Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.
All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0. -> *.xxx
Hi!
Danke für Deine Hilfe!
Ich verstehe jetzt nicht das '#'.
Aber ich poste mal die beiden LOG Files.
Nur zur Klärung. Nach dem ich gemerkt habe, dass der Trojaner auf meiner FP sich gemütlich gemacht habe, habe ich sofort Kaspersky installiert und natürlich auch laufen lassen. Jetzt ist die Frage, ob Du mit den beiden LOG FIles noch etwas anfangen kannst.
scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by music at 2015-07-20 13:58:34
Running from J:\
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1233522967-52797685-3324903142-500 - Administrator - Disabled)
Gast (S-1-5-21-1233522967-52797685-3324903142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1233522967-52797685-3324903142-1002 - Limited - Enabled)
music (S-1-5-21-1233522967-52797685-3324903142-1001 - Administrator - Enabled) => C:\Users\music
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Reader X - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Algorithmix reNOVAtor 2.1 (HKLM-x32\...\Algorithmix reNOVAtor 2.1) (Version: - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-1233522967-52797685-3324903142-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Analog Factory 2.5 (HKLM-x32\...\Analog Factory_is1) (Version: - Arturia)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
ATI Catalyst Install Manager (HKLM\...\{C5970161-E13E-6661-BBDA-A08268313C83}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
AudioEase Altiverb VST RTAS v6.12 (HKLM-x32\...\AudioEase Altiverb VST RTAS_is1) (Version: - )
Babylon Chrome Toolbar (HKLM-x32\...\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}) (Version: 2.0.0.4 - Babylon Ltd) <==== ATTENTION
Babylon toolbar (HKLM-x32\...\BabylonToolbar) (Version: - BabylonToolbar) <==== ATTENTION
BEHRINGER X-UF 1394 Driver v5.25.0.0 (HKLM-x32\...\BEHRINGER X-UF 1394 Driver v5.25.0.0) (Version: 5.25.0.0 - BEHRINGER)
BitGuard (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - MediaTechSoft Inc.) <==== ATTENTION
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CaptureWizPro 4.40 (HKLM-x32\...\CaptureWiz) (Version: - )
ccc-core-static (x32 Version: 2011.0104.2155.39304 - Ihr Firmenname) Hidden
Drums Overkill (HKLM-x32\...\ Drums Overkill) (Version: - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jupiter-8V2 2.0 (HKLM-x32\...\Jupiter-8V2_is1) (Version: - Arturia)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
KORG Legacy Collection - LegacyCell (HKLM-x32\...\{1EC82637-F2BD-4F2F-B4DE-F38B70D0DDC3}) (Version: 1.2.3 - KORG Inc.)
KORG Legacy Collection - M1 (HKLM-x32\...\{6423EF42-19F9-4FF6-83D7-177B391D96B6}) (Version: 1.6.3 - KORG Inc.)
KORG Legacy Collection - MDE-X (HKLM-x32\...\{E8FD2DF4-CF22-4996-BBF5-FE37D13A420E}) (Version: 1.2.8 - KORG Inc.)
KORG Legacy Collection - MonoPoly (HKLM-x32\...\{9B208107-DCBC-4815-A85D-E7151CFD454C}) (Version: 1.0.3 - KORG Inc.)
KORG Legacy Collection - MS-20 (HKLM-x32\...\{836361D1-D74F-416F-B8B2-DCB7ED89B111}) (Version: 1.2.4 - KORG Inc.)
KORG Legacy Collection - Polysix (HKLM-x32\...\{B7D95B65-E05B-4B05-B669-7A1AC21BAB67}) (Version: 1.2.4 - KORG Inc.)
KORG Legacy Collection - WAVESTATION (HKLM-x32\...\{7F025596-53EC-421A-BB05-742A4D6CC8E3}) (Version: 1.6.5 - KORG Inc.)
Melodyne 3.2 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.2.0202 - Celemony Software GmbH)
Melodyne 3.2 (x32 Version: 3.2.0202 - Celemony Software GmbH) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MOTU Hardware (HKLM\...\{A05D2328-5096-4748-981B-493B1D56BBEB}) (Version: 4.0.5.5333 - MOTU)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MusicLab RealGuitar 2.0 (HKLM-x32\...\{1864B4F0-7777-4A57-9930-C2B307597966}) (Version: - MusicLab, Inc.)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version: - Native Instruments)
Native Instruments FM7 VSTi DXI RTAS v1.1.3.4 (HKLM-x32\...\Native Instruments FM7 VSTi DXI RTAS v1.1.3.4) (Version: - )
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: - Native Instruments)
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS (HKLM-x32\...\Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS) (Version: - )
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.3.307 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: - Native Instruments)
Native Instruments Session Guitarist - Strummed Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Strummed Acoustic) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: - Native Instruments)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.6.0840 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.6.0840 - PACE Anti-Piracy, Inc.) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version: - Lexicon)
PCM Native Reverb Bundle (x32 Version: 1.1.3 - Lexicon) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Project SAM Symphobia 1.0 (HKLM-x32\...\{676FAD0D-40C3-4911-93E7-5C70C201ADEA}_is1) (Version: - )
ProjectSAM Symphobia (HKLM-x32\...\ProjectSAM Symphobia) (Version: - )
QuickTime (x32 Version: 7.0.4 - Apple Computer, Inc.) Hidden
RealStrat 1.0 (HKLM-x32\...\{58206080-3E1F-4418-8117-D190FC71BF58}) (Version: - MusicLab)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6037 - Realtek Semiconductor Corp.)
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage) <==== ATTENTION
Relab LX480 Lite VST v1.0 (HKLM-x32\...\Relab LX480 Lite_is1) (Version: - )
Sibelius Scorch (all browsers) (HKLM-x32\...\{968ECEB6-5476-4131-B5E0-41D01D621243}) (Version: 6.2.0 - Sibelius Software)
Snap.Do (HKLM-x32\...\{084B3661-F647-4E44-9018-D7DCDF538057}) (Version: 11.7.1.13233 - ReSoft Ltd.) <==== ATTENTION
Sonnox Oxford Inflator Native VST v1.5.1 (HKLM-x32\...\Sonnox Oxford Inflator Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford Limiter Native VST v1.1.1 (HKLM-x32\...\Sonnox Oxford Limiter Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford R3 Dynamics Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford R3 Dynamics Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford R3 EQ Native VST v1.6.1 (HKLM-x32\...\Sonnox Oxford R3 EQ Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford Reverb Native VST v1.0 (HKLM-x32\...\Sonnox Oxford Reverb Native VST_is1) (Version: - Team AiR 2007)
Sonnox Oxford TransMod Native VST v1.3.1 (HKLM-x32\...\Sonnox Oxford TransMod Native VST_is1) (Version: - Team AiR 2007)
Steinberg Cubase 5 64bit (HKLM\...\{8A9065DA-0293-41DA-A349-16E1A2605F64}) (Version: 5.5.2 - Steinberg Media Technologies GmbH)
Steinberg Cubase 6 64bit (HKLM\...\{C6651CD0-4892-4465-96AC-C9864A695FF9}) (Version: 6.5.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase 7 64bit (HKLM\...\{57FB2180-0FC7-41FC-8D76-3C4271CF4422}) (Version: 7.0.5 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Eucon Adapter 6.5 64bit (HKLM\...\{95D90857-61C2-4927-85FF-A317E46E7351}) (Version: 6.5.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH)
Steinberg HALionOne 64bit (HKLM\...\{743C5D75-6BC8-4881-BF7D-E7DF29F155F4}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Virtual Guitarist 2 (HKLM-x32\...\VG2_is1) (Version: - Steinberg Media Technologies GmbH.)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg WaveLab 5.01b (HKLM-x32\...\Steinberg WaveLab 5.01b) (Version: - )
Superior Drummer 64 bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.2.2 - Toontrack)
TC Electronic PowerCore (HKLM\...\{29E65F87-3B96-4F74-84E8-6088411A85C3}) (Version: 4.0.3 - TC Electronic)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
UAD drivers. This may take a while... (x32 Version: 7.0.1.3150 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{80aeccba-72ec-4f2f-aa34-09c1cc72e3fb}) (Version: 7.0.1.3150 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.0.1.3150 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.0.1.3150 - Universal Audio, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg)
Windows Driver Package - Universal Audio Inc. (UAD2Pcie) UAD2DSP (03/29/2012 6.01.0097) (HKLM\...\7BE5DD05AFC7EA233501CC85DB3E9E78F8E95311) (Version: 03/29/2012 6.01.0097 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2Pcie) UAD2DSP (08/31/2011 6.00.0060) (HKLM\...\96BD8EA013D8CF2FE3D65289F918D489EE937CC3) (Version: 08/31/2011 6.00.0060 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2Pcie) UAD2DSP (09/14/2012 6.03.0420) (HKLM\...\9E577FF8CA73CD32BD55D49A8B4AAD74F2693610) (Version: 09/14/2012 6.03.0420 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2Pcie) UAD2DSP (11/30/2010 ) (HKLM\...\D6464B370822574865708071F3E87D186FAC7BA4) (Version: 11/30/2010 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2System) UAD2DSP (03/29/2012 6.01.0097) (HKLM\...\157A0C000E37CBCABDDE054F327E7E179DF71430) (Version: 03/29/2012 6.01.0097 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2System) UAD2DSP (08/31/2011 6.00.0060) (HKLM\...\E1F7D5F4285378EAAEA84607BE85FF3E4544FB51) (Version: 08/31/2011 6.00.0060 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2System) UAD2DSP (09/14/2012 6.03.0420) (HKLM\...\21831831B795B28D5F20754E5039CAE1AA97A986) (Version: 09/14/2012 6.03.0420 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2System) UAD2DSP (11/30/2010 ) (HKLM\...\072DA3D1AC97714EA927A1A5770099D1AB131FD5) (Version: 11/30/2010 - Universal Audio Inc.)
Windows-Treiberpaket - TC Electronic (Powercore) PowerCore (07/15/2010 4.0.3.212) (HKLM\...\B1B2DEDFEEB4ADFB886FCD6F5136418080E0C1DD) (Version: 07/15/2010 4.0.3.212 - TC Electronic)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Wizoo WizooVerb W2 VST RTAS v1.0 (HKLM-x32\...\Wizoo WizooVerb W2 VST RTAS v1.0) (Version: - )
yellow tools Independence Pro 2.5.4 Software Suite 64bit (HKLM-x32\...\yellow tools Independence Pro 2.5.4 Software Suite 64bit) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-03-26 20:05 - 00001068 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {064A27D0-B573-4789-AABC-4D01BA2C5A3C} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {0927BA5D-196C-411C-A960-FDAAD30D9A8F} - System32\Tasks\{82B2306D-2A1F-4D0C-8A7C-CE8D2CD92401} => C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
Task: {0CDED09A-2508-42CB-81F2-24D4787DD0D7} - System32\Tasks\{8B52E8B6-4C87-42BD-A939-BB66D330C346} => pcalua.exe -a C:\PROGRA~2\ALGORI~1\RENOVA~1\UNINST~1\UNWISE.EXE -c C:\PROGRA~2\ALGORI~1\RENOVA~1\UNINST~1\INSTALL.LOG
Task: {108A823F-A2A4-459F-BDB9-5909B14C0DFF} - System32\Tasks\{9A8054E8-1208-4B1E-BFBF-A3403D861401} => C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
Task: {168E3026-17D1-4BD7-B062-55DB3A1D89C0} - System32\Tasks\{6E4C1D87-56FE-45FF-9582-82467E71DFA3} => C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
Task: {1C5F8777-0701-4146-8E6E-DA9C3812871E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {27BFE4B2-410B-44BF-9EFE-AEBBCFF6FF2D} - System32\Tasks\{39677664-DF21-4EEF-82A7-268BF5FD88A6} => C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
Task: {29D0525E-CE61-4DDA-BB83-B8605CBC0709} - \{1CCA2959-6B0F-41DB-8335-5EEDA39D2AD8} No Task File <==== ATTENTION
Task: {2F0A6A2C-F81F-495F-A1D7-14FC9388C485} - System32\Tasks\{9B15D7EF-9D07-44EF-82E6-D8F700EEDA92} => C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
Task: {366FF6C4-1581-40D4-87E3-B449DCD1C446} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2008-06-27] ()
Task: {400690FD-ABC7-4678-A132-E6A062AF3BA3} - System32\Tasks\{71096E69-2744-4BCA-A740-C4E2FAC27C2E} => C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
Task: {57671A8E-4221-4AEB-A8D3-C78ACADCE938} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {5A727EA1-6CCD-48BE-B3B2-142A0165E04D} - System32\Tasks\{A294ED79-2269-4E18-9FBE-F77D8636D915} => C:\Program Files (x86)\WIBUKEY\Bin\WkSvMon.exe
Task: {5AF9843E-434A-42E9-A2D6-DA9685FACF82} - System32\Tasks\{B7AFD50B-0C3E-4901-98E1-1F6220ECB17C} => C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
Task: {5E55A4A4-0D3D-441E-A171-99511B1889A5} - \{18E30B17-F25B-4681-8693-1EAC0599BFA6} No Task File <==== ATTENTION
Task: {659A486A-DD0E-4D78-A180-CB38AEADABA3} - System32\Tasks\{5E82FA28-656C-43D7-9A67-8C76F6520CB4} => pcalua.exe -a "C:\Downloads\Independence Pro 2.5.4 Software Suite WIN64\Independence Pro 2.5.4 Software Suite WIN64\Independence Pro 2.5.4 Software Suite 64 E-License.exe" -d "C:\Downloads\Independence Pro 2.5.4 Software Suite WIN64\Independence Pro 2.5.4 Software Suite WIN64"
Task: {66513E3B-F00E-45E8-AB47-54188D9E371F} - System32\Tasks\AdobeAAMUpdater-1.0-music-PC-music => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {6690F8F6-44B6-4233-96D2-F6E09539931A} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {7B7B0A01-E993-4300-85F9-E72478574EE0} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {8C4CC8A8-3214-40B6-B2FD-8C3652EFA32A} - System32\Tasks\EPUpdater => C:\Users\music\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {9CF4F08E-A4B9-4A59-A47F-8C08DFC6071E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B3604A04-C564-431A-9DCD-215DD4C0E2AE} - System32\Tasks\{CBB18BC3-335E-4F01-AB66-BE84C133F852} => C:\Program Files (x86)\WIBUKEY\H2O\CXWibu.exe
Task: {C2AA6542-8AD3-415C-9DEF-0D2667DD64E9} - System32\Tasks\{852F0F33-2D7F-4BE5-A382-E6C52BE79343} => C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
Task: {CD018AF0-6600-4D45-996D-6AEFC518A32D} - System32\Tasks\{DEB2302F-AF06-45DF-A021-1D004AB41A77} => C:\Program Files (x86)\Algorithmix\reNOVAtor\AlgoEdit.exe
Task: {DFAEAFA0-6C7F-4D86-8D42-2D48F4A0BBAB} - System32\Tasks\DOTHMOI => Rundll32.exe "C:\Windows\SysWOW64\dbghelpj.dll",RZYOHI
Task: {E2CB60BD-5AF9-468E-ABD7-CC7B8904BF58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {E5708C94-D6D1-4DC0-89AC-3E4A9C1F44F3} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-05-19] (Reimage®) <==== ATTENTION
Task: {EA70F64A-15F2-4C70-AA9F-454FEF6D1EF8} - System32\Tasks\{36A945B1-3F00-4B84-A5CA-6B7259438506} => C:\Program Files (x86)\Algorithmix\reNOVAtor\AlgoEdit.exe
Task: {FD61F38B-9F6D-4843-80C7-FDEE09E0CBB2} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DOTHMOI.job => C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\dbghelpj.dll
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-19 12:46 - 2015-05-19 12:46 - 06759912 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2013-09-02 19:04 - 2013-09-02 19:04 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2013-05-14 13:47 - 2012-06-28 10:49 - 00606528 _____ () C:\Program Files\behringer\behringer_XUF_1394_driver\X-UF 1394 Control Panel.exe
2012-09-06 19:23 - 2012-09-06 19:23 - 01457552 _____ () C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe
2011-01-04 22:54 - 2011-01-04 22:54 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00034848 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00056864 _____ () C:\Users\music\AppData\Local\Smartbar\Application\srau.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00150560 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00112672 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 01981472 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00055840 _____ () C:\Users\music\AppData\Local\Smartbar\Application\spbl.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00013344 _____ () C:\Users\music\AppData\Local\Smartbar\Application\siem.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00049184 _____ () C:\Users\music\AppData\Local\Smartbar\Application\sppsm.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00728096 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00082464 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00014368 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00017440 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00031264 _____ () C:\Users\music\AppData\Local\Smartbar\Application\srut.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00020512 _____ () C:\Users\music\AppData\Local\Smartbar\Application\srsbs.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00057888 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00014368 _____ () C:\Users\music\AppData\Local\Smartbar\Application\sgml.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00053280 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00014880 _____ () C:\Users\music\AppData\Local\Smartbar\Application\srpdm.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00048160 _____ () C:\Users\music\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00026144 _____ () C:\Users\music\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00025632 _____ () C:\Users\music\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-10-31 16:17 - 2013-10-31 16:17 - 00193056 _____ () C:\Users\music\AppData\Local\Smartbar\Application\sgmu.dll
2013-10-31 16:16 - 2013-10-31 16:16 - 00068640 _____ () C:\Users\music\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2013-10-31 17:26 - 2013-10-31 17:26 - 00248864 _____ () C:\Users\music\AppData\Local\Smartbar\Application\srns.dll
2015-03-04 16:30 - 2015-07-08 19:07 - 00071680 _____ () C:\Users\music\AppData\Local\Cheba\Cheba.Utils.dll
2015-03-04 16:30 - 2015-07-08 19:07 - 00099840 _____ () C:\Users\music\AppData\Local\Cheba\Cheba.TrayIcons.dll
2015-07-17 22:52 - 2015-07-17 22:52 - 00031744 _____ () C:\Users\music\AppData\Local\hncvavd.dll
2011-09-05 19:05 - 2011-09-05 19:05 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2013-06-03 07:07 - 2013-06-03 07:07 - 00215040 _____ () C:\Windows\system32\UAD2DriverClient.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Microsoft:2s4JgcHauHBTgzqa4HQR6Op
AlternateDataStreams: C:\ProgramData\Microsoft:nPhsi5ct2sS3D3RKsOaNI9d
AlternateDataStreams: C:\Users\music\AppData\Local\Temp:1sjuQBilkRqPxSwMYLKyoZ0y
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1233522967-52797685-3324903142-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Media is not connected to internet.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{CF617EA5-E470-45E0-B7A5-27DEEA306D3C}C:\users\music\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\music\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [UDP Query User{4E7EB146-0CA9-4BF4-A7C6-AB8A50A20861}C:\users\music\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\music\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [TCP Query User{66C4FD44-7D03-4483-98EA-CD98394D9C49}C:\program files\steinberg\cubase 5\cubase5.exe] => (Allow) C:\program files\steinberg\cubase 5\cubase5.exe
FirewallRules: [UDP Query User{5BD5E1B0-9898-4DBC-B967-E937267D3E44}C:\program files\steinberg\cubase 5\cubase5.exe] => (Allow) C:\program files\steinberg\cubase 5\cubase5.exe
FirewallRules: [TCP Query User{C1A56498-E089-47A8-A1D5-D9EB8931F42A}C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{E01288FA-F87A-426C-81E5-1C61328594EC}C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{01FCCD93-BCEA-41A3-86D5-590DF04C092B}C:\program files\steinberg\cubase 5\cubase5.exe] => (Allow) C:\program files\steinberg\cubase 5\cubase5.exe
FirewallRules: [UDP Query User{6787A6F9-C345-43A0-A76A-D75941861485}C:\program files\steinberg\cubase 5\cubase5.exe] => (Allow) C:\program files\steinberg\cubase 5\cubase5.exe
FirewallRules: [TCP Query User{5A4D47FA-68CF-44FE-91C3-96E80FB6CCF4}C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{BAB0727F-3985-494F-BB10-2F163D8819AE}C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 5\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{246A6A26-E836-4662-98EA-B974EAF4D014}C:\windows 7 loader extreme edition\w7lxe.exe] => (Allow) C:\windows 7 loader extreme edition\w7lxe.exe
FirewallRules: [UDP Query User{7E74BDA0-7E18-4E46-A653-63B0F1813B3C}C:\windows 7 loader extreme edition\w7lxe.exe] => (Allow) C:\windows 7 loader extreme edition\w7lxe.exe
FirewallRules: [TCP Query User{E2EBCD30-5293-4289-A5DF-C8A2E6355066}C:\users\music\appdata\local\temp\kmsemul.exe] => (Allow) C:\users\music\appdata\local\temp\kmsemul.exe
FirewallRules: [UDP Query User{70F9172E-06B6-45DE-A7CF-5C61A1E22E63}C:\users\music\appdata\local\temp\kmsemul.exe] => (Allow) C:\users\music\appdata\local\temp\kmsemul.exe
FirewallRules: [TCP Query User{917C0789-ED96-42C7-AD39-8637D5E2E229}C:\___für reaktivierung\windows 7 loader extreme edition\w7lxe.exe] => (Allow) C:\___für reaktivierung\windows 7 loader extreme edition\w7lxe.exe
FirewallRules: [UDP Query User{0EDB655D-408D-48D6-8D97-C4C2D2B85C4A}C:\___für reaktivierung\windows 7 loader extreme edition\w7lxe.exe] => (Allow) C:\___für reaktivierung\windows 7 loader extreme edition\w7lxe.exe
FirewallRules: [{06ABE4E1-45D6-4699-8604-B29C0BED6EEE}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{3FBD1228-7BCC-4147-95D0-F81515065A12}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [TCP Query User{3309AEB0-864A-4C57-934E-CCDA9792D6B5}C:\users\music\jdownloader\jre\bin\javaw.exe] => (Allow) C:\users\music\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{3E88A128-E485-4AD2-9C49-CAF401E454B3}C:\users\music\jdownloader\jre\bin\javaw.exe] => (Allow) C:\users\music\jdownloader\jre\bin\javaw.exe
FirewallRules: [TCP Query User{328C6D18-1CD7-4452-9169-255C14A8AD36}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [UDP Query User{3FC25724-201E-464F-BAA9-FF15B12E6DFC}C:\program files\steinberg\cubase 6\cubase6.exe] => (Allow) C:\program files\steinberg\cubase 6\cubase6.exe
FirewallRules: [TCP Query User{2C3F59AD-DFE7-4C68-8706-ABA4D795BFBA}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{13793883-378B-4625-8314-96C64EC08C41}C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 6\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{C14DEBCD-F8EB-463E-AF56-B6A1CE0FD47C}C:\program files (x86)\motu\audio\cuemix fx.exe] => (Allow) C:\program files (x86)\motu\audio\cuemix fx.exe
FirewallRules: [UDP Query User{155F03E2-1EDB-40A4-B1FE-AE0A91AA18B8}C:\program files (x86)\motu\audio\cuemix fx.exe] => (Allow) C:\program files (x86)\motu\audio\cuemix fx.exe
FirewallRules: [TCP Query User{EAA4031A-50E6-473D-9DA5-8E7233A04896}C:\program files\steinberg\cubase 7\cubase7.exe] => (Allow) C:\program files\steinberg\cubase 7\cubase7.exe
FirewallRules: [UDP Query User{2D04A5F3-9D29-4A76-B5B4-D8F8C827249B}C:\program files\steinberg\cubase 7\cubase7.exe] => (Allow) C:\program files\steinberg\cubase 7\cubase7.exe
FirewallRules: [TCP Query User{893A08D3-FA2B-4294-B600-B058308C7C43}C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{28405579-1BC3-4E90-9230-4339582B881E}C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe
FirewallRules: [{4F700BCA-F553-426B-B4B4-68CD7D8498F8}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{ADA562D9-32AC-429C-847C-5F3410DA9610}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{FB691C49-C362-4127-932F-C0CB0E2D4A08}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{C2D19E1C-676C-424F-BF09-6928F9795100}C:\program files\steinberg\cubase 7\cubase7.exe] => (Allow) C:\program files\steinberg\cubase 7\cubase7.exe
FirewallRules: [UDP Query User{06F3A61E-F898-45A9-AC3B-8E51C9FF3CBA}C:\program files\steinberg\cubase 7\cubase7.exe] => (Allow) C:\program files\steinberg\cubase 7\cubase7.exe
FirewallRules: [TCP Query User{2414EA19-FB29-429C-BE9D-B02F9CC92840}C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{52E70E4F-256B-4C31-AB2E-A5FD16842A36}C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 7\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{9E52FCED-3286-4A62-833E-FF7FAC0A2713}C:\program files (x86)\motu\audio\cuemix fx.exe] => (Allow) C:\program files (x86)\motu\audio\cuemix fx.exe
FirewallRules: [UDP Query User{7D2C0C87-C28D-4EC2-852A-3CF4045725EF}C:\program files (x86)\motu\audio\cuemix fx.exe] => (Allow) C:\program files (x86)\motu\audio\cuemix fx.exe
FirewallRules: [TCP Query User{F6F054E3-D5C4-4B38-BC75-D5889E4CA9E3}C:\users\music\jdownloader\jre\bin\javaw.exe] => (Block) C:\users\music\jdownloader\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0DDC43ED-963E-4016-89AF-82F9BF0F8B94}C:\users\music\jdownloader\jre\bin\javaw.exe] => (Block) C:\users\music\jdownloader\jre\bin\javaw.exe
FirewallRules: [{58D84FB9-BDC7-40B0-BA33-3033BA7F9B8F}] => (Allow) C:\Program Files\Steinberg\Cubase 7\Cubase7.exe
FirewallRules: [{316D4609-0F23-4EDA-B462-06121FA1E218}] => (Allow) LPort=51113
FirewallRules: [{C69C2E0C-3354-4044-B467-29B7BB7F0D35}] => (Allow) LPort=51112
FirewallRules: [{0B72DBBF-5933-4878-8EA6-7C6B9C70A64D}] => (Allow) LPort=51111
FirewallRules: [TCP Query User{8E34B121-9857-4F2E-BF20-5546279FD26A}C:\users\music\appdata\local\temp\kmsemul.exe] => (Block) C:\users\music\appdata\local\temp\kmsemul.exe
FirewallRules: [UDP Query User{67A7C2DB-EF02-433D-931B-287A435AD648}C:\users\music\appdata\local\temp\kmsemul.exe] => (Block) C:\users\music\appdata\local\temp\kmsemul.exe
FirewallRules: [TCP Query User{AD59F422-D856-403F-B7BD-566135C2D447}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{07C12D90-E6F9-4B53-9AA0-02AD9EFFF353}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{4CF31BA2-AD17-44C1-8B8D-3FC2F8A1DBF5}C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe] => (Block) C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe
FirewallRules: [UDP Query User{0FEE4F60-9CEF-4D79-BB2B-B0F287CE5FDA}C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe] => (Block) C:\program files (x86)\marvell\raid\apache2\bin\httpd.exe
FirewallRules: [{12F33B6D-916A-4F6D-B6C5-2550036B585C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{865BC376-CC73-4DAA-B734-5215B51CAA36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{665D2745-992D-4CF3-9453-778ED2333520}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{42023802-CF98-4497-BFC9-CEE3B848FF5B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{726B7F9A-EAD3-47A9-B11C-622474DCE965}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7F31A5EE-F73E-488D-BE47-A355AD96C069}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C52A2F16-4CAC-48BD-9B47-97BC00904BB1}] => (Allow) LPort=2869
FirewallRules: [{EA74DF00-939E-4089-8767-120FD54108DE}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{E88768AA-4AFC-4267-8E97-6CE6C8423FF5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A273CE50-89EA-4A91-8C60-9981541C1396}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{3B01B26E-A686-43F5-A52B-D8745D1B4020}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{F8934A14-BA54-4951-A6D4-F73D208E7359}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [TCP Query User{BCD24CE3-B7D4-4635-BBE4-29A111C09531}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{A1D28985-4874-4011-AD7B-E61A49E53007}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
==================== Faulty Device Manager Devices =============
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
Name: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Description: Intel-Prozessor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/20/2015 01:56:21 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/19/2015 02:56:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/19/2015 02:51:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/19/2015 12:50:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/19/2015 12:37:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/18/2015 01:58:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/18/2015 01:49:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/18/2015 10:47:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/18/2015 10:45:02 AM) (Source: Winlogon) (EventID: 4004) (User: )
Description: Fehler beim Beenden der Prozesse des aktuell angemeldeten Benutzers durch den Windows-Anmeldeprozess.
Error: (07/18/2015 10:06:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (07/18/2015 02:00:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet:
%%-2147467243
Error: (07/18/2015 01:43:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/18/2015 01:31:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/18/2015 01:28:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/18/2015 01:28:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (07/18/2015 01:28:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
Error: (07/18/2015 01:26:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/18/2015 01:26:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/18/2015 01:26:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (07/18/2015 01:26:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office:
=========================
Error: (06/11/2013 01:24:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3785 seconds with 1380 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2012-10-02 23:27:52.059
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:27:52.043
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:27:24.728
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:27:24.712
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:27:00.111
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:27:00.111
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:26:50.376
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:26:50.376
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:26:06.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-10-02 23:26:06.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\WIBUKEY\H2O\cxwibu.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Percentage of memory in use: 9%
Total physical RAM: 24567.11 MB
Available physical RAM: 22162.35 MB
Total Virtual: 49132.37 MB
Available Virtual: 46280.33 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:19.85 GB) NTFS
Drive e: (77_500GB) (Fixed) (Total:465.76 GB) (Free:271.76 GB) NTFS
Drive f: (81_500GB_Mi) (Fixed) (Total:465.76 GB) (Free:226.1 GB) NTFS
Drive g: (79_500GB_Wa) (Fixed) (Total:465.76 GB) (Free:102.38 GB) NTFS
Drive h: (Raid) (Fixed) (Total:2047.97 GB) (Free:463.05 GB) NTFS
Drive j: () (Removable) (Total:3.97 GB) (Free:3.95 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 205B238A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: B9CB4EE9)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 3E944F45)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 14D98229)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 2048 GB) (Disk ID: 998C85B2)
Partition 1: (Not Active) - (Size=2048 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 4 GB) (Disk ID: D75033F5)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
==================== End of log ============================
--- --- ---
--- --- ---
__________________
Themen zu All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0. -> *.xxx
Zum Thema All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0. -> *.xxx - Hi!
Danke für Deine Hilfe!
Ich verstehe jetzt nicht das '#'.
Aber ich poste mal die beiden LOG Files.
Nur zur Klärung. Nach dem ich gemerkt habe, dass der Trojaner - All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0. -> *.xxx...
20.07.2015, 13:25
Baum-Darstellung