Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015
Ran by *NAME* at 2015-05-06 13:40:40
Running from C:\Users\*NAME*\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2894447428-521936725-362015667-500 - Administrator - Disabled)
Gast (S-1-5-21-2894447428-521936725-362015667-501 - Limited - Enabled)
*NAME* (S-1-5-21-2894447428-521936725-362015667-1001 - Administrator - Enabled) => C:\Users\CAD
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.1.2 - 3Dconnexion)
3Dconnexion Add-In for AutoCAD 2007 - 2010 (Version: 4.6.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2015 (Version: 2.0.5 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (x64) (Version: 1.3.2 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.2 - 3Dconnexion) Hidden
3DxWinCore (x64) (Version: 17.1.2.10488 - 3Dconnexion) Hidden
ACDSee 5.0 PowerPack (HKLM-x32\...\{316B6021-BB9B-4200-BD7B-2B4634C2F356}) (Version: 5.0.0 - ACD Systems Ltd)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ArchiPHYSIK 12 aut (HKLM-x32\...\ArchiPHYSIK 12 aut) (Version: 12..0 - A-NULL Bauphysik GmbH, Wien, Austria)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
AutoCAD 2015 VBA Enabler (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD Electrical 2015 - Deutsch (German) (Version: 12.0.55.0 - Autodesk) Hidden
AutoCAD Electrical 2015 - Deutsch (German) (Version: 12.2.0.8 - Autodesk) Hidden
AutoCAD Electrical 2015 - Deutsch (German) SP1 (Version: 12.2.0.8 - Autodesk) Hidden
AutoCAD Electrical 2015 - Deutsch (German) SP2 (HKLM\...\AutoCAD Electrical 2015 - Deutsch (German) SP2) (Version: 12.2.0.8 - Autodesk)
AutoCAD Electrical 2015 Language Pack - Deutsch (German) (Version: 12.0.55.0 - Autodesk) Hidden
AutoCAD Mechanical 2015 - Deutsch (German) (Version: 19.0.206.0 - Autodesk) Hidden
AutoCAD Mechanical 2015 - Deutsch (German) (Version: 19.0.48.0 - Autodesk) Hidden
AutoCAD Mechanical 2015 - Deutsch (German) SP2 (HKLM\...\AutoCAD Mechanical 2015 - Deutsch (German) SP2) (Version: 1 - Autodesk)
AutoCAD Mechanical 2015 Language Pack - Deutsch (German) (Version: 19.0.48.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2015 VBA Enabler (HKLM\...\AutoCAD 2015 VBA Enabler) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Electrical 2015 - Deutsch (German) (HKLM\...\AutoCAD Electrical 2015 - Deutsch (German)) (Version: 12.0.55.0 - Autodesk)
Autodesk AutoCAD Electrical Mobile Data (HKLM-x32\...\{4F4C5027-2FAC-4863-AA12-5754FF226849}) (Version: 1.0.0 - Autodesk)
Autodesk AutoCAD Mechanical 2015 - Deutsch (German) (HKLM\...\AutoCAD Mechanical 2015 - Deutsch (German)) (Version: 19.0.48.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{78E2A54B-5F13-4286-9148-DAD8B823D485}) (Version: 4.33.6482 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{7B3A3142-5801-48F2-819B-515818EFE696}) (Version: 4.34.2701 - Autodesk)
Autodesk BIM 360 Navisworks Manage 2015 Add-in 64 bit (HKLM\...\{A254B429-1472-4B9C-BC9A-4E2CE74F2190}) (Version: 4.33.6482 - Autodesk)
Autodesk BIM 360 Navisworks Manage 2015 Add-in 64 bit (HKLM\...\{E0D028E7-5468-40AF-8F2D-4881D003F747}) (Version: 4.34.2701 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Inventor 2015 User Tools (HKLM\...\{55C7852C-E326-4227-9590-949843F2E744}) (Version: 7.0.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2015 (Desktop Content) (HKLM\...\{B46DECD1-1964-4EF1-0000-22D71E81877C}) (Version: 19.0.15900.0000 - Autodesk)
Autodesk Inventor Electrical Catalog Browser 2015 (HKLM\...\{CD301C75-E007-0407-8A4F-E62AF995F11C}) (Version: 12.0.55.0 - Autodesk)
Autodesk Inventor Professional 2015 - Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2015) (Version: 19.1.20300.0000 - Autodesk)
Autodesk Inventor Professional 2015 (Version: 19.1.20300.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2015 Language Pack - Deutsch (German) (Version: 19.0.15900.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2015 SP1 (HKLM\...\Autodesk Inventor Professional 2015 SP1RTM) (Version: 19.1.20300.0000 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.9.100 - Autodesk)
Autodesk Product Design Suite 2015 (HKLM\...\Autodesk Product Design Suite 2015) (Version: 4.0.102.007 - Autodesk)
Autodesk Product Design Suite 2015 (Version: 4.0.102.007 - Autodesk) Hidden
Autodesk Product Design Suite 2015 Language Pack (Version: 4.0.102.007 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\Autodesk Revit Interoperability for Inventor 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for Inventor 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Vault 2015 Service Pack 1 (Client) (HKLM\...\Autodesk Vault Basic 2015 (Client)_R19SP1) (Version: - Autodesk, Inc.)
Autodesk Vault Basic 2015 (Client) (HKLM\...\Autodesk Vault Basic 2015 (Client)) (Version: 19.1.13.0 - Autodesk)
Autodesk Vault Basic 2015 (Client) (Version: 19.1.13.0 - Autodesk) Hidden
Autodesk Vault Basic 2015 (Client) German Language Pack (Version: 19.0.49.0 - Autodesk) Hidden
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.11.100 - Autodesk, Inc.)
Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
Configurator 360 addin (HKLM-x32\...\{8FE324B0-B934-4D68-BAB5-DE2136036237}) (Version: 19.0.11300.9000 - Autodesk, Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2321 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.2725 - CyberLink Corp.)
DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) (HKLM\...\{2F7441CB-A646-41F1-B1CB-518AB311138B}) (Version: 5.1.2.0 - Granta Design Limited)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
GoToMeeting 6.4.12.2331 (HKU\S-1-5-21-779854708-3996167121-2897795797-1172\...\GoToMeeting) (Version: 6.4.12.2331 - CitrixOnline)
HP Performance Advisor (HKLM-x32\...\{8E3138D3-686D-4F77-A807-CFF5CAEC98D7}) (Version: 1.7.6530 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{23CCE784-A812-4647-AEFF-1DCCD4E57478}) (Version: 11.50.0000 - Hewlett-Packard Company)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.2.0 - Hewlett-Packard)
imagePROGRAF Status Monitor (HKLM-x32\...\{66392B7C-C522-450D-97B7-B3E41E170C3B}) (Version: 4.10 - Canon)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
iPF750 Media Configuration Tool (HKLM-x32\...\{DA08E681-106D-42BE-9B43-D4B7F736DBFA}) (Version: 3.64.00 - Canon)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JT2Go (HKLM-x32\...\{EAF3A581-2EE5-46BD-BFB0-2089821608AD}) (Version: 10.1.15028 - Siemens PLM Software)
Mathcad 15 F000 (HKLM-x32\...\{DC8F6C78-7231-44A2-B66E-6C4FCB3A3364}) (Version: 15.0.0.0 - PTC)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - de-de (HKLM\...\O365SmallBusPremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5026 (HKLM-x32\...\{761AB0B8-FC68-3AE2-B7D9-A0CC6F0ED045}) (Version: 9.0.30729.5026 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA nView 146.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.33 - NVIDIA Corporation)
NVIDIA WMI 2.20.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.20.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-XChange 2012 (HKLM\...\{504022CD-6A58-42D5-ACC9-966F695AAD93}_is1) (Version: 5.0.267.0 - Tracker Software Products Ltd)
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.0.266.0 - Tracker Software Products Ltd)
'PTC Places' Namespace Shell Extension (HKLM-x32\...\{C65ABF2A-1B82-4F34-8C74-E4FE373F3BE4}) (Version: 1.1.11 - PTC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5223 - CyberLink Corp.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.3.0 - Samsung Electronics)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Stahlschlüssel 2007 (HKLM-x32\...\{36002523-EB0B-11DA-8435-009027A6F7F8}) (Version: - )
Update 1 for Inventor 2015 Service Pack 1 (See readme for detail) (INV19110) (HKLM\...\Autodesk Inventor Professional 2015_19110) (Version: 1 - Autodesk)
Update 2 for Inventor 2015 Service Pack 1 (See readme for detail) (INV19120) (HKLM\...\Autodesk Inventor Professional 2015_19120) (Version: 1 - Autodesk)
Update 3 for Inventor 2015 Service Pack 1 (See readme for detail) (INV19130) (HKLM\...\Autodesk Inventor Professional 2015_19130) (Version: 1 - Autodesk)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Windchill ProductPoint Client Manager (HKLM-x32\...\{129024FF-A6C9-4696-91BC-570C6C05193A}) (Version: 1.1.187 - PTC)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\2015\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\2015\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\2015\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\2015\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\2015\Inventor 2015\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\2015\Inventor 2015\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\2015\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\2015\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{48A74AAC-E196-4AF0-9EC2-28C7C5150645}\InprocServer32 -> c:\Users\Public\Documents\Autodesk\Inventor 2015\SDK\UserTools\DrawingTools\Bin\DrawingTools.dll ()
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\2015\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\*NAME*\AppData\Roaming\ernden\berdis.dll () <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\2015\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\2015\Inventor 2015\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\2015\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\2015\Inventor 2015\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\2015\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\2015\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\2331\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\2015\Inventor 2015\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\2015\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\2015\Inventor 2015\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\2015\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\2015\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\2015\Inventor 2015\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\2015\Inventor 2015\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\2015\AutoCAD 2015\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\2015\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\2015\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\2015\Inventor 2015\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\2015\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\2015\Inventor 2015\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\2015\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-779854708-3996167121-2897795797-1172_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File
==================== Restore Points =========================
24-03-2015 08:56:07 Removed Java 8 Update 40
08-04-2015 08:11:27 Windows Update
08-04-2015 09:50:19 Revo Uninstaller's restore point - ArchiPHYSIK 11 aut
11-04-2015 12:30:23 Windows Update
15-04-2015 01:49:48 Windows Update
15-04-2015 03:00:11 Windows Update
18-04-2015 13:55:51 Windows Update
22-04-2015 00:11:37 Windows Update
22-04-2015 09:16:17 Revo Uninstaller's restore point - JT2Go
22-04-2015 09:18:05 Installed JT2Go.
25-04-2015 00:19:42 Windows Update
28-04-2015 01:02:56 Windows Update
04-05-2015 08:52:29 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-01 14:39 - 00000892 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0047D990-32A3-4743-9C16-F2CDE90559B6} - System32\Tasks\{2A486EC4-1A89-4107-A1D9-79242CB7DF4B} => pcalua.exe -a C:\Users\*NAME*\AppData\Roaming\Oracle\Java\Uninstall\UninstallJavaVersions.exe -d "C:\Portable Apps\PortableApps\FirefoxPortable\App\firefox" -c -remove 1.7.0_67:32
Task: {05607697-2CAF-42F0-9465-70E812791512} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [2014-06-23] (3Dconnexion, INC)
Task: {21EC8B28-7C81-44AF-820D-99EA0E245E16} - System32\Tasks\{A48601B8-0C32-4EA4-BDC3-BAD2E3B5164E} => pcalua.exe -a "C:\2015\Inventor 2015\Inventor2015ConnectSetup.exe" -d "C:\2015\Inventor 2015"
Task: {3956AAB4-91A3-402B-B37A-C81717B349A2} - System32\Tasks\{6156481B-CCE6-4A22-985F-5AD6E5CAAD1B} => pcalua.exe -a C:\Users\*NAME*\Downloads\Inventor2015ConnectSetup.exe -d C:\Users\*NAME*\Downloads
Task: {3C907C8B-B54C-4533-951E-FAF8868EA343} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {6EE83BD2-9293-4A71-9CE4-DB794159A882} - System32\Tasks\Core Temp Autostart CAD => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {7B168B2B-DC0D-4216-AF69-1B80CD27A309} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {81E4189D-21D5-42A4-809B-1E6D6FEF3DBB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {822B4ABE-3C32-4615-87D6-27A679BE9B34} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {ADC172C1-BB03-4351-9B79-404EEA80FC05} - System32\Tasks\G2MUpdateTask-S-1-5-21-779854708-3996167121-2897795797-1172 => C:\Program Files (x86)\Citrix\GoToMeeting\2331\g2mupdate.exe [2015-05-04] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B0DE8FB4-578D-4D70-AE19-015D45CE4154} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {07d4931b-8424-4072-8a2b-533ef1d23aa6} RECHNER01.office.local => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {B11F0678-3EBA-488B-9504-96453D59E39E} - System32\Tasks\{6E9EB1A9-C6AF-4DDF-A150-7515B5CA2E77} => pcalua.exe -a C:\Users\*NAM*~1\AppData\Local\Temp\jre-8u40-windows-au.exe -d "C:\Program Files (x86)\Java\jre1.8.0_31\bin" -c /installmethod=jau-m FAMILYUPGRADE=1
Task: {C19D6E93-00DD-477B-ACAA-C7376EB17A19} - System32\Tasks\Core Temp Autostart *NAME* => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-779854708-3996167121-2897795797-1172.job => C:\Program Files (x86)\Citrix\GoToMeeting\2331\g2mupdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-24 11:59 - 2015-03-13 21:41 - 03039376 _____ () C:\Windows\system32\nvwmi64.exe
2014-07-16 19:07 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-23 13:43 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-17 22:32 - 2014-11-17 22:32 - 00145920 _____ () C:\Users\*NAME*\AppData\Roaming\ernden\berdis.dll
2014-09-15 16:46 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-06-23 20:37 - 2014-06-23 20:37 - 00044544 _____ () C:\Windows\system32\SPWINI.dll
2014-10-02 08:43 - 2014-10-02 08:43 - 00012520 _____ () C:\Users\*NAME*\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-10-02 08:43 - 2014-10-02 08:43 - 00015080 _____ () C:\Users\*NAME*\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-10-02 08:43 - 2014-10-02 08:43 - 00014056 _____ () C:\Users\*NAME*\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2014-09-23 12:58 - 2007-09-02 13:58 - 00495616 _____ () C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe
2015-04-13 08:54 - 2015-04-13 08:54 - 00046080 _____ () C:\Users\*NAME*\AppData\Local\KeePass\PluginCache\Rdz49q3UFxP1Oq9fT5Hh\Fleck2.dll
2014-09-15 15:25 - 2015-04-10 10:56 - 00385968 _____ () C:\Portable Apps\PortableApps\KeePass portable\KeePass.XmlSerializers.dll
2014-07-15 18:35 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-07-15 18:35 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2013-11-04 21:29 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 21:34 - 2012-06-08 21:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-09-23 12:58 - 2007-09-02 13:57 - 00069632 _____ () C:\Portable Apps\PortableApps\RocketDock\RocketDock.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2015-05-06 08:38 - 2014-12-05 04:27 - 00104328 _____ () C:\Users\*NAME*\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2014-11-17 22:32 - 2014-11-17 22:32 - 00122880 _____ () C:\Users\*NAME*\AppData\Roaming\ernden\rewardca.dll
2015-05-06 08:38 - 2015-05-06 08:38 - 00029696 _____ () C:\Users\*NAME*\AppData\Local\Temp\nsa1C96.tmp\registry.dll
2015-05-06 08:38 - 2015-05-06 08:38 - 00008704 _____ () C:\Users\*NAME*\AppData\Local\Temp\nsa1C96.tmp\newadvsplash.dll
2015-05-06 08:38 - 2015-05-06 08:38 - 00011264 _____ () C:\Users\*NAME*\AppData\Local\Temp\nsa1C96.tmp\System.dll
2013-11-04 21:26 - 2013-07-11 01:16 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-06 09:35 - 2015-05-06 09:35 - 00011264 _____ () C:\Users\*NAME*\AppData\Local\Temp\nslE5AF.tmp\System.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00218112 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\System\libsoxr.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00467968 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\System\Encoders\libFLAC.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 01733120 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\System\Encoders\aimp_libvorbis.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00059976 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00160840 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\Plugins\aimp_cdda\aimp_cdda.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00159232 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\Plugins\aimp_sacd\libsacd.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00026624 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\Plugins\Aorta\Aorta.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00237568 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\Plugins\OptimFROG\OptimFROG.dll
2015-04-25 20:52 - 2015-04-25 20:52 - 00152648 _____ () C:\Portable Apps\PortableApps\AIMPPortable\App\AIMP\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-779854708-3996167121-2897795797-1172\...\chip.de -> hxxp://www.chip.de
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-779854708-3996167121-2897795797-1172\Control Panel\Desktop\\Wallpaper -> C:\Users\*NAME*\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.20
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{EF056D0E-6578-4E4B-BE08-34A78B41AC05}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{65123027-D71D-4532-87DF-F93CF81087AF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{0AC6D902-7655-4E13-979A-0B57E561517E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{A3C3E7EC-B41E-45C3-9E33-64B176A7FF25}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F47C1FE8-91DE-42AA-8758-07CE6139119B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{61AE2FF3-E900-4CA5-B795-9CEDCFCCCCC2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{62C82F3C-76F8-4F12-B0CC-6F44DD22A57E}] => (Allow) LPort=50248
FirewallRules: [{0B5152E8-1853-4034-BCD4-2857C64DA898}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{30CFF3CC-6359-448A-A2F1-C975EAD37BED}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B0AA2CAD-927C-44D2-B0A2-C6FC54EA8FB6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{8EA55079-6C16-4CB6-B7DD-5DF774F185D9}C:\2015\showcase 2015\bin\showcase.exe] => (Allow) C:\2015\showcase 2015\bin\showcase.exe
FirewallRules: [UDP Query User{B94B046D-FCE4-4C43-A093-57B17167D999}C:\2015\showcase 2015\bin\showcase.exe] => (Allow) C:\2015\showcase 2015\bin\showcase.exe
FirewallRules: [{32C2EC71-50AA-4D32-9204-CEB0B4509714}] => (Allow) \\SERVER\Software\Druckertreiber\CANON IPF 750\64bit\iPFSetup.exe
FirewallRules: [{2B619C45-9546-4E9E-83F7-3664DBC5E6B8}] => (Allow) \\SERVER\Software\Druckertreiber\CANON IPF 750\64bit\iPFSetup.exe
FirewallRules: [{E3E8B88B-AE26-4DFF-8808-FDD02A035497}] => (Allow) \\SERVER\Software\Druckertreiber\CANON IPF 750\64bit\iPFSetup.exe
FirewallRules: [{E649BC1C-7468-45BC-8C29-5D98C27743B7}] => (Allow) \\SERVER\Software\Druckertreiber\CANON IPF 750\64bit\iPFSetup.exe
FirewallRules: [{C0E71D27-E8F7-4975-AE57-574CD0303A13}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
FirewallRules: [{10308854-CE14-4011-96DC-E0040D14F61A}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
FirewallRules: [{AD652DDD-245F-4ECC-A39C-26D103F180EB}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
FirewallRules: [{F30676D6-93B7-4169-AC3A-BB7D73023165}] => (Allow) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
FirewallRules: [TCP Query User{A4405184-8485-4073-8A9D-A7E251E81E7E}C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{5FE15974-4907-4DF4-8F84-11D1E5CE87B1}C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [TCP Query User{4272C48E-BFA1-4743-B670-FBF3DA4C3C2E}C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{C5F7D05A-965D-45DE-970F-4D77A67782BA}C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\portable apps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [{6D57713E-36D0-4F7F-9FA8-BEFA96A6EEEA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{525F7463-DD75-4CDE-BD68-BD1114C4D4B0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{8356A772-C900-4F29-A5C1-866398CEAC8A}C:\portable apps\portableapps\counter-strike source\hl2.exe] => (Allow) C:\portable apps\portableapps\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{1B755C2B-C79C-4381-A92C-377F2AA29129}C:\portable apps\portableapps\counter-strike source\hl2.exe] => (Allow) C:\portable apps\portableapps\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{3FB4B3A0-85DB-4959-AEC7-E84057DDC518}E:\voss-cad-katalog\software\lic\x86\cnslocal.exe] => (Allow) E:\voss-cad-katalog\software\lic\x86\cnslocal.exe
FirewallRules: [UDP Query User{B32986F1-3068-474B-AD8B-03A9D064EAA0}E:\voss-cad-katalog\software\lic\x86\cnslocal.exe] => (Allow) E:\voss-cad-katalog\software\lic\x86\cnslocal.exe
FirewallRules: [{B73EAEC8-02AF-4466-B78C-D8D1F85387B9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{04C019B9-E904-4302-9743-0B05FCF85329}C:\portable apps\portableapps\cod4\iw3mp.exe] => (Allow) C:\portable apps\portableapps\cod4\iw3mp.exe
FirewallRules: [UDP Query User{E5AE3635-0F10-4CE9-AB5E-B4002014223C}C:\portable apps\portableapps\cod4\iw3mp.exe] => (Allow) C:\portable apps\portableapps\cod4\iw3mp.exe
FirewallRules: [TCP Query User{3CF64B4E-E756-4499-90ED-B2B0CB4FC36E}E:\privat\cod4 - patched\iw3mp.exe] => (Allow) E:\privat\cod4 - patched\iw3mp.exe
FirewallRules: [UDP Query User{6C595B7E-D47B-4045-BB79-806DA9233EC7}E:\privat\cod4 - patched\iw3mp.exe] => (Allow) E:\privat\cod4 - patched\iw3mp.exe
FirewallRules: [TCP Query User{74BAAFA3-DE21-48C4-B324-345B791570BF}E:\privat\cod4 - portable patched - de\iw3mp.exe] => (Allow) E:\privat\cod4 - portable patched - de\iw3mp.exe
FirewallRules: [UDP Query User{B669D25C-A8CD-4394-966B-304C17D3CE4F}E:\privat\cod4 - portable patched - de\iw3mp.exe] => (Allow) E:\privat\cod4 - portable patched - de\iw3mp.exe
FirewallRules: [TCP Query User{D5AE5F75-AEF9-4C29-BCCC-0F3B530866CD}E:\privat\cod4 - portable patched - en\iw3mp.exe] => (Allow) E:\privat\cod4 - portable patched - en\iw3mp.exe
FirewallRules: [UDP Query User{26F255A3-6918-46B8-8A59-690A950A8B94}E:\privat\cod4 - portable patched - en\iw3mp.exe] => (Allow) E:\privat\cod4 - portable patched - en\iw3mp.exe
FirewallRules: [TCP Query User{2533592D-75DF-415D-997D-ABD1A932C46E}E:\privat\cod 4 - modern warfare (portable) - unpatched\iw3mp.exe] => (Allow) E:\privat\cod 4 - modern warfare (portable) - unpatched\iw3mp.exe
FirewallRules: [UDP Query User{15410DF2-6842-4D64-83F9-C10323C4267C}E:\privat\cod 4 - modern warfare (portable) - unpatched\iw3mp.exe] => (Allow) E:\privat\cod 4 - modern warfare (portable) - unpatched\iw3mp.exe
FirewallRules: [TCP Query User{475B4788-6936-4768-9276-A86A102D115F}E:\privat\cod 4 - modern warfare (portable) - de- patched\iw3mp.exe] => (Allow) E:\privat\cod 4 - modern warfare (portable) - de- patched\iw3mp.exe
FirewallRules: [UDP Query User{F10BA5B5-9972-454C-9E1D-0953307F8392}E:\privat\cod 4 - modern warfare (portable) - de- patched\iw3mp.exe] => (Allow) E:\privat\cod 4 - modern warfare (portable) - de- patched\iw3mp.exe
FirewallRules: [TCP Query User{98B04019-8631-4923-AD55-C06CF183BE7B}C:\portable apps\portableapps\aimpportable\app\aimp\aimp3.exe] => (Allow) C:\portable apps\portableapps\aimpportable\app\aimp\aimp3.exe
FirewallRules: [UDP Query User{7A8CCF9B-B45E-4D47-B9AF-D7ECFAE59375}C:\portable apps\portableapps\aimpportable\app\aimp\aimp3.exe] => (Allow) C:\portable apps\portableapps\aimpportable\app\aimp\aimp3.exe
FirewallRules: [TCP Query User{8A03E15E-C718-462F-B063-E1227DDB89E5}C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{85BE244D-C575-46A7-98AB-7BB8E4026661}C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [{C11A66F7-9127-47E6-8C78-8BACD3F7E2A8}] => (Block) %ProgramFiles%\Internet Explorer\iexplore.exe
FirewallRules: [{9591FBED-6BA9-4C34-A492-02F2BF00528B}] => (Block) %ProgramFiles%\Internet Explorer\iexplore.exe
FirewallRules: [TCP Query User{5DA063AF-5256-47A4-BDC3-081DD5D517C6}E:\privat\firefoxportable\app\firefox\firefox.exe] => (Block) E:\privat\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{65E46646-AC6A-4394-BB9E-399BF98F0039}E:\privat\firefoxportable\app\firefox\firefox.exe] => (Block) E:\privat\firefoxportable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{A8C208C1-3421-4691-A735-6913C65C30CD}C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{EFD2AEBC-A867-45FD-B8D9-90B306E0F96D}C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) C:\portable apps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{C8C4590C-418F-4A8A-9F03-B9D8E4F600CF}C:\portable apps\portableapps\keepass portable\keepass.exe] => (Allow) C:\portable apps\portableapps\keepass portable\keepass.exe
FirewallRules: [UDP Query User{90F2764C-09CB-43EC-8586-0DB58DED2BC6}C:\portable apps\portableapps\keepass portable\keepass.exe] => (Allow) C:\portable apps\portableapps\keepass portable\keepass.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2015 08:42:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/06/2015 08:42:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/06/2015 08:42:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/06/2015 08:38:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netlogon.exe, Version: 2.0.0.0, Zeitstempel: 0x41e45945
Name des fehlerhaften Moduls: WBDEF44I.DLL, Version: 5.6.2.0, Zeitstempel: 0x41f16c57
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00049ee5
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0xnetlogon.exe0
Pfad der fehlerhaften Anwendung: netlogon.exe1
Pfad des fehlerhaften Moduls: netlogon.exe2
Berichtskennung: netlogon.exe3
Error: (05/04/2015 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/04/2015 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/04/2015 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/04/2015 09:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netlogon.exe, Version: 2.0.0.0, Zeitstempel: 0x41e45945
Name des fehlerhaften Moduls: WBDEF44I.DLL, Version: 5.6.2.0, Zeitstempel: 0x41f16c57
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00049ec9
ID des fehlerhaften Prozesses: 0xda4
Startzeit der fehlerhaften Anwendung: 0xnetlogon.exe0
Pfad der fehlerhaften Anwendung: netlogon.exe1
Pfad des fehlerhaften Moduls: netlogon.exe2
Berichtskennung: netlogon.exe3
Error: (05/04/2015 08:46:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/04/2015 08:46:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (05/06/2015 08:37:58 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.05.2015 um 08:36:13 unerwartet heruntergefahren.
Error: (05/05/2015 05:32:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (05/05/2015 11:21:49 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 11:21:49 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 11:21:33 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 11:21:33 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 11:21:33 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 08:28:33 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 08:28:33 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (05/05/2015 08:28:32 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (05/06/2015 08:42:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (05/06/2015 08:42:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (05/06/2015 08:42:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (05/06/2015 08:38:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: netlogon.exe2.0.0.041e45945WBDEF44I.DLL5.6.2.041f16c57c000000500049ee5e1401d087c7447de55c\\Server\netlogon\netlogon.exe\\Server\netlogon\WBDEF44I.DLL842c025f-f3ba-11e4-994c-a0d3c121c60b
Error: (05/04/2015 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (05/04/2015 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (05/04/2015 09:29:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (05/04/2015 09:25:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: netlogon.exe2.0.0.041e45945WBDEF44I.DLL5.6.2.041f16c57c000000500049ec9da401d0863b6d930d0c\\Server\netlogon\netlogon.exe\\Server\netlogon\WBDEF44I.DLLac80a6b2-f22e-11e4-8505-a0d3c121c60b
Error: (05/04/2015 08:46:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (05/04/2015 08:46:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
CodeIntegrity Errors:
===================================
Date: 2015-01-12 10:37:43.091
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-07 13:14:30.598
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-07 09:50:19.116
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-07 08:07:54.623
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-07 07:58:47.164
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-06 09:14:20.681
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-06 09:07:05.463
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-06 08:27:02.899
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-06 07:42:17.387
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-06 07:05:10.868
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E5-1620 v2 @ 3.70GHz
Percentage of memory in use: 12%
Total physical RAM: 32696.11 MB
Available physical RAM: 28699.71 MB
Total Pagefile: 65390.42 MB
Available Pagefile: 61076.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:164.75 GB) (Free:22.09 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:58.59 GB) (Free:26.95 GB) NTFS
Drive e: (HDD) (Fixed) (Total:465.76 GB) (Free:81.75 GB) NTFS
Drive n: (System) (Network) (Total:1115.5 GB) (Free:414.73 GB) NTFS
Drive o: (System) (Network) (Total:1115.5 GB) (Free:414.73 GB) NTFS
Drive q: (System) (Network) (Total:1115.5 GB) (Free:414.73 GB) NTFS
Drive s: (System) (Network) (Total:1115.5 GB) (Free:414.73 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 8434AE9E)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 46F349D8)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-06 15:32:26
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000006a ATA_____ rev.B710 223,57GB
Running: Gmer-19357.exe; Driver: C:\Users\*NAM*~1\AppData\Local\Temp\pwlcafow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000104c00 7 bytes [00, 93, F3, FF, 41, A4, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000104c08 3 bytes [00, 07, 02]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076951401 2 bytes JMP 752fb1ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076951419 2 bytes JMP 752fb31a C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076951431 2 bytes JMP 75378f09 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007695144a 2 bytes CALL 752d4885 C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000769514dd 2 bytes JMP 75378802 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000769514f5 2 bytes JMP 753789d8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007695150d 2 bytes JMP 753786f8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076951525 2 bytes JMP 75378ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007695153d 2 bytes JMP 752efc78 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076951555 2 bytes JMP 752f68bf C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007695156d 2 bytes JMP 75378fc1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076951585 2 bytes JMP 75378b22 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007695159d 2 bytes JMP 753786bc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000769515b5 2 bytes JMP 752efd11 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000769515cd 2 bytes JMP 752fb2b0 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000769516b2 2 bytes JMP 75378e84 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe[1872] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000769516bd 2 bytes JMP 75378651 C:\Windows\syswow64\KERNEL32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076951401 2 bytes JMP 752fb1ef C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076951419 2 bytes JMP 752fb31a C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076951431 2 bytes JMP 75378f09 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007695144a 2 bytes CALL 752d4885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769514dd 2 bytes JMP 75378802 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769514f5 2 bytes JMP 753789d8 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007695150d 2 bytes JMP 753786f8 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076951525 2 bytes JMP 75378ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007695153d 2 bytes JMP 752efc78 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076951555 2 bytes JMP 752f68bf C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007695156d 2 bytes JMP 75378fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076951585 2 bytes JMP 75378b22 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007695159d 2 bytes JMP 753786bc C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769515b5 2 bytes JMP 752efd11 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769515cd 2 bytes JMP 752fb2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769516b2 2 bytes JMP 75378e84 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\RocketDock\RocketDock.exe[4256] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769516bd 2 bytes JMP 75378651 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076951401 2 bytes JMP 752fb1ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076951419 2 bytes JMP 752fb31a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076951431 2 bytes JMP 75378f09 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007695144a 2 bytes CALL 752d4885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769514dd 2 bytes JMP 75378802 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769514f5 2 bytes JMP 753789d8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007695150d 2 bytes JMP 753786f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076951525 2 bytes JMP 75378ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007695153d 2 bytes JMP 752efc78 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076951555 2 bytes JMP 752f68bf C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007695156d 2 bytes JMP 75378fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076951585 2 bytes JMP 75378b22 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007695159d 2 bytes JMP 753786bc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769515b5 2 bytes JMP 752efd11 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769515cd 2 bytes JMP 752fb2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769516b2 2 bytes JMP 75378e84 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\iexplore.exe[4288] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769516bd 2 bytes JMP 75378651 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\kernel32.dll!CreateProcessW 00000000752d103d 5 bytes JMP 00000001035c92b2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\advapi32.DLL!RegQueryValueExW 00000000761a462d 5 bytes JMP 00000001035ca963
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\user32.DLL!SetWindowPos 00000000753e8e4e 5 bytes JMP 00000001035c92eb
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\user32.DLL!ShowWindow 00000000753f0dfb 5 bytes JMP 00000001035c9330
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\user32.DLL!MessageBeep 00000000753fc036 5 bytes JMP 00000001035cac9d
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\user32.DLL!SetForegroundWindow 000000007540f170 5 bytes JMP 00000001035c92e6
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076951401 2 bytes JMP 752fb1ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076951419 2 bytes JMP 752fb31a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076951431 2 bytes JMP 75378f09 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007695144a 2 bytes CALL 752d4885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769514dd 2 bytes JMP 75378802 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769514f5 2 bytes JMP 753789d8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007695150d 2 bytes JMP 753786f8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076951525 2 bytes JMP 75378ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007695153d 2 bytes JMP 752efc78 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076951555 2 bytes JMP 752f68bf C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007695156d 2 bytes JMP 75378fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076951585 2 bytes JMP 75378b22 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007695159d 2 bytes JMP 753786bc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769515b5 2 bytes JMP 752efd11 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769515cd 2 bytes JMP 752fb2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769516b2 2 bytes JMP 75378e84 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[6476] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769516bd 2 bytes JMP 75378651 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076951401 2 bytes JMP 752fb1ef C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076951419 2 bytes JMP 752fb31a C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076951431 2 bytes JMP 75378f09 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007695144a 2 bytes CALL 752d4885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769514dd 2 bytes JMP 75378802 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769514f5 2 bytes JMP 753789d8 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007695150d 2 bytes JMP 753786f8 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076951525 2 bytes JMP 75378ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007695153d 2 bytes JMP 752efc78 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076951555 2 bytes JMP 752f68bf C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007695156d 2 bytes JMP 75378fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076951585 2 bytes JMP 75378b22 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007695159d 2 bytes JMP 753786bc C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769515b5 2 bytes JMP 752efd11 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769515cd 2 bytes JMP 752fb2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769516b2 2 bytes JMP 75378e84 C:\Windows\syswow64\kernel32.dll
.text C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769516bd 2 bytes JMP 75378651 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076951401 2 bytes JMP 752fb1ef C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076951419 2 bytes JMP 752fb31a C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076951431 2 bytes JMP 75378f09 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007695144a 2 bytes CALL 752d4885 C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769514dd 2 bytes JMP 75378802 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769514f5 2 bytes JMP 753789d8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007695150d 2 bytes JMP 753786f8 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076951525 2 bytes JMP 75378ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007695153d 2 bytes JMP 752efc78 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076951555 2 bytes JMP 752f68bf C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007695156d 2 bytes JMP 75378fc1 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076951585 2 bytes JMP 75378b22 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007695159d 2 bytes JMP 753786bc C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769515b5 2 bytes JMP 752efd11 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769515cd 2 bytes JMP 752fb2b0 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769516b2 2 bytes JMP 75378e84 C:\Windows\syswow64\kernel32.dll
.text C:\Users\*NAME*\Desktop\Gmer-19357.exe[6560] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769516bd 2 bytes JMP 75378651 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [6476:3916] 00000000035cae96
---- Processes - GMER 2.1 ----
Library C:\Users\*NAME*\AppData\Roaming\ernden\berdis.dll (*** suspicious ***) @ C:\Program Files\Internet Explorer\IEXPLORE.EXE [4668] 000007feef970000
Library C:\Users\*NAME*\AppData\Roaming\ernden\rewardca.dll (*** suspicious ***) @ C:\Portable Apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe [5636](2014-11-17 20:32:20) 000000006c140000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
|
Hinweis: