| |
| |||||||
Netzwerk und Hardware: System sehr träge, Festplatte defekt?Windows 7 Hilfe zu Motherboards, CPUs, Lüfter, Raid-Controller, Digitalkameras, Treiber usw. Bitte alle relevanten Angaben zur Hardware machen. Welche Hardware habe ich? Themen zum Trojaner Entfernen oder Viren Beseitigung bitte in den Bereinigungsforen des Trojaner-Boards posten. |
 |
07.09.2015, 12:57
| #1 |
| |  System sehr träge, Festplatte defekt? Mein Laptop (W8) ist nicht mal ein Jahr alt und scheint jetzt schon schlapp zu machen. Seit einer Woche kommt es vermehrt zu extrem verzögerten Startvorgängen, bei denen der explorer entweder gar nicht lädt oder direkt beendet wird. (lt. Ereignisanzeige) In Gebrauch ist das ganze Sytem sehr träge (geworden). Oft schmieren Programme oder der explorer komplett ab. Auch der Task-Manager ist oft nicht zu öffnen. Malware-Befall und Vermüllung kann ich ausschließen. Durch ein Forum inspiriert hab ich mir mal die Fesplatte näher angeschaut. Ich glaube der geht's nicht so gut  www.hijackthis-forum.de/allgemeine-probleme/75055-neuer-pc-wird-ploetzlich-langsamer.html Wäre dankbar für Experten-Meinungen! Falls nützliche Logs vermisst werden bitte Bescheid geben. FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-09-2015 01
durchgeführt von Ich1 (Administrator) auf ICH (07-09-2015 13:46:31)
Gestartet von C:\Users\Ich1\Desktop
Geladene Profile: Ich1 (Verfügbare Profile: Ich1)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Spotify Ltd) C:\Users\Ich1\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-08-03] (Realtek semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-02-19] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-02-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-02-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13877464 2015-05-15] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-1128644019-1667270004-595458584-1002\...\Run: [Spotify Web Helper] => C:\Users\Ich1\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-26] (Spotify Ltd)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [372408 2014-11-08] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0DA0DBF7-AA2E-484C-89CE-7DC0195202CE}: [DhcpNameServer] 131.234.137.24 131.234.137.23
Tcpip\..\Interfaces\{67C09EDD-AB89-4B48-A369-0F2D4F4F7CB3}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{917BEF3F-0ED2-482E-B0C7-66E88A3E5D74}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-1128644019-1667270004-595458584-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:InPrivate
HKU\S-1-5-21-1128644019-1667270004-595458584-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1128644019-1667270004-595458584-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1128644019-1667270004-595458584-1002 -> {83148187-0C5C-417B-A609-24ABA47B165B} URL =
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Ich1\AppData\Roaming\Mozilla\Firefox\Profiles\0sny9xce.default
FF DefaultSearchEngine: Hulbee
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1128644019-1667270004-595458584-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Ich1\AppData\Roaming\Mozilla\Firefox\Profiles\0sny9xce.default\searchplugins\hulbee.xml [2015-09-06]
FF Extension: Disconnect - C:\Users\Ich1\AppData\Roaming\Mozilla\Firefox\Profiles\0sny9xce.default\Extensions\2.0@disconnect.me.xpi [2015-08-23]
FF Extension: Privacy Badger - C:\Users\Ich1\AppData\Roaming\Mozilla\Firefox\Profiles\0sny9xce.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2015-08-23]
FF Extension: Adblock Edge - C:\Users\Ich1\AppData\Roaming\Mozilla\Firefox\Profiles\0sny9xce.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-08-23]
Chrome:
=======
CHR Plugin: (Web Store
"permissions": [ "webstorePrivate", "management", "system.cpu", "system.display", "system.memory", "system.network", "system.storage" ],
"version": "0.2"
},
"page_ordinal": "n",
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\web_store") - "name": "Web Store",
"permissions": [ "webstorePrivate", "management", "system.cpu", "system.display", "system.memory", "system.network", "system.storage" ],
"version": "0.2"
},
"page_ordinal": "n",
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\web_store Keine Datei
CHR Plugin: (Bookmark Manager
"permissions": [ "bookmarks", "bookmarkManagerPrivate", "metricsPrivate", "systemPrivate", "tabs", "chrome://favicon/", "chrome://resources/" ],
"version": "0.1"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\bookmark_manager",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"ennkphjdgehloodpbhlhldgbnhmacadg": {
"active_permissions": {
"api": [ ],
"explicit_host": [ "chrome://settings-frame/*" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "app.runtime.onLaunched" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089499346",
"location": 5,
"manifest": {
"app": {
"background": {
"scripts": [ "settings_app.js" ]
}
},
"description": "Settings",
"display_in_launcher": false,
"icons": {
"128": "settings_app_icon_128.png",
"16": "settings_app_icon_16.png",
"32": "settings_app_icon_32.png",
"48": "settings_app_icon_48.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB",
"manifest_version": 2,
Settings
"permissions": [ "chrome://settings-frame/" ],
"version": "0.2"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\settings_app",
"preferences": {
},
"regular_only_preferences": {
},
"running": false,
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"gfdkimpbcpahaombhbimeihdjnejgicl": {
"active_permissions": {
"api": [ "feedbackPrivate" ],
"explicit_host": [ "chrome://resources/*" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "feedbackPrivate.onFeedbackRequested", "runtime.onMessageExternal" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089496346",
"location": 5,
"manifest": {
"app": {
"background": {
"scripts": [ "js/event_handler.js" ]
},
"content_security_policy": "default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"
},
"description": "User feedback extension",
"display_in_launcher": false,
"display_in_new_tab_page": false,
"icons": {
"32": "http://www.trojaner-board.de/images/icon32.png",
"64": "http://www.trojaner-board.de/images/icon64.png"
},
"incognito": "split",
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB",
"manifest_version": 2,
Feedback
"permissions": [ "feedbackPrivate", "chrome://resources/" ],
"version": "1.0"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\feedback",
"preferences": {
},
"regular_only_preferences": {
},
"running": false,
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"kmendfapggjehodndflmmgagdbamhnfd": {
"active_permissions": {
"api": [ "cryptotokenPrivate", "externally_connectable.all_urls", "hid", "tabs", "u2fDevices", "usb", {
"usbDevices": [ {
"interfaceId": -1,
"productId": 529,
"vendorId": 4176
} ]
}, "webConnectable" ],
"explicit_host": [ "hxxp://*/*", "https://*/*" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "runtime.onConnectExternal", "runtime.onMessageExternal" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089508346",
"location": 5,
"manifest": {
"background": {
"persistent": false,
"scripts": [ "util.js", "b64.js", "sha256.js", "countdown.js", "countdowntimer.js", "devicestatuscodes.js", "approvedorigins.js", "errorcodes.js", "gnubbycodetypes.js", "webrequest.js", "gnubbymsgtypes.js", "messagetypes.js", "factoryregistry.js", "closeable.js", "requesthelper.js", "webrequestsender.js", "enroller.js", "requestqueue.js", "signer.js", "origincheck.js", "textfetcher.js", "appid.js", "watchdog.js", "cryptotokenorigincheck.js", "cryptotokenapprovedorigins.js", "gnubbydevice.js", "hidgnubbydevice.js", "usbgnubbydevice.js", "gnubbies.js", "gnubby.js", "gnubby-u2f.js", "gnubbyfactory.js", "singlesigner.js", "multiplesigner.js", "generichelper.js", "inherits.js", "individualattest.js", "devicefactoryregistry.js", "usbhelper.js", "usbenrollhandler.js", "usbsignhandler.js", "usbgnubbyfactory.js", "googlecorpindividualattest.js", "cryptotokenbackground.js" ]
},
"description": "CryptoToken Component Extension",
"externally_connectable": {
"accepts_tls_channel_id": true,
"ids": [ "fjajfjhkeibgmiggdfehjplbhmfkialk" ],
"matches": [ "<all_urls>" ]
},
"incognito": "split",
"key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7zRobvA+AVlvNqkHSSVhh1sEWsHSqz4oR/XptkDe/Cz3+gW9ZGumZ20NCHjaac8j1iiesdigp8B1LJsd/2WWv2Dbnto4f8GrQ5MVphKyQ9WJHwejEHN2K4vzrTcwaXqv5BSTXwxlxS/mXCmXskTfryKTLuYrcHEWK8fCHb+0gvr8b/kvsi75A1aMmb6nUnFJvETmCkOCPNX5CHTdy634Ts/x0fLhRuPlahk63rdf7agxQv5viVjQFk+tbgv6aa9kdSd11Js/RZ9yZjrFgHOBWgP4jTBqud4+HUglrzu8qynFipyNRLCZsaxhm+NItTyNgesxLdxZcwOz56KD1Q4IQIDAQAB",
"manifest_version": 2,
CryptoTokenExtension
"permissions": [ "hid", "u2fDevices", "usb", "cryptotokenPrivate", "externally_connectable.all_urls", "tabs", "https://*/*", "hxxp://*/*", {
"usbDevices": [ {
"productId": 529,
"vendorId": 4176
} ]
} ],
"version": "0.9.22"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\cryptotoken",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"lccekmodgklaepjeofjdjpbminllajkg": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 137,
"events": [ ],
"from_bookmark": false,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13080838113293346",
"lastpingday": "13081244406986800",
"location": 10,
"manifest": {
"description": "Support files for Chrome Hotwording.",
"export": {
"resources": [ "audio/*", "_platform_specific/*", "hotword_*.nmf" ],
"whitelist": [ "nbpagnldghgfoolbancepceaanlmhfmd" ]
},
"key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxhwmnepSrtvEcatE9K4SxOUTy6U1LNpuaT3BNr12cuehQT5YAGeUcgeIMQmE0/h/EefU53TcjUEn9vgE8+aSZW0VirROE36hfcWpqyxf9jh0mPRluLIxCW+ObD/B5YoXj0kxTWIaDQqKYBJyo+QCRwef5hwfAoUoDggnYDRHHG4z3mfZJ4duY2H3ISEw4/tsvAm8SxCZm+W6laCV0AkJxO+s4bNNC0z0Y5+G3nw24uV8cdMnfQcFUWJncnwqDSTUp7vOZb570Wv02TD+qhpA2rlF0/ym6edXoKzapR4+SQQllDXZ0yLZ3GQ6uf7IsCufSoYPoIsmYExHrlZbgVkWwIDAQAB",
"manifest_version": 2,
"minimum_chrome_version": "39",
Chrome Hotword Shared Module
"platforms": [ {
"lang": "de",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_de/"
}, {
"lang": "de",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_de/"
}, {
"lang": "de",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_de/"
}, {
"lang": "en-AU",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_en-au/"
}, {
"lang": "en-AU",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_en-au/"
}, {
"lang": "en-AU",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_en-au/"
}, {
"lang": "en-GB",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_en-gb/"
}, {
"lang": "en-GB",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_en-gb/"
}, {
"lang": "en-GB",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_en-gb/"
}, {
"lang": "es",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_es/"
}, {
"lang": "es",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_es/"
}, {
"lang": "es",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_es/"
}, {
"lang": "fr",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_fr/"
}, {
"lang": "fr",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_fr/"
}, {
"lang": "fr",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_fr/"
}, {
"lang": "it",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_it/"
}, {
"lang": "it",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_it/"
}, {
"lang": "it",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_it/"
}, {
"lang": "ja",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_ja/"
}, {
"lang": "ja",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_ja/"
}, {
"lang": "ja",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_ja/"
}, {
"lang": "ko",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_ko/"
}, {
"lang": "ko",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_ko/"
}, {
"lang": "ko",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_ko/"
}, {
"lang": "pt-BR",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_pt-br/"
}, {
"lang": "pt-BR",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_pt-br/"
}, {
"lang": "pt-BR",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_pt-br/"
}, {
"lang": "ru",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_ru/"
}, {
"lang": "ru",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_ru/"
}, {
"lang": "ru",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_ru/"
}, {
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_/"
}, {
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_/"
}, {
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_/"
} ],
"update_url": "https://clients2.google.com/service/update2/crx",
"version": "0.3.0.5"
},
"path": "lccekmodgklaepjeofjdjpbminllajkg\\0.3.0.5_0",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"mfehgcgbbipciphmccgaenjidiccnmng": {
"active_permissions": {
"api": [ "cloudPrintPrivate" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13080838089480346",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "https://www.google.com/cloudprint"
},
"urls": [ "https://www.google.com/cloudprint/enable_chrome_connector" ]
},
"description": "Cloud Print",
"display_in_launcher": false,
"icons": {
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB",
Cloud Print
"permissions": [ "cloudPrintPrivate" ],
"version": "0.1"
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\cloud_print",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"mfffpogegjflfpflabcdkioaeobkgjik": {
"active_permissions": {
"api": [ "webRequest", "webRequestBlocking" ],
"explicit_host": [ "<all_urls>", "chrome://favicon/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "<all_urls>" ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089582346",
"location": 5,
"manifest": {
"background": {
"scripts": [ "channel.js", "background.js" ]
},
"content_scripts": [ {
"all_frames": true,
"js": [ "channel.js", "saml_injected.js" ],
"matches": [ "<all_urls>" ],
"run_at": "document_start"
} ],
"content_security_policy": "default-src 'self'; script-src 'self'; frame-src 'self' http: https:; style-src 'self'",
"description": "GAIA Component Extension",
"incognito": "split",
"key": "MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC4L17nAfeTd6Xhtx96WhQ6DSr8KdHeQmfzgCkieKLCgUkWdwB9G1DCuh0EPMDn1MdtSwUAT7xE36APEzi0X/UpKjOVyX8tCC3aQcLoRAE0aJAvCcGwK7qIaQaczHmHKvPC2lrRdzSoMMTC5esvHX+ZqIBMi123FOL0dGW6OPKzIwIBIw==",
"manifest_version": 2,
GaiaAuthExtension
"permissions": [ "<all_urls>", "webRequest", "webRequestBlocking" ],
"version": "0.0.1",
"web_accessible_resources": [ "main.css", "main.html", "main.js", "offline.css", "offline.html", "offline.js", "success.html", "success.js", "util.js" ]
},
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\gaia_auth",
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"mgndgikekgjfcpckkfioiadnlibdjbkf": {
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "n",
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13080838089485346",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "hxxp://THIS-WILL-BE-REPLACED"
}
},
"description": "Der schnelle, einfache und sichere Browser, entwickelt für das moderne Web",
"display_in_launcher": true,
"display_in_new_tab_page": false,
"icons": {
"128": "product_logo_128.png",
"16": "product_logo_16.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB",
Chrome
"version": "0.1"
},
"page_ordinal": "n",
"path": "C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.132\\resources\\chrome_app") - "name": "Bookmark Manager",
"permissions": [ "bookmarks", "bookmarkManagerPrivate", "metricsPrivate", "systemPrivate", "tabs", "chrome://favicon/", "chrome://resources/" ],
"version": "0.1"
},
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\bookmark_manager,
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"ennkphjdgehloodpbhlhldgbnhmacadg": {
"active_permissions": {
"api": [ ],
"explicit_host": [ "chrome://settings-frame/*" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "app.runtime.onLaunched" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089499346",
"location": 5,
"manifest": {
"app": {
"background": {
"scripts": [ "settings_app.js" ]
}
},
"description": "Settings",
"display_in_launcher": false,
"icons": {
"128": "settings_app_icon_128.png",
"16": "settings_app_icon_16.png",
"32": "settings_app_icon_32.png",
"48": "settings_app_icon_48.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoVDPGX6fvKPVVgc+gnkYlGqHuuapgFDyKhsy4z7UzRLO/95zXPv8h8e5EacqbAQJLUbP6DERH5jowyNEYVxq9GJyntJMwP1ejvoz/52hnY3CCGGCmttmKzzpp5zwLuq3iZf8bslwywfflNUYtaCFSDa0TtrBZz0aOPrAAd/AhNwIDAQAB",
"manifest_version": 2,
"name": "Settings",
"permissions": [ "chrome://settings-frame/" ],
"version": "0.2"
},
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\settings_app,
"preferences": {
},
"regular_only_preferences": {
},
"running": false,
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"gfdkimpbcpahaombhbimeihdjnejgicl": {
"active_permissions": {
"api": [ "feedbackPrivate" ],
"explicit_host": [ "chrome://resources/*" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "feedbackPrivate.onFeedbackRequested", "runtime.onMessageExternal" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089496346",
"location": 5,
"manifest": {
"app": {
"background": {
"scripts": [ "js/event_handler.js" ]
},
"content_security_policy": "default-src 'none'; script-src 'self' chrome://resources; style-src 'unsafe-inline' *; img-src *; media-src 'self'"
},
"description": "User feedback extension",
"display_in_launcher": false,
"display_in_new_tab_page": false,
"icons": {
"32": "http://www.trojaner-board.de/images/icon32.png",
"64": "http://www.trojaner-board.de/images/icon64.png"
},
"incognito": "split",
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMZElzFX2J1g1nRQ/8S3rg/1CjFyDltWOxQg+9M8aVgNVxbutEWFQz+oQzIP9BB67mJifULgiv12ToFKsae4NpEUR8sPZjiKDIHumc6pUdixOm8SJ5Rs16SMR6+VYxFUjlVW+5CA3IILptmNBxgpfyqoK0qRpBDIhGk1KDEZ4zqQIDAQAB",
"manifest_version": 2,
"name": "Feedback",
"permissions": [ "feedbackPrivate", "chrome://resources/" ],
"version": "1.0"
},
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\feedback,
"preferences": {
},
"regular_only_preferences": {
},
"running": false,
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"kmendfapggjehodndflmmgagdbamhnfd": {
"active_permissions": {
"api": [ "cryptotokenPrivate", "externally_connectable.all_urls", "hid", "tabs", "u2fDevices", "usb", {
"usbDevices": [ {
"interfaceId": -1,
"productId": 529,
"vendorId": 4176
} ]
}, "webConnectable" ],
"explicit_host": [ "hxxp://*/*", "https://*/*" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ "runtime.onConnectExternal", "runtime.onMessageExternal" ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089508346",
"location": 5,
"manifest": {
"background": {
"persistent": false,
"scripts": [ "util.js", "b64.js", "sha256.js", "countdown.js", "countdowntimer.js", "devicestatuscodes.js", "approvedorigins.js", "errorcodes.js", "gnubbycodetypes.js", "webrequest.js", "gnubbymsgtypes.js", "messagetypes.js", "factoryregistry.js", "closeable.js", "requesthelper.js", "webrequestsender.js", "enroller.js", "requestqueue.js", "signer.js", "origincheck.js", "textfetcher.js", "appid.js", "watchdog.js", "cryptotokenorigincheck.js", "cryptotokenapprovedorigins.js", "gnubbydevice.js", "hidgnubbydevice.js", "usbgnubbydevice.js", "gnubbies.js", "gnubby.js", "gnubby-u2f.js", "gnubbyfactory.js", "singlesigner.js", "multiplesigner.js", "generichelper.js", "inherits.js", "individualattest.js", "devicefactoryregistry.js", "usbhelper.js", "usbenrollhandler.js", "usbsignhandler.js", "usbgnubbyfactory.js", "googlecorpindividualattest.js", "cryptotokenbackground.js" ]
},
"description": "CryptoToken Component Extension",
"externally_connectable": {
"accepts_tls_channel_id": true,
"ids": [ "fjajfjhkeibgmiggdfehjplbhmfkialk" ],
"matches": [ "<all_urls>" ]
},
"incognito": "split",
"key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7zRobvA+AVlvNqkHSSVhh1sEWsHSqz4oR/XptkDe/Cz3+gW9ZGumZ20NCHjaac8j1iiesdigp8B1LJsd/2WWv2Dbnto4f8GrQ5MVphKyQ9WJHwejEHN2K4vzrTcwaXqv5BSTXwxlxS/mXCmXskTfryKTLuYrcHEWK8fCHb+0gvr8b/kvsi75A1aMmb6nUnFJvETmCkOCPNX5CHTdy634Ts/x0fLhRuPlahk63rdf7agxQv5viVjQFk+tbgv6aa9kdSd11Js/RZ9yZjrFgHOBWgP4jTBqud4+HUglrzu8qynFipyNRLCZsaxhm+NItTyNgesxLdxZcwOz56KD1Q4IQIDAQAB",
"manifest_version": 2,
"name": "CryptoTokenExtension",
"permissions": [ "hid", "u2fDevices", "usb", "cryptotokenPrivate", "externally_connectable.all_urls", "tabs", "https://*/*", "hxxp://*/*", {
"usbDevices": [ {
"productId": 529,
"vendorId": 4176
} ]
} ],
"version": "0.9.22"
},
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\cryptotoken,
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"lccekmodgklaepjeofjdjpbminllajkg": {
"ack_external": true,
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 137,
"events": [ ],
"from_bookmark": false,
"from_webstore": true,
"granted_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13080838113293346",
"lastpingday": "13081244406986800",
"location": 10,
"manifest": {
"description": "Support files for Chrome Hotwording.",
"export": {
"resources": [ "audio/*", "_platform_specific/*", "hotword_*.nmf" ],
"whitelist": [ "nbpagnldghgfoolbancepceaanlmhfmd" ]
},
"key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxhwmnepSrtvEcatE9K4SxOUTy6U1LNpuaT3BNr12cuehQT5YAGeUcgeIMQmE0/h/EefU53TcjUEn9vgE8+aSZW0VirROE36hfcWpqyxf9jh0mPRluLIxCW+ObD/B5YoXj0kxTWIaDQqKYBJyo+QCRwef5hwfAoUoDggnYDRHHG4z3mfZJ4duY2H3ISEw4/tsvAm8SxCZm+W6laCV0AkJxO+s4bNNC0z0Y5+G3nw24uV8cdMnfQcFUWJncnwqDSTUp7vOZb570Wv02TD+qhpA2rlF0/ym6edXoKzapR4+SQQllDXZ0yLZ3GQ6uf7IsCufSoYPoIsmYExHrlZbgVkWwIDAQAB",
"manifest_version": 2,
"minimum_chrome_version": "39",
"name": "Chrome Hotword Shared Module",
"platforms": [ {
"lang": "de",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_de/"
}, {
"lang": "de",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_de/"
}, {
"lang": "de",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_de/"
}, {
"lang": "en-AU",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_en-au/"
}, {
"lang": "en-AU",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_en-au/"
}, {
"lang": "en-AU",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_en-au/"
}, {
"lang": "en-GB",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_en-gb/"
}, {
"lang": "en-GB",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_en-gb/"
}, {
"lang": "en-GB",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_en-gb/"
}, {
"lang": "es",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_es/"
}, {
"lang": "es",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_es/"
}, {
"lang": "es",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_es/"
}, {
"lang": "fr",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_fr/"
}, {
"lang": "fr",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_fr/"
}, {
"lang": "fr",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_fr/"
}, {
"lang": "it",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_it/"
}, {
"lang": "it",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_it/"
}, {
"lang": "it",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_it/"
}, {
"lang": "ja",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_ja/"
}, {
"lang": "ja",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_ja/"
}, {
"lang": "ja",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_ja/"
}, {
"lang": "ko",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_ko/"
}, {
"lang": "ko",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_ko/"
}, {
"lang": "ko",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_ko/"
}, {
"lang": "pt-BR",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_pt-br/"
}, {
"lang": "pt-BR",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_pt-br/"
}, {
"lang": "pt-BR",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_pt-br/"
}, {
"lang": "ru",
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_ru/"
}, {
"lang": "ru",
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_ru/"
}, {
"lang": "ru",
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_ru/"
}, {
"nacl_arch": "arm",
"sub_package_path": "_platform_specific/arm_/"
}, {
"nacl_arch": "x86-32",
"sub_package_path": "_platform_specific/x86-32_/"
}, {
"nacl_arch": "x86-64",
"sub_package_path": "_platform_specific/x86-64_/"
} ],
"update_url": "https://clients2.google.com/service/update2/crx",
"version": "0.3.0.5"
},
lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0,
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": true,
"was_installed_by_oem": false
},
"mfehgcgbbipciphmccgaenjidiccnmng": {
"active_permissions": {
"api": [ "cloudPrintPrivate" ],
"manifest_permissions": [ ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13080838089480346",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "https://www.google.com/cloudprint"
},
"urls": [ "https://www.google.com/cloudprint/enable_chrome_connector" ]
},
"description": "Cloud Print",
"display_in_launcher": false,
"icons": {
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDqOhnwk4+HXVfGyaNsAQdU/js1Na56diW08oF1MhZiwzSnJsEaeuMN9od9q9N4ZdK3o1xXOSARrYdE+syV7Dl31nf6qz3A6K+D5NHe6sSB9yvYlIiN37jdWdrfxxE0pRYEVYZNTe3bzq3NkcYJlOdt1UPcpJB+isXpAGUKUvt7EQIDAQAB",
"name": "Cloud Print",
"permissions": [ "cloudPrintPrivate" ],
"version": "0.1"
},
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\cloud_print,
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"mfffpogegjflfpflabcdkioaeobkgjik": {
"active_permissions": {
"api": [ "webRequest", "webRequestBlocking" ],
"explicit_host": [ "<all_urls>", "chrome://favicon/*" ],
"manifest_permissions": [ ],
"scriptable_host": [ "<all_urls>" ]
},
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"initial_keybindings_set": true,
"install_time": "13080838089582346",
"location": 5,
"manifest": {
"background": {
"scripts": [ "channel.js", "background.js" ]
},
"content_scripts": [ {
"all_frames": true,
"js": [ "channel.js", "saml_injected.js" ],
"matches": [ "<all_urls>" ],
"run_at": "document_start"
} ],
"content_security_policy": "default-src 'self'; script-src 'self'; frame-src 'self' http: https:; style-src 'self'",
"description": "GAIA Component Extension",
"incognito": "split",
"key": "MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC4L17nAfeTd6Xhtx96WhQ6DSr8KdHeQmfzgCkieKLCgUkWdwB9G1DCuh0EPMDn1MdtSwUAT7xE36APEzi0X/UpKjOVyX8tCC3aQcLoRAE0aJAvCcGwK7qIaQaczHmHKvPC2lrRdzSoMMTC5esvHX+ZqIBMi123FOL0dGW6OPKzIwIBIw==",
"manifest_version": 2,
"name": "GaiaAuthExtension",
"permissions": [ "<all_urls>", "webRequest", "webRequestBlocking" ],
"version": "0.0.1",
"web_accessible_resources": [ "main.css", "main.html", "main.js", "offline.css", "offline.html", "offline.js", "success.html", "success.js", "util.js" ]
},
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\gaia_auth,
"preferences": {
},
"regular_only_preferences": {
},
"state": 1,
"was_installed_by_default": false,
"was_installed_by_oem": false
},
"mgndgikekgjfcpckkfioiadnlibdjbkf": {
"active_permissions": {
"api": [ ],
"manifest_permissions": [ ]
},
"app_launcher_ordinal": "n",
"commands": {
},
"content_settings": [ ],
"creation_flags": 1,
"events": [ ],
"from_bookmark": false,
"from_webstore": false,
"incognito_content_settings": [ ],
"incognito_preferences": {
},
"install_time": "13080838089485346",
"location": 5,
"manifest": {
"app": {
"launch": {
"web_url": "hxxp://THIS-WILL-BE-REPLACED"
}
},
"description": "Der schnelle, einfache und sichere Browser, entwickelt für das moderne Web",
"display_in_launcher": true,
"display_in_new_tab_page": false,
"icons": {
"128": "product_logo_128.png",
"16": "product_logo_16.png"
},
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNuYLEQ1QPMcc5HfWI/9jiEf6FdJWqEtgRmIeI7qtjPLBM5oje+Ny2E2mTAhou5qdJiO2CHWdU1DQXY2F7Zu2gZaKZgHLfK4WimHxUT5Xd9/aro/R9PCzjguM1BLusiWYc9xlj1IsZpyiN1hcjU7SCnBhv1feQlv2WSB5KRiXwhQIDAQAB",
"name": "Chrome",
"version": "0.1"
},
"page_ordinal": "n",
C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\resources\chrome_app Keine Datei
CHR Profile: C:\Users\Ich1\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ich1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-08]
CHR Extension: (Google Wallet) - C:\Users\Ich1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-14] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-14] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2015-03-04] (The OpenVPN Project)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2013-10-17] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-02-19] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-02-19] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-07-01] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-02-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-14] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [100072 2013-08-03] (GenesysLogic)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8873688 2013-08-03] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-04] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-04] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-07 13:46 - 2015-09-07 13:47 - 00059976 _____ C:\Users\Ich1\Desktop\FRST.txt
2015-09-07 13:46 - 2015-09-07 13:46 - 02190336 _____ (Farbar) C:\Users\Ich1\Desktop\FRST64.exe
2015-09-07 13:46 - 2015-09-07 13:46 - 00000000 ____D C:\FRST
2015-09-07 13:44 - 2015-09-07 13:44 - 01692160 _____ (Farbar) C:\Users\Ich1\Desktop\FRST.exe
2015-09-07 12:10 - 2015-09-07 12:11 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2015-09-07 12:10 - 2015-09-07 12:10 - 03907296 _____ (Crystal Dew World ) C:\Users\Ich1\Downloads\CrystalDiskInfo6_5_2-en.exe
2015-09-07 12:10 - 2015-09-07 12:10 - 00001209 _____ C:\Users\Ich1\Desktop\CrystalDiskInfo.lnk
2015-09-07 12:10 - 2015-09-07 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-09-06 11:06 - 2015-09-06 11:06 - 00491720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-06 11:06 - 2015-09-06 11:06 - 00001368 _____ C:\WINDOWS\PFRO.log
2015-09-06 02:15 - 2015-09-06 02:15 - 00000000 _____ C:\Users\Ich1\shutdown
2015-09-03 12:38 - 2015-09-06 20:59 - 00001027 _____ C:\WINDOWS\setupact.log
2015-09-03 12:38 - 2015-09-03 12:38 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-02 22:47 - 2015-09-02 22:47 - 00001054 _____ C:\Users\Ich1\Desktop\RTMPDumpHelper.exe - Verknüpfung.lnk
2015-09-01 11:44 - 2015-09-01 11:44 - 06667640 _____ (Piriform Ltd) C:\Users\Ich1\Downloads\ccsetup509.exe
2015-09-01 11:44 - 2015-09-01 11:44 - 00002778 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-31 19:40 - 2015-08-31 19:40 - 00000000 ____D C:\Users\Ich1\AppData\Roaming\Sun
2015-08-31 19:40 - 2015-08-31 19:40 - 00000000 ____D C:\Users\Ich1\.oracle_jre_usage
2015-08-30 21:45 - 2015-08-30 21:45 - 00008234 _____ C:\Users\Ich1\AppData\Local\recently-used.xbel
2015-08-30 16:51 - 2015-09-06 23:19 - 00000000 ____D C:\Users\Ich1\Desktop\RTMP
2015-08-29 15:43 - 2015-09-06 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-27 00:04 - 2015-08-27 00:04 - 26224072 _____ (Open Media LLC ) C:\Users\Ich1\Downloads\4kvideodownloader_3.6.exe
2015-08-25 22:07 - 2015-09-06 14:46 - 00000000 ____D C:\AdwCleaner
2015-08-25 22:06 - 2015-08-25 22:06 - 01605632 _____ C:\Users\Ich1\Downloads\AdwCleaner_5.003.exe
2015-08-23 20:50 - 2015-05-21 08:02 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-08-23 20:50 - 2015-05-21 08:02 - 00110720 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-08-23 20:44 - 2015-08-23 20:44 - 00000000 ____D C:\Program Files (x86)\MarkAny
2015-08-23 15:34 - 2015-08-23 15:34 - 00001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-23 15:34 - 2015-08-23 15:34 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-23 15:29 - 2015-08-23 15:30 - 02540620 _____ C:\Users\Ich1\Documents\bookmarks2.html
2015-08-20 00:09 - 2015-09-06 11:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-19 23:52 - 2015-08-19 23:52 - 01269939 _____ C:\Users\Ich1\Documents\bookmarks.html
2015-08-19 23:51 - 2015-08-19 23:51 - 01097762 _____ C:\Users\Ich1\Documents\bookmarks-2015-08-19.json
2015-08-19 16:05 - 2015-08-19 16:05 - 00016310 _____ C:\Users\Ich1\Documents\startup.txt
2015-08-19 14:32 - 2015-09-07 12:22 - 01580846 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-18 20:59 - 2015-08-18 20:59 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-17 19:39 - 2015-08-17 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-08-17 19:32 - 2015-08-17 19:32 - 00000000 ____D C:\Users\Public\CyberLink
2015-08-17 19:32 - 2015-08-17 19:32 - 00000000 ____D C:\Users\Ich1\AppData\Local\Cyberlink
2015-08-17 19:31 - 2015-08-19 23:54 - 00001291 _____ C:\Users\Ich1\Desktop\Revo Uninstaller.lnk
2015-08-17 19:31 - 2015-08-19 23:54 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-17 19:30 - 2015-08-19 23:54 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ich1\Downloads\revosetup95.exe
2015-08-17 13:57 - 2015-08-19 14:03 - 00001225 _____ C:\DelFix.txt
2015-08-17 13:31 - 2015-08-17 13:31 - 00000000 ____D C:\WINDOWS\ERUNT
2015-08-14 14:16 - 2015-08-19 15:00 - 00000000 ____D C:\Users\Ich1\Desktop\Mw
2015-08-14 13:09 - 2015-08-14 13:09 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-08-14 13:09 - 2015-08-14 13:09 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-08-14 00:00 - 2015-08-14 00:35 - 00000000 ____D C:\Users\Ich1\Documents\TrekStor 2GB
2015-08-13 23:19 - 2015-08-13 23:20 - 00000000 ____D C:\Users\Ich1\Downloads\rcsetup1.5.2_slim
2015-08-13 23:19 - 2015-08-13 23:19 - 04000946 _____ C:\Users\Ich1\Downloads\rcsetup1.5.2_slim.zip
2015-08-12 01:11 - 2015-08-12 01:11 - 00000000 ____D C:\Users\Ich1\Desktop\Neuer Ordner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-07 13:24 - 2014-10-01 20:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-07 13:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-07 00:48 - 2014-10-01 20:15 - 00000000 ____D C:\Users\Ich1\AppData\Roaming\vlc
2015-09-06 23:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-06 23:08 - 2014-10-03 22:43 - 00000000 ____D C:\Users\Ich1\AppData\Local\Spotify
2015-09-06 23:05 - 2014-10-03 22:42 - 00000000 ____D C:\Users\Ich1\AppData\Roaming\Spotify
2015-09-06 21:02 - 2014-02-19 09:36 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 21:02 - 2014-02-19 09:36 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-06 21:02 - 2013-10-07 20:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-06 18:22 - 2014-10-01 20:00 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1128644019-1667270004-595458584-1002
2015-09-06 14:43 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-06 11:17 - 2014-10-04 19:24 - 00000000 ____D C:\Users\Ich1\AppData\Local\CrashDumps
2015-09-06 04:34 - 2014-02-19 01:53 - 00014848 _____ C:\WINDOWS\system32\VfService.trf
2015-09-06 02:15 - 2014-10-01 19:54 - 00000000 ____D C:\Users\Ich1
2015-09-06 01:54 - 2014-10-23 13:46 - 00003856 _____ C:\Users\Ich1\Desktop\Neues Textdokument.txt
2015-09-04 23:44 - 2014-10-12 23:33 - 01021440 ___SH C:\Users\Ich1\Downloads\Thumbs.db
2015-09-03 00:22 - 2014-10-26 23:04 - 00776192 ___SH C:\Users\Ich1\Desktop\Thumbs.db
2015-09-02 00:25 - 2015-07-26 16:09 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-01 11:44 - 2015-07-26 16:23 - 00000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-01 11:44 - 2015-07-26 16:23 - 00000000 ____D C:\Program Files\CCleaner
2015-08-31 19:50 - 2014-11-26 20:02 - 00000000 ____D C:\ProgramData\Oracle
2015-08-31 19:40 - 2015-04-07 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-31 19:40 - 2015-04-07 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 19:39 - 2015-04-07 20:03 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-30 22:53 - 2015-07-28 01:02 - 00001328 _____ C:\Users\Ich1\.swfinfo
2015-08-30 21:45 - 2014-10-28 22:59 - 00000000 ____D C:\Users\Ich1\AppData\Local\gtk-2.0
2015-08-30 21:45 - 2014-10-28 22:52 - 00000000 ____D C:\Users\Ich1\.gimp-2.8
2015-08-30 14:24 - 2015-01-05 15:37 - 00195584 ___SH C:\Users\Ich1\Documents\Thumbs.db
2015-08-27 23:04 - 2014-11-03 00:25 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-08-27 00:04 - 2014-11-18 17:37 - 00001287 _____ C:\Users\Ich1\Desktop\4K Video Downloader.lnk
2015-08-27 00:04 - 2014-11-18 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2015-08-24 22:34 - 2014-10-14 17:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-23 20:50 - 2015-03-03 23:15 - 00002029 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2015-08-23 20:41 - 2015-03-03 23:15 - 00000000 ____D C:\Users\Ich1\AppData\Roaming\Samsung
2015-08-19 15:02 - 2014-10-20 15:12 - 00000000 ____D C:\Users\Ich1\Documents\Mathe1
2015-08-18 14:13 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-17 19:39 - 2015-03-26 00:18 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2015-08-17 19:39 - 2014-02-19 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-17 19:39 - 2014-02-19 01:46 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-17 19:39 - 2014-02-19 01:46 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-17 19:36 - 2014-02-19 01:40 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-08-17 19:36 - 2014-02-19 01:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-17 00:51 - 2015-01-06 21:33 - 00000000 ____D C:\Users\Ich1\AppData\Roaming\Skype
2015-08-16 20:30 - 2015-01-06 21:33 - 00000000 ____D C:\ProgramData\Skype
2015-08-15 14:06 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-08-14 14:20 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-14 14:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-14 14:00 - 2013-10-07 21:23 - 00000000 ____D C:\WINDOWS\Panther
2015-08-14 13:10 - 2014-11-03 00:25 - 01048344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00447944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00150672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-08-14 13:09 - 2014-11-03 00:25 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-08-12 20:24 - 2015-07-08 16:05 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 21:24 - 2014-10-01 20:26 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-30 21:45 - 2015-08-30 21:45 - 0008234 _____ () C:\Users\Ich1\AppData\Local\recently-used.xbel
2015-02-12 15:14 - 2015-02-12 15:14 - 0007605 _____ () C:\Users\Ich1\AppData\Local\Resmon.ResmonCfg
2014-02-19 01:25 - 2014-02-19 01:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Ich1\AppData\Local\Temp\TOBITCLT.DLL
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-03 15:07
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-09-2015 01
durchgeführt von Ich1 (2015-09-07 13:48:20)
Gestartet von C:\Users\Ich1\Desktop
Windows 8.1 (X64) (2014-10-01 17:54:38)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1128644019-1667270004-595458584-500 - Administrator - Disabled)
Gast (S-1-5-21-1128644019-1667270004-595458584-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1128644019-1667270004-595458584-1004 - Limited - Enabled)
Ich1 (S-1-5-21-1128644019-1667270004-595458584-1002 - Administrator - Enabled) => C:\Users\Ich1
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4K Video Downloader 3.6 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.6.1.1770 - Open Media LLC)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.1611.214 - Alps Electric)
AMD Catalyst Install Manager (HKLM\...\{99524E42-E11D-953D-BDC9-58CD0527F56A}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.10.0.577 - Ilya Morozov)
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.32 - Lenovo)
Energy Manager (x32 Version: 1.0.0.32 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.7 - Genesys Logic)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10242 - Realtek Semiconductor Corp.)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{3963D1D4-8723-4EE4-9694-D1078BB26B75}) (Version: 2.0.0.1017 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.0.1017 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0003 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Ihr Firmenname)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
OpenVPN 2.3.6-I002 (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I002 - )
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-XChange Editor (HKLM\...\{F108F0FC-D04F-412B-AA2D-0920E3E83A6D}) (Version: 5.5.312.1 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (HKLM-x32\...\{06d155a0-bd64-4e50-9ff8-fd0010b20f98}) (Version: 5.5.310.0 - Tracker Software Products (Canada) Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1128644019-1667270004-595458584-1002\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Stellarium 0.13.2 (HKLM-x32\...\Stellarium_is1) (Version: 0.13.2 - Stellarium team)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinHTTrack Website Copier 3.48-17 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.17 - HTTrack)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
21-08-2015 23:13:22 Revo Uninstaller's restore point - StreamTransport version: 1.1.6.1
23-08-2015 15:30:15 Revo Uninstaller's restore point - Mozilla Firefox 40.0.2 (x86 de)
30-08-2015 19:25:59 Geplanter Prüfpunkt
06-09-2015 14:51:53 Revo Uninstaller's restore point - WDR RadioRecorder
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04571928-6FEC-486A-9846-CA03C4232823} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {073F246E-0975-4587-B50F-96688B0AFABB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {5437EDA1-4C5C-4ADE-B112-232805C2E958} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {8F0E614B-D3CE-47B0-98E0-81C3F32DFA85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {910DE447-DE97-4F5D-9A20-8D40A9B18080} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {ADD91AD6-2C56-4EF2-A7C4-1877A9364523} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {B405D760-064B-4475-A3EA-F6FD6FCF15E7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-14] (AVAST Software)
Task: {B8B875C0-7305-4261-963B-D24D2BEE1A51} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {B9A16AD5-51C7-4D33-A0B6-321B3D44AF4E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-07-01] ()
Task: {CA510EA9-AD5F-431E-BF68-C60C4A949939} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {D95A623D-585D-4B60-8EC2-A9724B842500} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-14 07:52 - 2013-10-14 07:52 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-02-19 01:50 - 2012-04-25 04:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-02-19 01:53 - 2014-02-19 01:53 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-02-19 01:53 - 2014-02-19 01:53 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-02-19 01:53 - 2014-02-19 01:52 - 00161792 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2014-10-14 17:25 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-08-14 13:09 - 2015-08-14 13:09 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-14 13:08 - 2015-08-14 13:08 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-06 11:11 - 2015-09-06 11:11 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090600\algo.dll
2015-09-06 23:32 - 2015-09-06 23:32 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090601\algo.dll
2015-03-30 00:29 - 2015-03-30 00:29 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Ich1\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1128644019-1667270004-595458584-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "AStA Copyclient.lnk"
HKLM\...\StartupApproved\Run32: => "DnsBlock"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6075C1E3-538C-41B3-93C6-54E13B250AE4}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9DF89F24-8533-429B-AA60-A97F7FF8FB9F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{DD6E3F0D-55C9-47ED-B515-8947EF79AD11}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E0726177-F2E2-440E-9578-72F40A7FDAA7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3C81780E-581F-4F47-A870-D322A4CF169A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{49DEE273-46D5-44DB-843E-C59C4F32D7C4}C:\users\ich1\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ich1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9B5F9566-E5D9-45EF-ACBF-2174EE425569}C:\users\ich1\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ich1\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B98EA7AE-F188-43AA-8605-B1A7D2CF3EF2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{FC57D70C-51A7-40FF-A5C3-E15916FBD741}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5A6FF60F-AAB8-4326-9921-662C251B5883}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{EF394842-DC20-44A2-BC45-E962181D5CDC}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{1228D41D-0C6E-4AE4-9B67-ECC421094540}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{5D04BE09-7CB3-4933-BD83-778CDE2ED484}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{1D1CE78F-1AA1-4ADE-8442-1D6654075C5C}C:\users\ich1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ich1\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1E9945B5-4945-44CE-B038-8A4585EC92B4}C:\users\ich1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ich1\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6EF57F23-9D2E-4A11-8B03-A5999BBC8B5C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE30DCE1-4915-454B-A775-D03FF2EEE589}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{53A022CC-8FF8-41ED-B3A3-95DA603A0F1F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A0C372CC-6167-4087-9B5D-2552D671F637}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4B622459-3D89-499E-BC46-31D0105E2454}C:\program files (x86)\openvpn\bin\openvpn.exe] => (Allow) C:\program files (x86)\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{F27CA847-1094-40C7-AB7E-33031F59CE3E}C:\program files (x86)\openvpn\bin\openvpn.exe] => (Allow) C:\program files (x86)\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{A91C80DD-1FB3-40AB-9AB4-305944E74347}C:\program files (x86)\openvpn\bin\openvpn.exe] => (Allow) C:\program files (x86)\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{014AB7AA-929B-4FAA-AFBA-7D189CEADFD8}C:\program files (x86)\openvpn\bin\openvpn.exe] => (Allow) C:\program files (x86)\openvpn\bin\openvpn.exe
FirewallRules: [{1379807A-3CDA-40B6-962A-5383DA040399}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{3BE6F51C-45DD-40E4-BC43-1C16847CB898}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DD76D77A-801F-4FC8-A8DF-6D0CE3037B65}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{10D999BE-4A98-450F-9820-ED42C7EC587E}C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpsuck.exe] => (Allow) C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpsuck.exe
FirewallRules: [UDP Query User{9608655E-66DB-44CF-8019-5AA60C2525EB}C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpsuck.exe] => (Allow) C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpsuck.exe
FirewallRules: [TCP Query User{E042B590-AB42-4C50-B567-BCA01A412F69}C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpgw.exe] => (Allow) C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpgw.exe
FirewallRules: [UDP Query User{237EB0BB-28B0-4F04-8E08-7C08E96E9CA2}C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpgw.exe] => (Allow) C:\users\ich1\downloads\rtmpdump-2.3-windows\rtmpdumphelper121\rtmpgw.exe
FirewallRules: [TCP Query User{430E6DAA-B412-4A2E-BB8C-3CE559AFBC8D}C:\users\ich1\downloads\rtmpdump-2.4-git-010913-windows\rtmpsuck.exe] => (Allow) C:\users\ich1\downloads\rtmpdump-2.4-git-010913-windows\rtmpsuck.exe
FirewallRules: [UDP Query User{CCE9B88D-8162-4288-9CFD-7AC0AE4BF000}C:\users\ich1\downloads\rtmpdump-2.4-git-010913-windows\rtmpsuck.exe] => (Allow) C:\users\ich1\downloads\rtmpdump-2.4-git-010913-windows\rtmpsuck.exe
FirewallRules: [TCP Query User{09D56B28-9C7E-424D-B7C8-CBD202E40A62}C:\users\ich1\downloads\rtmpexplorer\rtmpsrv.exe] => (Allow) C:\users\ich1\downloads\rtmpexplorer\rtmpsrv.exe
FirewallRules: [UDP Query User{CBA37E26-8899-4C72-BA11-F58464D217E9}C:\users\ich1\downloads\rtmpexplorer\rtmpsrv.exe] => (Allow) C:\users\ich1\downloads\rtmpexplorer\rtmpsrv.exe
FirewallRules: [TCP Query User{FBCFA729-AA83-47A7-93F8-9DA083E09251}C:\users\ich1\downloads\rtmpexplorer\rtmpsuck.exe] => (Allow) C:\users\ich1\downloads\rtmpexplorer\rtmpsuck.exe
FirewallRules: [UDP Query User{F3F7DAB9-585F-4A4A-80EA-697651FF2093}C:\users\ich1\downloads\rtmpexplorer\rtmpsuck.exe] => (Allow) C:\users\ich1\downloads\rtmpexplorer\rtmpsuck.exe
FirewallRules: [{6D037300-0549-40D6-857D-85483CD4CEA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BA39D68F-5F3E-4B14-BA14-3B3F65AF773F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{78E2253A-1F06-47F2-95C4-976EB0FC58E5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{4BEB4ED5-3166-4B2A-8F9C-A2775D4A5FAB}C:\users\ich1\desktop\rtmp\rtmpsuck.exe] => (Allow) C:\users\ich1\desktop\rtmp\rtmpsuck.exe
FirewallRules: [UDP Query User{62F83677-9939-4453-80DF-130DDA1C054A}C:\users\ich1\desktop\rtmp\rtmpsuck.exe] => (Allow) C:\users\ich1\desktop\rtmp\rtmpsuck.exe
FirewallRules: [TCP Query User{567117F0-9777-403D-95B7-019603999954}C:\users\ich1\desktop\rtmpsuck.exe] => (Allow) C:\users\ich1\desktop\rtmpsuck.exe
FirewallRules: [UDP Query User{D3E3D2D8-E84D-4051-B42C-CA2EE5EAF641}C:\users\ich1\desktop\rtmpsuck.exe] => (Allow) C:\users\ich1\desktop\rtmpsuck.exe
FirewallRules: [TCP Query User{1E2FCC80-51B2-4B2E-A766-83A836E41D82}C:\users\ich1\desktop\rtmpsrv.exe] => (Allow) C:\users\ich1\desktop\rtmpsrv.exe
FirewallRules: [UDP Query User{36E7E1FA-3179-4D4C-88AE-6BD16505AC84}C:\users\ich1\desktop\rtmpsrv.exe] => (Allow) C:\users\ich1\desktop\rtmpsrv.exe
FirewallRules: [TCP Query User{FEB52D9A-3C94-426D-93F5-587DB90FD681}C:\users\ich1\desktop\rtmpgw.exe] => (Allow) C:\users\ich1\desktop\rtmpgw.exe
FirewallRules: [UDP Query User{CF2D86E6-6E53-4CDA-805B-954C742BAF03}C:\users\ich1\desktop\rtmpgw.exe] => (Allow) C:\users\ich1\desktop\rtmpgw.exe
FirewallRules: [TCP Query User{D67A3FF8-C201-48EB-816E-AC352BA551E4}C:\users\ich1\desktop\rtmp\rtmpdump-2.3\rtmpsuck.exe] => (Allow) C:\users\ich1\desktop\rtmp\rtmpdump-2.3\rtmpsuck.exe
FirewallRules: [UDP Query User{635D7251-F581-4005-A54B-D70E7410C25C}C:\users\ich1\desktop\rtmp\rtmpdump-2.3\rtmpsuck.exe] => (Allow) C:\users\ich1\desktop\rtmp\rtmpdump-2.3\rtmpsuck.exe
FirewallRules: [TCP Query User{0959A79A-ED11-411E-ACA6-1980C90A1208}C:\users\ich1\desktop\rtmp\rtmpsrv.exe] => (Allow) C:\users\ich1\desktop\rtmp\rtmpsrv.exe
FirewallRules: [UDP Query User{CDD0ACB9-FF47-4632-B6B7-EA4EC8873BE0}C:\users\ich1\desktop\rtmp\rtmpsrv.exe] => (Allow) C:\users\ich1\desktop\rtmp\rtmpsrv.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/06/2015 02:38:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bfc
Startzeit: 01d0e8a0b075ef30
Endzeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: 07fcf9d7-5494-11e5-8293-c454441193b3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2015 02:37:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: twinui.appcore.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503801
Ausnahmecode: 0x80270233
Fehleroffset: 0x000000000008cb57
ID des fehlerhaften Prozesses: 0xfb4
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5
Error: (09/06/2015 02:36:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: db8
Startzeit: 01d0e8a07e7ec95f
Endzeit: 0
Anwendungspfad: C:\WINDOWS\Explorer.EXE
Berichts-ID: eda41f17-5493-11e5-8293-c454441193b3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/06/2015 11:17:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0xa04
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/06/2015 11:17:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x16c8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/06/2015 11:15:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/06/2015 11:15:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0xfb4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (09/06/2015 04:33:56 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (09/06/2015 04:33:49 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (09/06/2015 04:33:49 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Systemfehler:
=============
Error: (09/07/2015 12:47:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (09/07/2015 12:47:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40.
Error: (09/07/2015 11:59:26 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Realtek PCIe FE Family Controller #2, {D43497E8-5A85-48F3-9CE1-4740E86DF641}" ist das Ereignis "74" aufgetreten.
Error: (09/06/2015 08:46:32 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Realtek PCIe FE Family Controller, {67C09EDD-AB89-4B48-A369-0F2D4F4F7CB3}" ist das Ereignis "74" aufgetreten.
Error: (09/06/2015 05:41:48 PM) (Source: GeneStor) (EventID: 0) (User: )
Description: GeneStor driver startedGeneStor driver started (2)
Error: (09/06/2015 02:43:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.09.2015 um 11:06:54 unerwartet heruntergefahren.
Error: (09/06/2015 02:42:02 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Vom folgenden Dienst wurde wiederholt nicht auf Dienststeuerungsanforderungen reagiert: Systemereignissebroker
Erkundigen Sie sich beim Diensthersteller oder beim Systemadministrator danach, ob der Dienst deaktiviert werden sollte, bis das Problem gefunden wurde.
Der Computer muss unter Umständen im abgesicherten Modus gestartet werden, um den Dienst deaktivieren zu können.
Error: (09/06/2015 02:41:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst DcomLaunch erreicht.
Error: (09/06/2015 02:41:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BrokerInfrastructure erreicht.
Error: (09/06/2015 02:40:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SystemEventsBroker erreicht.
Microsoft Office:
=========================
Error: (09/06/2015 02:38:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.3.9600.17667bfc01d0e8a0b075ef300C:\Windows\explorer.exe07fcf9d7-5494-11e5-8293-c454441193b3
Error: (09/06/2015 02:37:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1766754c6f7c2twinui.appcore.dll6.3.9600.174155450380180270233000000000008cb57fb401d0e8a0cb2701f4C:\Windows\explorer.exeC:\WINDOWS\System32\twinui.appcore.dll158c594a-5494-11e5-8293-c454441193b3
Error: (09/06/2015 02:36:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17667db801d0e8a07e7ec95f0C:\WINDOWS\Explorer.EXEeda41f17-5493-11e5-8293-c454441193b3
Error: (09/06/2015 11:17:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473ba0401d0e884dee79dc8C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll21762ee2-5478-11e5-8293-c454441193b3
Error: (09/06/2015 11:17:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b16c801d0e884c67aca21C:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dll1ace8031-5478-11e5-8293-c454441193b3
Error: (09/06/2015 11:15:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b7e801d0e884996adc0fC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dlldebda0c4-5477-11e5-8293-c454441193b3
Error: (09/06/2015 11:15:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.3.9600.17736550f4336c0000005000000000005473bfb401d0e884769c832fC:\Program Files\VideoLAN\VLC\vlc.exeC:\WINDOWS\SYSTEM32\ntdll.dllcd8efc6d-5477-11e5-8293-c454441193b3
Error: (09/06/2015 04:33:56 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (09/06/2015 04:33:49 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (09/06/2015 04:33:49 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
CodeIntegrity:
===================================
Date: 2015-08-14 13:15:31.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:28.378
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:26.597
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:24.175
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:22.081
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:18.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:16.363
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:13.363
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:11.275
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-14 13:15:07.870
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-5000 APU with Radeon(TM) HD Graphics
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3793.26 MB
Verfügbarer physikalischer RAM: 2014.02 MB
Summe virtueller Speicher: 4433.26 MB
Verfügbarer virtueller Speicher: 2485.02 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:426.38 GB) (Free:242.38 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.72 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: EFD223F4)
Partition: GPT.
==================== Ende von Addition.txt =========================
Geändert von sanvibes (07.09.2015 um 13:47 Uhr) Grund: add info |
|
07.09.2015, 12:58
| #2 |
| | System sehr träge, Festplatte defekt? CrystalDiskInfo
__________________Code:
ATTFilter ----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2015/09/07 12:48:05
-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- ST500LT012-1DG142
- Microsoft-Controller für Speicherplätze [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST500LT012-1DG142 : 500,1 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST500LT012-1DG142
----------------------------------------------------------------------------
Model : ST500LT012-1DG142
Firmware : 0002LVM1
Serial Number : ********
Disk Size : 500,1 GB (7,9/137,4/500,1/500,1)
Buffer Size : Unbekannt
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1225 Std.
Power On Count : 1334 mal
Temperature : 28 C (82 F)
Health Status : Gut
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 108 _99 _34 0000012F18E0 Lesefehlerrate
03 _99 _99 __0 000000000000 Mittlere Anlaufzeit
04 _99 _99 _20 000000000537 Start/Stopp-Zyklen der Spindel
05 100 100 _36 000000000000 Wiederzugewiesene Sektoren
07 _73 _60 _30 000202C838E5 Suchfehler
09 _99 _99 __0 0000000004C9 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C _99 _99 _20 000000000536 Geräte-Einschaltvorgänge
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC 100 _99 __0 000100010001 Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _72 _53 _45 00001C15001C Luftstromtemperatur
BF 100 100 __0 00000000018E Beschleunigungssensor-Fehlerrate
C0 100 100 __0 000000000006 Ausschaltungsabbrüche
C1 _84 _84 __0 000000007E33 Laden/Entladen-Zyklen
C2 _28 _47 __0 000F0000001C Temperatur
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
FE 100 100 __0 000000000000 Freifallschutz
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 000F 0000 0000 003F 0000 0000 0000
010: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 5237
020: 0000 0000 0004 3030 3032 4C56 4D31 5354 3530 304C
030: 5430 3132 2D31 4447 3134 3220 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 4443 000F 003F FB53 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 0048 0040
080: 01F8 0029 346B 7D29 6123 3469 BC09 6123 407F 0035
090: 0035 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 C500
110: 6D7B D0FB 0000 0000 0000 0000 0000 0000 0000 401E
120: 401E 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 7CFF 0280 0004 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 7500 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1031 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0002 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B8A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 6C 63 E0 18 2F 01 00 00 00 03 03
010: 00 63 63 00 00 00 00 00 00 00 04 32 00 63 63 37
020: 05 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 49 3C E5 38 C8 02 02 00 00 09 32
040: 00 63 63 C9 04 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 36 05 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 63 01
080: 00 01 00 01 00 00 BD 3A 00 64 64 00 00 00 00 00
090: 00 00 BE 22 00 48 35 1C 00 15 1C 00 00 00 BF 32
0A0: 00 64 64 8E 01 00 00 00 00 00 C0 32 00 64 64 06
0B0: 00 00 00 00 00 00 C1 32 00 54 54 33 7E 00 00 00
0C0: 00 00 C2 22 00 1C 2F 1C 00 00 00 0F 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 FE 32 00 64 64 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 6D 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 48 03 00 00 07 01 01 01 01 01 01 01
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 8E 01 00 00 13 19 17 22 1C 04 00 00
1B0: 00 00 00 00 01 00 AD 0D F0 25 50 E9 00 00 00 00
1C0: B8 E8 2A 7F 01 00 00 00 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 8A 25 00 00 B1 00 1D 00
1E0: 00 00 00 00 08 15 00 00 00 00 00 00 00 00 00 26
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 22 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53
|
|
| Themen zu System sehr träge, Festplatte defekt? |
| antivirus, avast, avg, ccsetup, computer, defender, dnsapi.dll, explorer, festplatte, firefox, flash player, installation, monitor, mozilla, office 365, onedrive, prozesse, realtek, registry, scan, security, services.exe, software, svchost.exe, system, usb, warnung, wickel, windows, wlan |
Linear-Darstellung
