676E-4E5F-4995-ABFC-0067A559520B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{399DE7FA-6B85-4CCC-89F0-FFFE2FCEBD1D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{39B0EDE2-8CFC-4BC4-A06D-9D9BBDD95217}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{39D81C5E-F4C4-4C2A-9521-8B53B2E1FCD1}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3A1FB5B6-7D7C-475E-B02B-C4721450703D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3A656A20-8201-4877-A1BB-AE3DC773C115}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3B84E5F2-774E-499F-9381-0E05211F432F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3B9F69A8-4F28-4A08-8C09-D41E54D42EB3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3DE13B90-2ADB-43C7-A0CE-E4DF14CA3EE6}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3E7C7EE8-5320-4DEA-B870-B38FFB5DA31E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{3F080357-E292-4B54-8735-478B82A65D0E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{41EB408A-0AFB-4081-B387-832EE23B630F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{4205DACC-088D-49FE-9B73-B3534535BBD3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{42858F7C-C815-461C-8047-1643B47330EC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{42A75DCD-2E74-460A-B378-4924FC85A6C7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{43590DD2-F606-4579-8A65-397C042FB1B5}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{43F8B316-4D0C-4007-A705-31CD4C978115}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{4496B611-E0CE-4EFA-A313-48768839C65D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{44A17DAA-66AC-4E06-A37E-3E8A1F832BD8}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{44A66738-15CB-4480-A745-5C648F326F29}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{456DF982-3DC2-4D1E-8DA8-128D02DC1813}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{45AE3D7D-A5CB-434E-8B8A-63ECC4F4C305}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{45BCEFD5-E811-432B-952D-2EE800159CFE}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{463D2857-F5A4-42C2-969C-0152B60D5946}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{476F3723-18AF-4A32-B1CE-0DC3215093D7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{4AFBF458-4BF2-4BE5-B7DE-0FCC09DB1BE3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{4B87BDB7-AC45-4B3F-9D18-AD11E6DCFD15}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{4BA20E30-A7D2-4CD4-9B5C-8CEE73653383}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{4E68114D-7929-47E7-A5F3-4EF9D9CB79B7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{5060B15D-36D4-4925-97CB-D721DF8903CA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{511351AF-36FB-41D1-8354-01C54554A648}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{51D2BC6D-5336-49A3-9BBE-6E1216A8A414}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{522F201E-ABC2-48C8-8882-88F33946A014}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{529E3BE9-0E76-435B-8854-22F57960333B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{53088C86-E721-4711-8D98-07DAF241EDFC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{5341A303-7867-4C41-A448-AB4297940984}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{536CECE0-F92C-480A-82D7-6DD829844EDA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{56080578-6F83-4D67-A065-E34227458123}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{56400C3E-7DE2-4D6C-9535-6B410F673F7E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{57235659-E096-45E4-A2C9-60F89C77476C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{58C86613-5C2E-48EC-9D50-BE9EA5988FDA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{58FF0333-8FE9-4FBD-B055-C70A6A62FAB2}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{5945A93A-5ACF-408E-9784-8D99F2447ACA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{59D40F18-2718-44C9-A3E1-08434DAC3428}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{5E6C4CD2-D8F7-453D-B689-AD34C45B3605}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{5ED8B6A4-6BB4-4ADD-90A2-44C62CCA2240}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{5F797514-AB98-4C71-9788-6483319B538D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{60925A10-C801-48F7-85E6-6E374FD06BEB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{60DDC4A5-638A-47AF-ACAA-E960AAEF0E62}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6191F59B-AFB6-46CD-B260-0A8F40379F85}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6238A607-855A-450A-A889-7995804487CE}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{62D790D2-021A-467B-BBD5-8616AFACEA7F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{62FF9020-7A3F-4103-BC20-DB2693085382}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{646A4C78-43E2-4427-92D4-7964FA48909F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{64E90D99-A399-4642-BEA3-CD688D3D0F71}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{65BC3ED9-2A82-4693-B52C-26E6D8A53A3B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{674F7DDF-9CE1-4A7D-9E5B-742069636EEA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{675AE448-5649-4A34-9E0D-0AF63E853375}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{68B521B1-437C-4B06-81ED-C0FE5A3E0542}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{69026063-48CD-4500-9B62-4A6480AFE577}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6927515B-9048-4538-A410-8307EC277CEB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{69E64686-C928-4677-A6CD-5DE1F915E7AA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6A7F1042-9E1B-43E3-A410-FDAF1215DB01}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6A9BD27B-D5B6-429C-9B1C-6150E89B686E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6ACF18B5-61CE-482F-BA04-57E682EE4E04}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6B212559-80EF-4D7F-96BA-72E540995FB0}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6B3B9AF7-A5CE-4218-A579-F4D4C5908010}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6BB8BBA6-1C8E-48D7-A95F-72243AC6F9D0}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6C987881-1DBB-40AB-AB75-D050B42ED3BF}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{6D405A55-3D10-4AD5-A83E-FA9FD236D4C9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7069DEB1-C80C-4741-92A9-BF93B3F7BF66}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{70DE62DB-1A1B-48F3-A096-D3FC25F208B7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7122B586-9423-43FB-9C5A-08E0C2ED67D1}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7133F4C5-96D7-4ED2-9B1D-AB6B41ED0E29}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{733E4CDB-4FD2-4956-9383-0E60BE6894C1}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7466FFFF-D61E-49DD-82E0-F8BF45E55364}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{75F5EDB1-CB23-4759-94EB-1C17E0498B08}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{75FB8657-05E2-4E16-9434-B1B103CC17F7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{768C1715-BCCE-48F6-886C-5470733BA6DB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7A564893-D2A9-4964-B044-42782F1A6ECC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7CB1705A-45D1-40AA-89BE-681EA9C7CFE6}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7CE701BA-6E18-44CF-87B3-64912E71344A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7D0E8FC0-3FBE-48CC-B284-7D31BE3E8BE9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{7FA7FFC4-DEAE-477E-AC5D-4C1A35378E6F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8062B907-55DD-40BF-981A-E6D908C76B15}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8066EC5C-42FB-4627-82DB-06A98C13AE7E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{81964B51-FC3A-456A-8A62-D0612A263330}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8235DDF0-D87D-4612-86F3-332DE10B0178}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{82697FCA-11C2-4AEF-BC27-A8DA5A7DD886}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{83243054-20CD-4021-A477-F6436DD45DA0}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{833EECD7-D826-4BE6-97FD-E156E3DB1F49}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{83F4331F-ED7C-4D04-BEA1-F4092B0A8188}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{842BE1E4-8A6A-47FE-A631-1D9253DC20E8}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{84563112-CA6E-4929-A12F-3CCFDC57F9F4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{85266780-049C-45B1-862B-052242E7B1B4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8579D711-57CF-4FF0-A9F0-C56E4309298C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8781BA6F-001A-4479-A704-58BDC50B14EC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{88942EF1-16B5-44A0-B41F-5624F8C6B526}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{89457DEF-D9C9-4C45-AE44-847714957EAA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8A89A619-7E34-44CC-93E2-DB1840AD26D4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8A921D2C-EFA8-41F9-9E22-1A505C00CAF3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8A9598B1-3B3A-403F-AFF8-AC266021900B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{8F3C854E-CF0D-4BAA-A219-219502E0E543}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{90863187-8DB3-4B6B-B38E-AD6A41E95134}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9117005F-DA89-4F80-977D-1B6CEECC620C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{912BE5F6-AF98-4107-9AB5-4531AEFD226A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{91BBBB19-861A-451D-9598-4591F4F640F8}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{92759FE6-2D49-4FEF-B673-43B9DFEF9A2A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{932210F1-191E-495B-911F-CD8D58E99114}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{93A59173-F039-4A0B-A8CB-8332A0F7FD90}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{95226CF1-3A00-47B1-8511-F12E079ACEB9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{95B32FA4-E4AD-4992-8FDA-307097869541}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{961DEEBD-9DC0-42BA-ADB5-3254394DB5AE}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{989B80E9-F8CB-4029-9CC1-0520480C5BEB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{99783B03-263C-4318-8895-F731C8B145CF}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9C6EA688-78D9-4925-ADF9-1BBBE6EE7B09}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9CA58771-A481-42C9-83E4-127D8B954A31}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9CCD64D7-B72E-4DF4-B962-92F1FF80F8C4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9DA05C80-DA61-44FF-B83C-1FC365C30F5A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9E8BF392-798D-4FB3-AF67-BA486B8FA143}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9F2B450A-DA76-4B15-95C5-D2CAA877643A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{9F9A0CE8-12A8-46EB-B3E5-C13E4246234E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A4CE9465-FC2F-4B2F-A5A5-164C7A914E1F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A5733891-D31B-44C8-9F42-98098DC18946}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A5F8256C-0A1A-45E5-B965-FD2F15E8E316}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A83CA785-6AB7-4471-87D1-34C0F204DF6E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A93FF169-7226-425C-BDEA-C9A0AB3715E4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A967A579-0060-48C2-A679-51DC14C45A06}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{A9B50E5D-A64F-4ADE-A17A-25BB2FF25BC4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AB32A1AB-A73B-4361-8370-F7161549769B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{ABEBA8A1-8818-433E-BBF2-65201A138F1F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AC541633-FC16-49D5-B01A-BF9E92E4C6B9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AD02C406-E616-42C9-B7CB-A66A5F0847A9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AE2FF57D-7421-4F16-8269-F80A1AB9B7BB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AE35F09F-14D5-455A-BAB3-4DD23B6F593A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AE896FA0-D6B3-4EEE-9652-A62A9DCA9E16}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AF12F7B1-52B4-4BCF-B2D9-D176CB36A0B7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{AFDEB2F1-496E-48AE-B684-3407FFF8CE23}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B01AF19A-0E74-4EA5-A6C7-D90D291E1C63}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B05757FB-AA6E-4742-88D4-B09447B4C0A4}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B1E9DBC0-B9DD-4322-995D-CE1C754DFB1C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B28AC026-4AEF-49BD-B35D-92BF7D88342A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B31AA3CA-A25D-4891-8DF8-6A8E1BD6FBE2}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B321F7B5-4952-4037-876D-9C42CC513CAD}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B3A79B0E-D250-4DEF-90E6-BED04347E909}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B4BF2C2C-A23E-4DFC-9CE0-D76B692DCFC7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B54093D3-11A1-4CA5-979C-BDFCDBC43DC5}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B5A5AD47-9FB3-4C38-844F-C5D05DE2F3D1}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B75D25D5-0076-450C-9531-EC29C18609B7}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{B9F9CAA8-BF47-43EA-9213-ABE135F48CEA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{BBE9D78D-3347-49C7-B348-982B018924DC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{BD2C110D-CE8E-4D26-BE7A-264FB206FC8E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{BDC8A601-DB2E-4455-9E7A-4E96D22EC5C1}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{BDE741A2-F618-43A7-99B9-E1FF047A518D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C033173E-3852-4747-B90C-8AE6196A521B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C0B81ABC-353F-4FCF-A9B2-4A833ABE2331}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C0CE0656-C70B-4763-8582-30A47AA4689D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C0DE7BE7-B80C-41D7-98C8-3E0D152066C5}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C0FB508F-1688-4633-9C4B-9FFF1E29B637}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C1865157-3703-47FD-BBA4-5750151DE6B2}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C1FD69F2-C5EA-4FA8-91A3-DC9E0B6D41DC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C237B1A6-6E44-4FF1-99A2-88989E7C1C8A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C3F3D201-3EB3-4027-8CBB-90FED6959B6C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C485770F-AFCB-4479-A326-29E1D87D9996}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C4B483C6-46AB-4438-BE45-4A3D21B66F11}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C4EC4306-0322-4AC9-87A1-818346F6D052}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C59964C9-A6F8-4E35-8812-8CE55969CB36}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C61F4CB4-011F-4B35-AF01-3911C0494FB9}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C64B7F6C-41D9-4359-AB5F-9F958A59863C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C82DA83D-CB2F-4787-8A3B-73D59B43F5AD}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{C92E59C5-EE0D-43F0-8A0C-02645B467494}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{CA00D667-21D4-44A0-AC1E-69456C87E30B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{CB4D162F-D59D-471E-A1D6-796C6BD42A12}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{CDA7C03A-E8B7-4F96-9ED9-204E7E91508E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D04ED90F-7E7B-425D-861D-CAAE592D2B88}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D0B9A055-3762-461F-A254-085293F3E3DF}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D1F22240-6D9C-4E6B-99C1-A4A1D6137825}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D3D26A1B-81B0-4AA4-9047-9F61D49AE1C8}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D721CF56-7BA4-4EA5-887E-8F11A755278C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D7715780-C658-40A9-8D22-3E78286D8C70}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D8A1E073-E229-44B6-8F7F-05D0D0EA9710}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D99901E8-D4C0-4B7F-A952-D64A86CD3E4B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D9C56BFF-5C45-4021-9811-ABF7C83562A6}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{D9EF2C7E-9CAE-4D86-B301-0A6DF0E94D22}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DA5926A4-F846-428E-8A99-352D9B189C03}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DB9B5B05-BE4D-43C7-9985-BF09EE174403}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DBBC8F81-8939-4C75-AC26-0CBC99176240}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DBE1563F-0352-45F2-A17E-B6B627D07480}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DC01FC62-A203-4198-852D-A14162CC818C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DD3C5369-45FB-48AF-BAC6-928A025AFC5F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DD999AD3-A968-471B-853A-25246E5EF234}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DEEAEBD9-CDAE-4607-8FE0-EC332F3B027E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{DF21007C-7237-4F4E-A320-889902058717}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E0D104D1-7785-4F74-A81C-4F914802C1BC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E2C0B63C-BE2A-49A2-BBA6-5D9F5D0EAD29}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E3CC4748-A944-4DC3-BF46-26AC7B4FDDC3}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E4271332-FF2B-48E0-A3BF-57DC85363451}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E4E16A03-E7A0-4AB4-A958-B372BC0CACF6}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E51A4A9B-6143-4074-8EC9-BBB4CB8C0048}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E68038A0-4A5A-48BD-8E22-0A44E5C94A3F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E6AE87DD-729D-4C88-BEC5-9A8BDDE673DD}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E6BCEDBB-1700-4970-BEFF-B77570A9F57E}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E82CDDB0-DBEA-4BF9-B634-596E5B5954B0}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E8575385-9BD2-4150-8A65-468AE894447D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E8D931E3-4A86-45D1-A0B8-03E06F6CDDFA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E95AF395-19CE-44CB-BC2B-03802AB6FE77}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E9E1D8D7-63C3-496F-B545-057C087D3AB5}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{E9F120EB-97D0-4FB1-B053-11F5981CC15F}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{EC1DA277-67A0-464D-A282-7B8612BB040A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{ED3B5ED0-270A-4518-B39F-F1CB8B25EB45}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{ED45D78F-444C-4B0C-A585-234FDD505F89}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{EF5A3313-ECBC-45F4-8FE0-04BAD41B1F03}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{EF74200A-D20A-4308-8A48-6FE612753A41}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F04DC321-CA99-4BDB-B21A-CE9945C7EC60}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F11BE529-675F-404D-A3AB-85B7B1B81ECB}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F2528029-4E4A-4C28-A850-3EE571C6E27D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F42AA40D-A9A5-4DDC-900A-6710C12BEB9D}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F5BCC743-C620-4A76-8C18-D681E8F32A54}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F633A114-30F0-416C-B23F-ADCCE79EA1DF}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F7B359F6-4CA8-418E-BC3E-1D2EC9BC92CF}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{F92B1253-63BD-4BF5-A0C3-CBBB96C667BC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FA2427E1-3180-45DE-96C0-E284CB08D0BA}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FAB802AA-DB74-499A-866B-B3A155A494BC}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FB424F2C-0ABF-4D05-BF1B-3AA177CC427B}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FBD46A06-8245-41A5-8270-EF752A6BF90A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FC4FCDE7-DADB-4A66-887D-A27763DD400C}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FD21AD76-037E-4931-BEDA-3770CE083B5A}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FE6C4E23-D1D7-4D72-A3BD-61116415FE84}
Successfully deleted: [Empty Folder] C:\Users\Jessi\appdata\local\{FEF3C0E7-8CE3-43AF-8F3D-11B007467918}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.05.2014 at 18:41:19.10
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
4) FRST Log 21.05.14:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014
Ran by Jessi (administrator) on JESSI-PC on 21-05-2014 18:42:00
Running from C:\Users\Jessi\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files\ MALWAREBYTES ANTI-MALWARE \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ MALWAREBYTES ANTI-MALWARE \mbamservice.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(Malwarebytes Corporation) C:\Program Files\ MALWAREBYTES ANTI-MALWARE \mbam.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Advanced Micro Devices Inc.) D:\Software\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) D:\Software\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656 2012-03-27] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => D:\Software\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Amazon Cloud Player] => C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.195.120.158:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.185.97 83.169.185.33

FireFox:
========
FF ProfilePath: C:\Users\Jessi\AppData\Roaming\Mozilla\Firefox\C:\Users\Jessi\AppData\Roaming\Mozilla\Profiles\excbqpn8.Standard-Benutzer
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=1.1.11 - D:\Software\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - D:\Software\Adobe\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF StartMenuInternet: FIREFOX.EXE - D:\Software\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C
CHR RestoreOnStartup: "hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C"

========================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S4 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [301248 2012-03-19] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Jessi\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-21 18:41 - 2014-05-21 18:41 - 00032779 _____ () C:\Users\Jessi\Desktop\JRT.txt
2014-05-21 18:34 - 2014-05-21 18:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-21 18:33 - 2014-05-21 18:33 - 00028459 _____ () C:\Users\Jessi\Desktop\AdwCleaner[S0].txt
2014-05-21 18:26 - 2014-05-21 18:30 - 00000000 ____D () C:\AdwCleaner
2014-05-21 18:25 - 2014-05-21 18:25 - 00001160 _____ () C:\Users\Jessi\Desktop\mbam.txt
2014-05-21 18:16 - 2014-05-21 18:36 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-21 18:15 - 2014-05-21 18:15 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-21 18:15 - 2014-05-21 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-21 18:15 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-21 18:15 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-21 18:15 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-21 18:12 - 2014-05-21 18:12 - 01016261 _____ (Thisisu) C:\Users\Jessi\Desktop\JRT.exe
2014-05-21 18:11 - 2014-05-21 18:11 - 01326389 _____ () C:\Users\Jessi\Desktop\adwcleaner_3.210.exe
2014-05-19 18:14 - 2014-05-19 18:14 - 00009924 _____ () C:\Users\Jessi\Desktop\combofix.txt
2014-05-19 18:12 - 2014-05-19 18:12 - 00009924 _____ () C:\ComboFix.txt
2014-05-19 18:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-19 18:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-19 18:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-19 17:50 - 2014-05-19 18:12 - 00000000 ____D () C:\Qoobox
2014-05-19 17:49 - 2014-05-19 18:10 - 00000000 ____D () C:\Windows\erdnt
2014-05-19 17:44 - 2014-05-19 17:44 - 05200426 ____R (Swearware) C:\Users\Jessi\Desktop\ComboFix.exe
2014-05-18 19:29 - 2014-05-18 19:29 - 00000605 _____ () C:\Users\Jessi\Desktop\Logs - Verknüpfung.lnk
2014-05-18 19:14 - 2014-05-18 19:14 - 00025456 _____ () C:\Users\Jessi\Desktop\Logs.zip
2014-05-18 18:40 - 2014-05-18 18:40 - 00266052 _____ () C:\Users\Jessi\Desktop\Gmer.txt
2014-05-18 18:33 - 2014-05-18 18:33 - 00380416 _____ () C:\Users\Jessi\Desktop\Gmer-19357.exe
2014-05-18 18:29 - 2014-05-21 18:42 - 00011784 _____ () C:\Users\Jessi\Desktop\FRST.txt
2014-05-18 18:29 - 2014-05-18 18:29 - 00037867 _____ () C:\Users\Jessi\Desktop\Addition.txt
2014-05-18 18:28 - 2014-05-21 18:42 - 00000000 ____D () C:\FRST
2014-05-18 18:27 - 2014-05-18 18:27 - 01056768 _____ (Farbar) C:\Users\Jessi\Desktop\FRST.exe
2014-05-18 18:26 - 2014-05-18 18:26 - 00000472 _____ () C:\Users\Jessi\Desktop\defogger_disable.log
2014-05-18 18:26 - 2014-05-18 18:26 - 00000000 _____ () C:\Users\Jessi\defogger_reenable
2014-05-18 18:25 - 2014-05-18 18:25 - 00050477 _____ () C:\Users\Jessi\Desktop\Defogger.exe
2014-05-18 13:56 - 2014-05-18 18:02 - 00271751 _____ () C:\Users\Jessi\AppData\Local\census.cache
2014-05-18 13:56 - 2014-05-18 18:02 - 00158115 _____ () C:\Users\Jessi\AppData\Local\ars.cache
2014-05-18 13:28 - 2014-05-18 13:28 - 00000036 _____ () C:\Users\Jessi\AppData\Local\housecall.guid.cache
2014-05-18 13:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 13:00 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-18 13:00 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-18 13:00 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-18 12:59 - 2014-05-18 13:00 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-15 06:12 - 2014-05-07 02:26 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 06:12 - 2014-05-07 02:26 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 06:12 - 2014-05-07 00:58 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:43 - 2014-05-14 22:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:36 - 2014-05-14 22:36 - 00000442 _____ () C:\Windows\wininit.ini
2014-05-14 18:32 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

==================== One Month Modified Files and Folders =======

2014-05-21 18:42 - 2014-05-18 18:29 - 00011784 _____ () C:\Users\Jessi\Desktop\FRST.txt
2014-05-21 18:42 - 2014-05-18 18:28 - 00000000 ____D () C:\FRST
2014-05-21 18:41 - 2014-05-21 18:41 - 00032779 _____ () C:\Users\Jessi\Desktop\JRT.txt
2014-05-21 18:40 - 2006-11-02 14:52 - 01962579 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 18:36 - 2014-05-21 18:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-21 18:36 - 2013-09-23 18:38 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-21 18:36 - 2011-12-21 18:48 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-05-21 18:36 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-21 18:36 - 2006-11-02 14:47 - 00005328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-21 18:36 - 2006-11-02 14:47 - 00005328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-21 18:35 - 2006-11-02 15:01 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-21 18:34 - 2014-05-21 18:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-21 18:33 - 2014-05-21 18:33 - 00028459 _____ () C:\Users\Jessi\Desktop\AdwCleaner[S0].txt
2014-05-21 18:32 - 2011-10-20 06:39 - 00399910 _____ () C:\Windows\PFRO.log
2014-05-21 18:30 - 2014-05-21 18:26 - 00000000 ____D () C:\AdwCleaner
2014-05-21 18:30 - 2012-10-16 22:20 - 00000000 ____D () C:\ProgramData\ICQ
2014-05-21 18:27 - 2012-04-07 15:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 18:25 - 2014-05-21 18:25 - 00001160 _____ () C:\Users\Jessi\Desktop\mbam.txt
2014-05-21 18:15 - 2014-05-21 18:15 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-21 18:15 - 2014-05-21 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-21 18:15 - 2011-10-27 06:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-21 18:15 - 2011-10-27 06:40 - 00000000 ____D () C:\Program Files\ MALWAREBYTES ANTI-MALWARE 
2014-05-21 18:12 - 2014-05-21 18:12 - 01016261 _____ (Thisisu) C:\Users\Jessi\Desktop\JRT.exe
2014-05-21 18:11 - 2014-05-21 18:11 - 01326389 _____ () C:\Users\Jessi\Desktop\adwcleaner_3.210.exe
2014-05-21 17:52 - 2006-11-02 12:33 - 01567294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-19 18:14 - 2014-05-19 18:14 - 00009924 _____ () C:\Users\Jessi\Desktop\combofix.txt
2014-05-19 18:12 - 2014-05-19 18:12 - 00009924 _____ () C:\ComboFix.txt
2014-05-19 18:12 - 2014-05-19 17:50 - 00000000 ____D () C:\Qoobox
2014-05-19 18:12 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-05-19 18:12 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-05-19 18:10 - 2014-05-19 17:49 - 00000000 ____D () C:\Windows\erdnt
2014-05-19 18:09 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 17:44 - 2014-05-19 17:44 - 05200426 ____R (Swearware) C:\Users\Jessi\Desktop\ComboFix.exe
2014-05-18 22:21 - 2011-12-27 16:29 - 00104448 _____ () C:\Users\Jessi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-18 19:29 - 2014-05-18 19:29 - 00000605 _____ () C:\Users\Jessi\Desktop\Logs - Verknüpfung.lnk
2014-05-18 19:29 - 2013-09-23 18:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-18 19:14 - 2014-05-18 19:14 - 00025456 _____ () C:\Users\Jessi\Desktop\Logs.zip
2014-05-18 18:40 - 2014-05-18 18:40 - 00266052 _____ () C:\Users\Jessi\Desktop\Gmer.txt
2014-05-18 18:33 - 2014-05-18 18:33 - 00380416 _____ () C:\Users\Jessi\Desktop\Gmer-19357.exe
2014-05-18 18:29 - 2014-05-18 18:29 - 00037867 _____ () C:\Users\Jessi\Desktop\Addition.txt
2014-05-18 18:27 - 2014-05-18 18:27 - 01056768 _____ (Farbar) C:\Users\Jessi\Desktop\FRST.exe
2014-05-18 18:26 - 2014-05-18 18:26 - 00000472 _____ () C:\Users\Jessi\Desktop\defogger_disable.log
2014-05-18 18:26 - 2014-05-18 18:26 - 00000000 _____ () C:\Users\Jessi\defogger_reenable
2014-05-18 18:26 - 2011-10-15 13:47 - 00000000 ____D () C:\Users\Jessi
2014-05-18 18:25 - 2014-05-18 18:25 - 00050477 _____ () C:\Users\Jessi\Desktop\Defogger.exe
2014-05-18 18:02 - 2014-05-18 13:56 - 00271751 _____ () C:\Users\Jessi\AppData\Local\census.cache
2014-05-18 18:02 - 2014-05-18 13:56 - 00158115 _____ () C:\Users\Jessi\AppData\Local\ars.cache
2014-05-18 14:28 - 2013-09-25 18:37 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-18 13:28 - 2014-05-18 13:28 - 00000036 _____ () C:\Users\Jessi\AppData\Local\housecall.guid.cache
2014-05-18 13:14 - 2012-08-01 20:29 - 00000000 ____D () C:\Users\Jessi\AppData\Roaming\Dropbox
2014-05-18 13:01 - 2014-02-24 22:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 13:00 - 2014-05-18 12:59 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-18 13:00 - 2013-07-03 18:33 - 00000000 ____D () C:\Program Files\Java
2014-05-17 09:33 - 2012-02-22 19:20 - 00001356 _____ () C:\Users\Jessi\AppData\Local\d3d9caps.dat
2014-05-15 06:15 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-14 22:45 - 2011-10-26 21:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:43 - 2014-05-14 22:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:43 - 2013-08-14 07:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:41 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-14 22:36 - 2014-05-14 22:36 - 00000442 _____ () C:\Windows\wininit.ini
2014-05-14 22:05 - 2013-09-23 18:38 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-05-14 19:28 - 2012-04-07 15:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 19:28 - 2011-10-15 18:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-05-21 18:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-21 18:15 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-21 18:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-07 02:26 - 2014-05-15 06:12 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-07 02:26 - 2014-05-15 06:12 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-07 00:58 - 2014-05-15 06:12 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 00:30 - 2013-09-23 18:38 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

Some content of TEMP:
====================
C:\Users\Jessi\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-21 17:54

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________
ICH HABS KOMMEN SEHEN

Alt 22.05.2014, 12:50   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.05.2014, 13:52   #13
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Hallo zurück, habe endlich Zeit gehabt und zunächst alle meine externen Festplatten angeschlossen. USB Sticks konnte ich nicht mitlaufen lassen, dakein Steckplatz frei. Könnte ich das mit den Sticks wiederholen? Auf den Platten wurde wohl ncihts gefunden oder zumindest taucht kein externes Gerät im Log auf,...(ich versuchs nur zu verstehen ^^)

anbei die kurzen Logs

1) ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=8dd876265be94447999d39012b187d3d
# engine=18402
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-25 12:15:45
# local_time=2014-05-25 02:15:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 329366 238552873 0 0
# scanned=368957
# found=6
# cleaned=0
# scan_time=6585
sh=FBBE31F08E493A8B0702FE72F3ABA6DF996E20C6 ft=1 fh=1055b3d0ea15ac02 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Software\PDFCreator-1_7_2_setup.exe"
sh=DEB9F64ABBF9425B70217747FEED6D2CF8BD9B6D ft=1 fh=a8b5d0d60197659c vn="Variante von MSIL/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Driver Scout\DLG_free-driver-scout_chip_de-DE.exe"
sh=8C214C26115C45FC466457C95D2061F209764052 ft=1 fh=c078ee0d7bceb143 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Post-it\iLividSetupV1.exe"
sh=BAFBF5612EE44420E2DEC617F14FBE4CA6D2B19A ft=1 fh=1dddbbb53fa27dfc vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Post-it\SoftonicDownloader_fuer_freebie-notes.exe"
sh=6A018011A9D90F1F1C3D1CE53D0DED3C322132D4 ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Videoconverter\Pazera_Free_MOV_to_AVI_Converter.exe"
sh=BEB2872C5EE9890C656B293C5EFBAD0220B4E538 ft=1 fh=3852d8d68dbe73c3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Software\Youtube Download\FreeYouTubeToMP3Converter31014.exe"
         
2) Security check:
Results of screen317's Security Check version 0.99.83
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
(On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
JavaFX 2.1.1
Java 7 Update 55
Adobe Flash Player 13.0.0.214
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox 22.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````

FRST log kommt auch gleich
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Danke und Grüße


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 01
Ran by Jessi (administrator) on JESSI-PC on 25-05-2014 14:49:53
Running from C:\Users\Jessi\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Advanced Micro Devices Inc.) D:\Software\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ATI Technologies Inc.) D:\Software\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NeroFilterCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10967656 2012-03-27] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => D:\Software\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Amazon Cloud Player] => C:\Users\Jessi\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.195.120.158:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 83.169.185.33 83.169.185.97

FireFox:
========
FF ProfilePath: C:\Users\Jessi\AppData\Roaming\Mozilla\Profiles\excbqpn8.Standard-Benutzer
FF Homepage: www.facebook.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=1.1.11 - D:\Software\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - D:\Software\Adobe\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Jessi\AppData\Roaming\Mozilla\Profiles\excbqpn8.Standard-Benutzer\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-08]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF StartMenuInternet: FIREFOX.EXE - D:\Software\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C
CHR RestoreOnStartup: "hxxp://start.iminent.com/?appId=9CDDA541-CEEF-4CD9-9F8F-DD6E9062636C"

========================== Services (Whitelisted) =================

S2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S4 avgwd; "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [301248 2012-03-19] (AVG Technologies CZ, s.r.o.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 w800bus; C:\Windows\System32\DRIVERS\w800bus.sys [60768 2005-06-13] (MCCI)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\Jessi\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-25 14:49 - 2014-05-25 14:49 - 00000000 ____D () C:\Users\Jessi\Desktop\FRST-OlderVersion
2014-05-25 14:40 - 2014-05-25 14:40 - 00001043 _____ () C:\Users\Jessi\Desktop\checkup.txt
2014-05-25 14:27 - 2014-05-25 14:27 - 00854367 _____ () C:\Users\Jessi\Desktop\SecurityCheck.exe
2014-05-21 19:11 - 2014-05-21 19:59 - 00000116 _____ () C:\Windows\NeroDigital.ini
2014-05-21 18:41 - 2014-05-21 18:41 - 00032779 _____ () C:\Users\Jessi\Desktop\JRT.txt
2014-05-21 18:34 - 2014-05-21 18:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-21 18:33 - 2014-05-21 18:33 - 00028459 _____ () C:\Users\Jessi\Desktop\AdwCleaner[S0].txt
2014-05-21 18:26 - 2014-05-21 18:30 - 00000000 ____D () C:\AdwCleaner
2014-05-21 18:25 - 2014-05-21 18:25 - 00001160 _____ () C:\Users\Jessi\Desktop\mbam.txt
2014-05-21 18:16 - 2014-05-25 11:53 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-21 18:15 - 2014-05-21 18:15 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-21 18:15 - 2014-05-21 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-21 18:15 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-21 18:15 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-21 18:15 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-21 18:12 - 2014-05-21 18:12 - 01016261 _____ (Thisisu) C:\Users\Jessi\Desktop\JRT.exe
2014-05-21 18:11 - 2014-05-21 18:11 - 01326389 _____ () C:\Users\Jessi\Desktop\adwcleaner_3.210.exe
2014-05-19 18:14 - 2014-05-19 18:14 - 00009924 _____ () C:\Users\Jessi\Desktop\combofix.txt
2014-05-19 18:12 - 2014-05-19 18:12 - 00009924 _____ () C:\ComboFix.txt
2014-05-19 18:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-19 18:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-19 18:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-19 18:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-19 17:50 - 2014-05-19 18:12 - 00000000 ____D () C:\Qoobox
2014-05-19 17:49 - 2014-05-19 18:10 - 00000000 ____D () C:\Windows\erdnt
2014-05-19 17:44 - 2014-05-19 17:44 - 05200426 ____R (Swearware) C:\Users\Jessi\Desktop\ComboFix.exe
2014-05-18 19:29 - 2014-05-18 19:29 - 00000605 _____ () C:\Users\Jessi\Desktop\Logs - Verknüpfung.lnk
2014-05-18 19:14 - 2014-05-18 19:14 - 00025456 _____ () C:\Users\Jessi\Desktop\Logs.zip
2014-05-18 18:40 - 2014-05-18 18:40 - 00266052 _____ () C:\Users\Jessi\Desktop\Gmer.txt
2014-05-18 18:33 - 2014-05-18 18:33 - 00380416 _____ () C:\Users\Jessi\Desktop\Gmer-19357.exe
2014-05-18 18:29 - 2014-05-25 14:49 - 00011646 _____ () C:\Users\Jessi\Desktop\FRST.txt
2014-05-18 18:29 - 2014-05-18 18:29 - 00037867 _____ () C:\Users\Jessi\Desktop\Addition.txt
2014-05-18 18:28 - 2014-05-25 14:49 - 00000000 ____D () C:\FRST
2014-05-18 18:27 - 2014-05-25 14:49 - 01056256 _____ (Farbar) C:\Users\Jessi\Desktop\FRST.exe
2014-05-18 18:26 - 2014-05-18 18:26 - 00000472 _____ () C:\Users\Jessi\Desktop\defogger_disable.log
2014-05-18 18:26 - 2014-05-18 18:26 - 00000000 _____ () C:\Users\Jessi\defogger_reenable
2014-05-18 18:25 - 2014-05-18 18:25 - 00050477 _____ () C:\Users\Jessi\Desktop\Defogger.exe
2014-05-18 13:56 - 2014-05-18 18:02 - 00271751 _____ () C:\Users\Jessi\AppData\Local\census.cache
2014-05-18 13:56 - 2014-05-18 18:02 - 00158115 _____ () C:\Users\Jessi\AppData\Local\ars.cache
2014-05-18 13:28 - 2014-05-18 13:28 - 00000036 _____ () C:\Users\Jessi\AppData\Local\housecall.guid.cache
2014-05-18 13:01 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 13:00 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-18 13:00 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-18 13:00 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-18 12:59 - 2014-05-18 13:00 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-15 06:12 - 2014-05-07 02:26 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 06:12 - 2014-05-07 02:26 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 06:12 - 2014-05-07 00:58 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:43 - 2014-05-14 22:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:36 - 2014-05-14 22:36 - 00000442 _____ () C:\Windows\wininit.ini
2014-05-14 18:32 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

==================== One Month Modified Files and Folders =======

2014-05-25 14:50 - 2014-05-18 18:29 - 00011646 _____ () C:\Users\Jessi\Desktop\FRST.txt
2014-05-25 14:49 - 2014-05-25 14:49 - 00000000 ____D () C:\Users\Jessi\Desktop\FRST-OlderVersion
2014-05-25 14:49 - 2014-05-18 18:28 - 00000000 ____D () C:\FRST
2014-05-25 14:49 - 2014-05-18 18:27 - 01056256 _____ (Farbar) C:\Users\Jessi\Desktop\FRST.exe
2014-05-25 14:40 - 2014-05-25 14:40 - 00001043 _____ () C:\Users\Jessi\Desktop\checkup.txt
2014-05-25 14:27 - 2014-05-25 14:27 - 00854367 _____ () C:\Users\Jessi\Desktop\SecurityCheck.exe
2014-05-25 14:27 - 2012-04-07 15:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-25 13:52 - 2006-11-02 14:47 - 00005328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-25 13:52 - 2006-11-02 14:47 - 00005328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 11:57 - 2006-11-02 12:33 - 01567294 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 11:55 - 2006-11-02 14:52 - 02081826 _____ () C:\Windows\WindowsUpdate.log
2014-05-25 11:53 - 2014-05-21 18:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-25 11:53 - 2013-09-23 18:38 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-05-25 11:53 - 2012-08-26 15:46 - 00014889 _____ () C:\Windows\setupact.log
2014-05-25 11:52 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-25 11:51 - 2011-12-21 18:48 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-05-25 11:48 - 2006-11-02 15:01 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-23 14:00 - 2011-10-20 06:39 - 00400260 _____ () C:\Windows\PFRO.log
2014-05-21 19:59 - 2014-05-21 19:11 - 00000116 _____ () C:\Windows\NeroDigital.ini
2014-05-21 18:41 - 2014-05-21 18:41 - 00032779 _____ () C:\Users\Jessi\Desktop\JRT.txt
2014-05-21 18:34 - 2014-05-21 18:34 - 00000000 ____D () C:\Windows\ERUNT
2014-05-21 18:33 - 2014-05-21 18:33 - 00028459 _____ () C:\Users\Jessi\Desktop\AdwCleaner[S0].txt
2014-05-21 18:30 - 2014-05-21 18:26 - 00000000 ____D () C:\AdwCleaner
2014-05-21 18:30 - 2012-10-16 22:20 - 00000000 ____D () C:\ProgramData\ICQ
2014-05-21 18:25 - 2014-05-21 18:25 - 00001160 _____ () C:\Users\Jessi\Desktop\mbam.txt
2014-05-21 18:15 - 2014-05-21 18:15 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-21 18:15 - 2014-05-21 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-21 18:15 - 2011-10-27 06:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-21 18:15 - 2011-10-27 06:40 - 00000000 ____D () C:\Program Files\ MALWAREBYTES ANTI-MALWARE 
2014-05-21 18:12 - 2014-05-21 18:12 - 01016261 _____ (Thisisu) C:\Users\Jessi\Desktop\JRT.exe
2014-05-21 18:11 - 2014-05-21 18:11 - 01326389 _____ () C:\Users\Jessi\Desktop\adwcleaner_3.210.exe
2014-05-19 18:14 - 2014-05-19 18:14 - 00009924 _____ () C:\Users\Jessi\Desktop\combofix.txt
2014-05-19 18:12 - 2014-05-19 18:12 - 00009924 _____ () C:\ComboFix.txt
2014-05-19 18:12 - 2014-05-19 17:50 - 00000000 ____D () C:\Qoobox
2014-05-19 18:12 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-05-19 18:12 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-05-19 18:10 - 2014-05-19 17:49 - 00000000 ____D () C:\Windows\erdnt
2014-05-19 18:09 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 17:44 - 2014-05-19 17:44 - 05200426 ____R (Swearware) C:\Users\Jessi\Desktop\ComboFix.exe
2014-05-18 22:21 - 2011-12-27 16:29 - 00104448 _____ () C:\Users\Jessi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-18 19:29 - 2014-05-18 19:29 - 00000605 _____ () C:\Users\Jessi\Desktop\Logs - Verknüpfung.lnk
2014-05-18 19:29 - 2013-09-23 18:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-18 19:14 - 2014-05-18 19:14 - 00025456 _____ () C:\Users\Jessi\Desktop\Logs.zip
2014-05-18 18:40 - 2014-05-18 18:40 - 00266052 _____ () C:\Users\Jessi\Desktop\Gmer.txt
2014-05-18 18:33 - 2014-05-18 18:33 - 00380416 _____ () C:\Users\Jessi\Desktop\Gmer-19357.exe
2014-05-18 18:29 - 2014-05-18 18:29 - 00037867 _____ () C:\Users\Jessi\Desktop\Addition.txt
2014-05-18 18:26 - 2014-05-18 18:26 - 00000472 _____ () C:\Users\Jessi\Desktop\defogger_disable.log
2014-05-18 18:26 - 2014-05-18 18:26 - 00000000 _____ () C:\Users\Jessi\defogger_reenable
2014-05-18 18:26 - 2011-10-15 13:47 - 00000000 ____D () C:\Users\Jessi
2014-05-18 18:25 - 2014-05-18 18:25 - 00050477 _____ () C:\Users\Jessi\Desktop\Defogger.exe
2014-05-18 18:02 - 2014-05-18 13:56 - 00271751 _____ () C:\Users\Jessi\AppData\Local\census.cache
2014-05-18 18:02 - 2014-05-18 13:56 - 00158115 _____ () C:\Users\Jessi\AppData\Local\ars.cache
2014-05-18 14:28 - 2013-09-25 18:37 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-18 13:28 - 2014-05-18 13:28 - 00000036 _____ () C:\Users\Jessi\AppData\Local\housecall.guid.cache
2014-05-18 13:14 - 2012-08-01 20:29 - 00000000 ____D () C:\Users\Jessi\AppData\Roaming\Dropbox
2014-05-18 13:01 - 2014-02-24 22:02 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-18 13:00 - 2014-05-18 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-18 13:00 - 2014-05-18 12:59 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-05-18 13:00 - 2013-07-03 18:33 - 00000000 ____D () C:\Program Files\Java
2014-05-17 09:33 - 2012-02-22 19:20 - 00001356 _____ () C:\Users\Jessi\AppData\Local\d3d9caps.dat
2014-05-15 06:15 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-14 22:45 - 2011-10-26 21:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 22:43 - 2014-05-14 22:43 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 22:43 - 2013-08-14 07:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:41 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-14 22:36 - 2014-05-14 22:36 - 00000442 _____ () C:\Windows\wininit.ini
2014-05-14 22:05 - 2013-09-23 18:38 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-05-14 19:28 - 2012-04-07 15:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 19:28 - 2011-10-15 18:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-05-21 18:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-21 18:15 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-21 18:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-07 02:26 - 2014-05-15 06:12 - 03627520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-07 02:26 - 2014-05-15 06:12 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-07 00:58 - 2014-05-15 06:12 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-01 00:30 - 2013-09-23 18:38 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

Some content of TEMP:
====================
C:\Users\Jessi\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-25 11:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________
ICH HABS KOMMEN SEHEN

Alt 26.05.2014, 11:56   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Adobe, Firefox, Windows und IE updatne. Sticks kannste auch mit deinem AV scannen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.05.2014, 20:41   #15
Schrotterin
 
Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Standard

Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?



Hallo Schrauber,
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-05-2014 01
Ran by Jessi at 2014-05-26 20:32:40 Run:1
Running from C:\Users\Jessi\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-46167276-2374577593-1786467520-1000\...\Run: [AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA] => 1
*****************

HKU\S-1-5-21-46167276-2374577593-1786467520-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => Value deleted successfully.

==== End of Fixlog ====
         
Nachtrag:
Firefox und Adobe Flashplayer und Reader sind aktuell.
Internetexplorer behauptet auch aktuell zu sein, den würde ich aber eigentlich am liebsten loswerden, der macht immer nur Ärger, kann ich ihn nicht irgendwie entfernen?

Jetzt führe ich erst einmal noch alle anderen Anweisungen durch...

Hallo Schrauber!
Erstmal vielen Dank für deine Unterstützung!
Bin ich denn nun frei von allem?

Ich habe Malware Bytes ja breits installiert, hab hier auch auf der entsprechenden Seite nach den Einstellungen für meinen künftigen wöchentlichen Suchlauf nachgelesen, allerdings sieht das aktuelle Fenster ganz anders aus. Ich bräuchte da noch Nachhilfe.

Noscript habe ich auch als Add-On an Firefox installiert.

Gibt es noch einen allgemeinen 'Ich räum hier jetzt mal auf, obwohl ich keine Ahnung habe' Thread? Hilft im allgemeinen einfach mal Defragmentieren um auch die Windows C Partition mal wieder freier zu bekommen? Ich hätte da einfach mal ein par Fragen, grade wenn ich etwas deinstallieren will zB das tolle Micro Housecall habe ich mir geholt und finde nun einfach keine Möglichkeit es zu deinstallieren...naja diese Dinge eben.

Ich werde die Tage noch ein Lobeslied posten :-) Hatte nur nach dem ersten Neustart einen kurzen Bluescreen und will mal sehen ob sich alles normalisiert. Schreibe die Tage wenn sich alles erledigt hat.

Vielen Lieben Dank! Ich würde ja zum Danke mal ein par Muffins backen aber die passen so schlecht in die Code-Fenster :-/

Schrotterin
__________________
ICH HABS KOMMEN SEHEN

Antwort

Themen zu Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?
bild, clean, computer, dropper, entfernen, explorer, fehlermeldung, forum, gmer, log, malware, neu, nicht mehr, probleme, programme, scan, security, sicherheit, start, systemwiederherstellung, verdacht, vista, wenig ahnung, wichtig, windows, windows vista



Ähnliche Themen: Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?


  1. Windows 8 Virus mit Malwarebeytes entfernt, PC sicher?
    Plagegeister aller Art und deren Bekämpfung - 04.12.2014 (12)
  2. Windows 7 - TrojanDropper:Win32/Rotbrow.M bzw. L
    Log-Analyse und Auswertung - 15.01.2014 (9)
  3. Windows Vista: Ist der Computer nach dem BKA Trojaner nun wieder sicher?
    Log-Analyse und Auswertung - 06.01.2014 (11)
  4. TrojanDropper: Win32/Rotbrow.A-D
    Log-Analyse und Auswertung - 07.11.2013 (3)
  5. Trojan:Win32/Bublik.b vom MSEssentials entfernt. Ist das System jetzt sicher?
    Log-Analyse und Auswertung - 17.02.2012 (4)
  6. TrojanDropper:win32/srvdrop.A
    Plagegeister aller Art und deren Bekämpfung - 16.12.2011 (14)
  7. TrojanDropper:Win32/Sirefef.B --- Was tun?
    Plagegeister aller Art und deren Bekämpfung - 27.11.2011 (7)
  8. Exploit.PDF-JS.Gen,Trojan.Win32.GenericBT&Win32.BackdoorPoison entdeckt und entfernt - Logfile
    Log-Analyse und Auswertung - 20.09.2010 (11)
  9. Win32/Provis!rts, Win32/Ragterneb.A, Win32/Meredrop, Win32/VB.RC, TrojanDropper:Win32/Bamital.C
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (7)
  10. win32.trojandropper.joiner und win32.trojanproxy.ranky
    Log-Analyse und Auswertung - 31.07.2009 (21)
  11. TrojanDropper:Win32/MessengerSkinner
    Log-Analyse und Auswertung - 08.11.2008 (0)
  12. TrojanDropper:Win32/Mes
    Plagegeister aller Art und deren Bekämpfung - 13.09.2008 (1)
  13. Windows Vista Firewall sicher???
    Antiviren-, Firewall- und andere Schutzprogramme - 03.02.2008 (9)
  14. TrojanDownloader.Win32. IstBar.s + TrojanDropper.Win32. Dialex
    Plagegeister aller Art und deren Bekämpfung - 28.01.2004 (9)
  15. TrojanDropper.Win32.RunMe
    Plagegeister aller Art und deren Bekämpfung - 05.11.2003 (3)
  16. TrojanDropper.win32/softwar
    Plagegeister aller Art und deren Bekämpfung - 23.03.2003 (6)
  17. TrojanDropper.Win32.Launch
    Plagegeister aller Art und deren Bekämpfung - 01.02.2003 (0)

Zum Thema Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? - Liebes Forum und geschätze Helfer, Ich habe seit einigen Tagen regelmäßig die Fehlermeldung 'Explorer kann nicht mehr ausgeführt werden und muss geschlossen werden' erhalten obwohl kein Explorerfenster offen war. Danach - Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher?...
Archiv
Du betrachtest: Windows Vista: TrojanDropper:'Win32/Lecpetex.B entdeckt und entfernt' bin ich nun sicher? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.