| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
04.05.2015, 21:11
| #1 |
| |  Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-05-2015
Ran by Karl (administrator) on R101040 on 04-05-2015 22:00:34
Running from C:\Users\Karl\Desktop
Loaded Profiles: Karl (Available profiles: Karl)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Akamai Technologies, Inc.) C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Akamai Technologies, Inc.) C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\klwtblfs.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Unattend0000000001{70EB91E7-FAAB-44A4-BA19-C0A45B228BC0}] => C:\Windows\test.bat
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [163840 2008-03-26] (Alps Electric Co., Ltd.)
HKLM\...\Run: [VeriFaceManager] => C:\Program Files\Lenovo\VeriFace\PManage.exe
HKLM\...\Run: [UpdateP2GShortCut] => C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4097864 2009-04-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064520 2009-06-25] (Lenovo (Beijing) Limited)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1089536 2008-02-19] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [86016 2007-12-21] (Brother Industries, Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-15] (Google Inc.)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [Akamai NetSession Interface] => C:\Users\Karl\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Run: [Seafile] => C:\Program Files\Seafile\bin\seafile-applet.exe [2429466 2014-05-12] ()
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\MountPoints2: G - G:\LaunchU3.exe
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\MountPoints2: {f1eb68e5-9b82-11de-8f3c-806e6f6e6963} - E:\aoesetup.exe /autorun
HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\MountPoints2: {f9d2178e-e749-11df-9c4f-002622093d48} - G:\LaunchU3.exe
Startup: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2010-06-24]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Karl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-05-10]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2011-02-04] (Autodesk, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-295811439-4261906240-936036311-1004] => proxy.stusta.mhn.de:3130
AutoConfigURL: [S-1-5-21-295811439-4261906240-936036311-1004] => hxxp://wpad.stusta.mhn.de/proxy.pac
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/webhp?sourceid=navclient&hl=de&ie=UTF-8
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ub.tum.de/
hxxp://www.engineering.mse.tum.de/
https://campus.tum.de/tumonline/webnav.ini
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www2.delta-search.com/?affID=120519&babsrc=HP_ss&mntrId=B6370026820E3B95
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF1A18780-B3CC-4E2F-A1EE-0A46CA4BEA3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF1A18780-B3CC-4E2F-A1EE-0A46CA4BEA3E&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B6370026820E3B95&affID=127912&tsp=5142
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b6379cca0000000000000026820e3b95&tlver=1.4.19.19&ss=1&affID=17395
SearchScopes: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> {FD6D2DE9-BC85-44ED-B54C-DC44B76543FF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8E50A152-DDD2-49F5-85E6-4922167AA496&apn_sauid=969A02E4-7197-4432-B1EA-1CDC6B0572C5&
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-11-02] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Windows Live Toolbar Helper -> {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -> C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Toolbar: HKLM - Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-13] (Microsoft Corporation)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-13] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-295811439-4261906240-936036311-1004 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Tcpip\..\Interfaces\{268C76BF-EA06-4C57-91E4-B054E7FB15A8}: [NameServer] 10.150.127.2,10.150.125.2
FireFox:
========
FF ProfilePath: C:\Users\Karl\AppData\Roaming\Mozilla\Firefox\Profiles\ggma9nae.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll [2014-07-04] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-02] ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-02] ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-02] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Karl\AppData\Roaming\Mozilla\Firefox\Profiles\ggma9nae.default\user.js [2014-11-02]
FF Extension: Adblock Plus - C:\Users\Karl\AppData\Roaming\Mozilla\Firefox\Profiles\ggma9nae.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-01-02]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-11-02]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-11-02]
FF HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Firefox\Extensions: [freegames4357@BestOffers] - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers
FF Extension: Free Games 111 - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers [2014-01-29]
FF HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\Karl\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-01-29]
Chrome:
=======
CHR Profile: C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-04-25]
CHR Extension: (Safe Money) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-04-25]
CHR Extension: (Virtual Keyboard) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-04-25]
CHR Extension: (Anti-Banner) - C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-04-25]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-04-22] (Flexera Software, Inc.)
R2 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited) [File not signed]
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [379968 2009-05-06] (Lenovo Group Limited) [File not signed]
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [412736 2009-05-06] (Lenovo Group Limited) [File not signed]
R2 mitsijm2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [579384 2010-12-08] (Autodesk, Inc.)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [270336 2007-04-11] (Lenovo Group Limited) [File not signed]
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [98304 2008-02-15] (Lenovo Group Limited) [File not signed]
R2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [430080 2008-09-27] (Lenovo Group Limited) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [14848 2009-01-06] (Lenovo Corporation)
R3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [1273640 2009-05-22] (Bison Electronics. Inc. )
R1 funfrm; C:\Windows\system32\Drivers\funfrm.sys [48192 2009-09-07] () [File not signed]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112136 2014-11-02] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [34400 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [644808 2014-11-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [24672 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
S3 RTL2832UBDA; C:\Windows\System32\drivers\RTL2832UBDA.sys [188392 2010-07-01] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\System32\Drivers\RTL2832UUSB.sys [32872 2010-07-01] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832U_IRHID; C:\Windows\System32\DRIVERS\RTL2832U_IRHID.sys [37280 2009-07-13] (Realtek)
R0 Wdkbdmou; C:\Windows\System32\DRIVERS\Wdkbdmou.sys [8832 2009-03-03] ()
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [8832 2009-03-03] (Windows (R) Codename Longhorn DDK provider)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-01-10] (CyberLink)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-04 22:00 - 2015-05-04 22:02 - 00025640 _____ () C:\Users\Karl\Desktop\FRST.txt
2015-05-04 21:59 - 2015-05-04 22:00 - 00000000 ____D () C:\FRST
2015-05-04 21:58 - 2015-05-04 21:58 - 01140736 _____ (Farbar) C:\Users\Karl\Desktop\FRST.exe
2015-04-16 21:47 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 21:38 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 21:36 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 21:36 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 21:36 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 21:36 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 21:36 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 23:09 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 23:09 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 23:09 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 23:09 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 23:09 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 23:09 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 23:09 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 23:09 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 23:09 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 23:09 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 23:08 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 23:08 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 23:08 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-07 16:19 - 2015-04-07 22:28 - 01661553 ____H () C:\Users\Karl\Desktop\~WRL0005.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-04 21:31 - 2011-11-05 19:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-04 21:26 - 2009-09-07 09:52 - 02082539 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 21:25 - 2010-11-15 15:40 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-04 21:25 - 2009-07-21 07:43 - 00000270 _____ () C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2015-05-04 18:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-04 18:42 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-04 14:19 - 2010-11-15 15:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 14:18 - 2014-10-22 10:38 - 00000000 ___RD () C:\Users\Karl\Desktop\Studium
2015-05-04 14:18 - 2012-11-05 09:30 - 00000000 ___RD () C:\Users\Karl\Desktop\Privat
2015-05-04 13:12 - 2012-10-29 21:16 - 00000540 _____ () C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job
2015-05-04 12:11 - 2009-07-21 07:40 - 00000056 ___SH () C:\_PartitionInfo
2015-05-04 12:11 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-30 09:15 - 2006-11-02 15:01 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-17 17:35 - 2006-11-02 14:52 - 00290031 _____ () C:\Windows\setupact.log
2015-04-17 16:37 - 2009-09-07 10:09 - 00074360 _____ () C:\Windows\system32\ICAutoUpdate.log.bak
2015-04-16 21:47 - 2013-07-15 09:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 21:44 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 21:38 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-16 21:37 - 2009-07-21 07:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 21:34 - 2006-11-02 12:33 - 01600262 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2009-12-28 13:41 - 2015-02-03 23:38 - 0001356 _____ () C:\Users\Karl\AppData\Local\d3d9caps.dat
2009-12-28 14:02 - 2015-02-10 00:19 - 0016896 _____ () C:\Users\Karl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-05 19:20 - 2011-11-05 19:20 - 0017408 _____ () C:\Users\Karl\AppData\Local\WebpageIcons.db
2010-11-15 15:42 - 2010-11-15 15:42 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-12-29 15:52 - 2009-12-29 15:52 - 0000088 _____ () C:\ProgramData\profile.xml
Some content of TEMP:
====================
C:\Users\Karl\AppData\Local\Temp\0grcjodk.dll
C:\Users\Karl\AppData\Local\Temp\AcDeltree.exe
C:\Users\Karl\AppData\Local\Temp\ApnStub.exe
C:\Users\Karl\AppData\Local\Temp\dlLogic.exe
C:\Users\Karl\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Karl\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Karl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqlg8sk.dll
C:\Users\Karl\AppData\Local\Temp\fdminst.exe
C:\Users\Karl\AppData\Local\Temp\GoogleToolbarInstaller.exe
C:\Users\Karl\AppData\Local\Temp\h153adw5.dll
C:\Users\Karl\AppData\Local\Temp\i4jdel0.exe
C:\Users\Karl\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Karl\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Karl\AppData\Local\Temp\nsg9F14.exe
C:\Users\Karl\AppData\Local\Temp\nsh7824.exe
C:\Users\Karl\AppData\Local\Temp\nsr8D77.exe
C:\Users\Karl\AppData\Local\Temp\setup.exe
C:\Users\Karl\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Karl\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Karl\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Karl\AppData\Local\Temp\swt-xulrunner-win32-3448.dll
C:\Users\Karl\AppData\Local\Temp\uninstall.exe
C:\Users\Karl\AppData\Local\Temp\_isE6F7.exe
C:\Users\Karl\AppData\Local\Temp\{91B2FEB5-9672-444C-8882-46212E1EDB7B}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 12:19
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-05-2015
Ran by Karl at 2015-05-04 22:02:43
Running from C:\Users\Karl\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-295811439-4261906240-936036311-500 - Administrator - Disabled)
Gast (S-1-5-21-295811439-4261906240-936036311-501 - Limited - Enabled)
Karl (S-1-5-21-295811439-4261906240-936036311-1004 - Administrator - Enabled) => C:\Users\Karl
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Akamai) (Version: - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
AutoCAD 2012 - Deutsch (HKLM\...\AutoCAD 2012 - Deutsch) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Deutsch (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Deutsch (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Design Review 2012 (HKLM\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1632-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk)
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion Plugin for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion Plugin for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Professional 2012 (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2012 Deutsch (HKLM\...\Autodesk Inventor Professional 2012) (Version: 16.0.16000.0000 - Autodesk)
Autodesk Inventor Professional 2012 Language Pack - Deutsch (Version: 16.0.16000.0000 - Autodesk) Hidden
Autodesk Material Library 2012 (HKLM\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Vault 2012 (Client) (HKLM\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.)
Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden
Broadcom Gigabit Integrated Controller (HKLM\...\{9E325417-AE9C-4EE1-A158-13DF451A5987}) (Version: 11.44.04 - Broadcom Corporation)
Broadcom WLAN (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 5.10.38.14 Round2 - Lenovo Electronics Inc.)
Brother MFL-Pro Suite MFC-290C (HKLM\...\{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}) (Version: 1.1.8.0 - Brother Industries, Ltd.)
BrowserProtect (HKLM\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - ) <==== ATTENTION
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.16.0 - Conexant)
Dropbox (HKU\S-1-5-21-295811439-4261906240-936036311-1004\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk)
DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden
Eco Materials Adviser (HKLM\...\{207780D5-A515-4E79-B7C2-E4D32F8A6CA1}) (Version: 1.32.0.0 - Granta Design Limited)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.1.1.8 - Lenovo)
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
ISO to USB (HKLM\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Java(TM) SE Development Kit 6 Update 37 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160370}) (Version: 1.6.0.370 - Oracle)
Kaspersky Internet Security (HKLM\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.32.1018.17 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 6.0.3004 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 6.0.3004 - CyberLink Corp.) Hidden
Lenovo ReadyComm 5.0 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.0.0.15 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Lenovo System Repair - Windows Update Monitor (HKLM\...\{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}) (Version: 1.3.0.3030 - Lenovo)
MATLAB R2012b (HKLM\...\Matlab R2012b) (Version: 8.0 - The MathWorks, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7FB12670-0F93-4E1E-B2F5-4F339199A03A}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{849A32C3-E75A-4791-9B11-E568BA3525A4}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetBeans IDE 7.2.1 (HKLM\...\nbi-nb-base-7.2.1.0.201210100934) (Version: 7.2.1 - NetBeans.org)
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Paint.NET v3.5.2 (HKLM\...\{4F77F6EE-2C99-49F7-940A-2E9C208C3BE1}) (Version: 3.52.0 - dotPDN LLC)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d1 - CyberLink Corp.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20132 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1632-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk)
Seafile 3.0.4 (HKLM\...\{0D56A3F4-7600-4280-91F8-0CDC43D5BFE3}) (Version: 3.0.4 - HaiWenHuZhi ltd.)
Secure Download Manager (HKLM\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Skype Toolbars (HKLM\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4137 - Skype Technologies S.A.)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.4035.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Paradigm 11.1 (HKLM\...\1106-5897-7327-6550) (Version: 11.1 - Visual Paradigm International Ltd.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Windows Live Toolbar (HKLM\...\Windows Live Toolbar) (Version: 03.01.0130 - Microsoft Corporation)
wx-devcpp 6.10.2 (4.9.9.2) (HKLM\...\wx-devcpp) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{17A14094-F274-44E2-B54B-FC0E966AE5C7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxClientSink.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{2D5C6B27-86B3-4E81-9F8B-9C68887F5BE6}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\LUxUIMgr.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{714D325C-E9CE-44ab-A72A-36BB410BA19B}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\FEAFilesHandler.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\UCxTextBtn.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorMarshal.Dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ColorButton.ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - Deutsch\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Compatibility\Bin\DbxBridgePS.Dll ()
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karl\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2012\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll No File
CustomCLSID: HKU\S-1-5-21-295811439-4261906240-936036311-1004_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll No File
==================== Restore Points =========================
04-04-2015 19:09:14 Geplanter Prüfpunkt
07-04-2015 10:29:37 Windows Update
08-04-2015 20:55:52 Geplanter Prüfpunkt
10-04-2015 21:51:45 Windows Update
12-04-2015 12:08:09 Geplanter Prüfpunkt
14-04-2015 16:44:05 Windows Update
16-04-2015 21:27:34 Windows Update
22-04-2015 17:17:51 Windows Update
24-04-2015 15:54:54 Geplanter Prüfpunkt
30-04-2015 09:12:36 Windows Update
04-05-2015 12:25:26 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {013927B3-D7E0-4013-B6FD-DD710CC803C2} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {0210312E-31AC-4CC0-9213-E1EB17C6AEE5} - System32\Tasks\MATLAB R2012b Startup Accelerator => C:\Users\Karl\Desktop\Matlab1\bin\win32\MATLABStartupAccelerator.exe [2012-07-20] ()
Task: {0D685AFE-0420-4CC3-AA63-434226609FD8} - System32\Tasks\{921DA5AA-9244-4DD9-BB01-FBAADABF5A5A} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {3E090486-33EB-4CB7-B082-EAA711FCDAA3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Karl => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-10] (Microsoft Corporation)
Task: {605B1BD9-6B49-4420-A1FD-D65D606AE193} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {64AD004E-3727-4CC5-B994-A2283377B6E1} - System32\Tasks\{6BA5BED7-7BB4-4C18-A73A-6D8B7F863B17} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.0.105/de/abandoninstall?source=lightinstaller&page=tsBing
Task: {672580C1-C873-4085-860E-E68100E6C429} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {6EBE9B99-FBED-4DAC-9581-37F9A6DD7228} - System32\Tasks\{AF3F3C59-34F9-4128-BEAD-12DA23D2E03A} => pcalua.exe -a "C:\Users\Karl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIC64X29\matlab_R2012b_win64_installer[1].exe" -d C:\Users\Karl\Desktop
Task: {6F56C736-552E-44D8-8AA9-6C69078A2E82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {7CC2965C-D8F3-465A-AADE-5DA7E772915F} - System32\Tasks\{7D96C5AB-32DC-4D22-8313-4C32AAE8ADD1} => C:\Program Files\Skype\\Phone\Skype.exe [2015-01-23] (Skype Technologies S.A.)
Task: {83873325-BAA4-48B2-B58B-D2D7F6DF93B4} - System32\Tasks\{F5E56337-AD1C-421A-9A32-E921972477E2} => pcalua.exe -a "C:\Program Files\phase-6\phase-6\uninstall.exe" -d "C:\Program Files\phase-6\phase-6"
Task: {A2F98BFD-9909-43AB-9B64-AEC0BE4D8EAA} - System32\Tasks\{DCCAE805-721A-4B18-BFD6-855F5B588F02} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.0.0.156.259/en/abandoninstall?page=tsChrome&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-installed;madedefault
Task: {BA94EE03-705C-4CB8-82A7-B336F51704C1} - System32\Tasks\{B2BA1B4E-8C8F-4059-B964-DD031C4CCEC1} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {E285928D-843E-4483-B7A9-676FB21A9C3C} - System32\Tasks\{BF294347-4C09-42FB-8B76-C01764F9648B} => pcalua.exe -a "C:\Users\Karl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HF6M2BQ3\matlab_R2012b_win64_installer[1].exe" -d C:\Users\Karl\Desktop
Task: {EAF8E065-15FA-43AE-911A-D2BD82083FF0} - System32\Tasks\Auf Updates für Windows Live Toolbar prüfen => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-13] (Microsoft Corporation)
Task: {F0AD3425-EC0E-46D4-883C-58110C6BE006} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job => C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2012b Startup Accelerator.job => C:\Users\Karl\Desktop\Matlab1\bin\win32\MATLABStartupAccelerator.exe
==================== Loaded Modules (whitelisted) ==============
2011-05-23 10:41 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-11-13 09:12 - 2013-11-13 09:12 - 00024064 _____ () C:\Windows\System32\ssm4mlm.dll
2011-02-02 14:08 - 2011-02-02 14:08 - 00018656 _____ () C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
2014-03-06 16:00 - 2014-03-06 16:00 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2009-07-21 07:35 - 2008-01-04 04:23 - 00167936 _____ () C:\Program Files\Lenovo\OneKey App\System Repair\LenovoAPI.dll
2009-09-07 10:13 - 2008-12-20 12:20 - 00063304 _____ () C:\Program Files\Lenovo\Energy Management\kbdhook.dll
2009-09-07 10:13 - 2008-12-20 12:20 - 00051016 _____ () C:\Program Files\Lenovo\Energy Management\HookLib.dll
2011-01-17 16:19 - 2011-05-10 22:06 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-11-10 21:30 - 2014-11-10 21:31 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-20 02:42 - 2014-11-02 18:03 - 00642344 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 02:42 - 2014-04-20 02:42 - 00468672 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 02:42 - 2014-04-20 02:42 - 00347328 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-295811439-4261906240-936036311-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Karl\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 10.150.127.2 - 10.150.125.2
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{6CF18113-FBCF-46E1-AE80-130A015E962C}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{526C9A6B-E4A2-4F2B-A7BF-F16DBADFAB19}] => (Allow) C:\Windows\System32\IgrsSvcs.exe
FirewallRules: [{7DB374B0-447B-414F-9AAD-6DE9651B9841}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{95EF95CB-ED23-4B89-A141-43FBFC50F665}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{6566DB88-F3D7-46E5-9472-14EE535F114C}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyCom.exe
FirewallRules: [{767CB0F8-5467-4C2B-A29A-47EFC6714335}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ReadyComm.exe
FirewallRules: [{6ED7CEA3-D71A-4AB4-A384-315540BFAD79}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{00793C23-8D82-41F3-AF50-DA78D23908A8}] => (Allow) C:\Program Files\Lenovo\ReadyComm\Projectionist.exe
FirewallRules: [{5620F4BB-9324-4BC3-BD26-5E1ADF6248FB}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{FB90F1A3-539B-486A-9977-13E0CCED7B1A}] => (Allow) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
FirewallRules: [{AB17A295-A272-47C1-B5E6-C6B1BDAE0E4A}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{8128328E-A38B-4D12-A348-5431EE8F7B0D}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
FirewallRules: [{5994BD88-8814-4461-ADFB-77E96EB3D95F}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ThreeGService.exe
FirewallRules: [{6488006E-F1F9-4D38-A813-7FB3AB3A1A59}] => (Allow) C:\Program Files\Lenovo\ReadyComm\ThreeGService.exe
FirewallRules: [{C8A2066C-39A2-4AED-B136-98D782A56652}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{5D4C6E8C-A115-44F2-ADE6-5BFCDEB6E28D}] => (Allow) C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
FirewallRules: [{B2D394F4-9CDA-45C6-8130-6A7C32B04046}] => (Allow) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{35A40F2F-F304-48BD-B3DA-5E3B7890C286}] => (Allow) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{B651EBF2-60B5-4823-9245-388BE236097B}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{65B5497B-3715-4893-811C-C42DFC31AF86}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{4C1829F4-D781-4227-AC8F-CAF18E6913A4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E20950FF-8EB2-42A5-96F9-B8CD1EB67936}] => (Allow) LPort=80
FirewallRules: [{913FAA9D-963C-4C5E-812E-A150EBB137CC}] => (Allow) LPort=80
FirewallRules: [{0FB3CE80-5404-43D3-9717-09A69CACF6F4}] => (Allow) LPort=80
FirewallRules: [{CD143F39-3FE2-4347-93B9-0AF69EE1033B}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{724EE0D2-9E29-4572-88F0-066AEB76B59F}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{70CBD1D1-7796-40D7-85DB-2EF2275CF1E3}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CC82BDAB-87C8-47FF-B1FB-596B8C5E9E44}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FE6510F-7271-4510-9DCB-80A105DFF8E3}] => (Allow) C:\Users\Karl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{ABC1E165-39DB-4D98-8282-2449AA0C8A0E}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{DD8574B8-AD7B-4323-BE9E-0E753F2604C9}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{F6E1DEA8-C66E-42C9-A649-943CF10AFF5A}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{DDBA055D-C43E-4CF2-A007-A6C199B20B47}C:\users\karl\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\karl\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{863E6C01-7EC7-43A6-B636-E4065B205E30}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{656FBB8D-9232-4F03-82D1-4776A6A24C15}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{7279DE03-40DB-4D51-9E24-DC59AFEA64C4}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{DB961D5A-8EE6-4B05-81B0-01288970AD1D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files\microsoft games\age of empires ii\empires2.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/04/2015 00:12:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/30/2015 08:51:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/29/2015 09:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/28/2015 08:08:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/27/2015 09:54:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2015 02:24:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/24/2015 01:39:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/24/2015 08:14:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2015 05:06:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/21/2015 07:13:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (04/14/2014 07:28:58 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 92 seconds with 0 seconds of active time. This session ended with a crash.
Error: (07/08/2012 04:18:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2658 seconds with 900 seconds of active time. This session ended with a crash.
Error: (06/19/2012 09:14:05 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 808 seconds with 780 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-05-04 22:01:43.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:42.528
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:41.468
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:40.469
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:39.346
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:38.472
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:37.630
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:36.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:35.571
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-04 22:01:34.682
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Percentage of memory in use: 66%
Total physical RAM: 3031.86 MB
Available physical RAM: 1019.38 MB
Total Pagefile: 6277.7 MB
Available Pagefile: 3999.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:188.93 GB) (Free:64.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:29.19 GB) (Free:27.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 274BF56F)
Partition 1: (Active) - (Size=188.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29.2 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End Of Log ============================
|
|
05.05.2015, 08:55
| #2 | |
| /// TB-Ausbilder /// Anleitungs-Guru  | Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnetZitat:
 Das kann jeder lesen. Wurde die exe-Datei ausgeführt bzw. gestartet duch Anklicken? Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
| Themen zu Windows Vista; Trojaner von Directpay AG; Zip-Datei mit exe. anhang geöffnet |
| anhang, antivirenprogramm, daten, desktop, e-mail, erhalte, firma, foren, geladen, interne, kaspersky, komplett, neu, offene, programm, rechnung, sache, sachen, software, trojaner, vista, windows, windows vista, wirklich, würde |
Hybrid-Darstellung
