MoyaShan | 07.06.2015 21:19 | FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Daniel Lendle (administrator) on DANIELLENDLE-PC on 07-06-2015 17:37:33
Running from C:\Users\Daniel Lendle\Downloads
Loaded Profiles: Daniel Lendle (Available Profiles: Daniel Lendle)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Datpol) C:\Program Files (x86)\SpyShelter Premium\SpyShelterSrv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Say Media Group LTD) C:\ProgramData\PicColor Utility\ColorMedia.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Spotify Ltd) C:\Users\Daniel Lendle\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Daniel Lendle\AppData\Roaming\Spotify\Spotify.exe
(Datpol) C:\Program Files (x86)\SpyShelter Premium\SpyShelter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Spotify Ltd) C:\Users\Daniel Lendle\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Daniel Lendle\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.81.36.0\OverwolfHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Overwolf\0.81.36.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.81.36.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2014-03-27] (AVM Berlin)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-02] (Electronic Arts)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [39712 2014-12-20] (Overwolf LTD)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [Spotify Web Helper] => C:\Users\Daniel Lendle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-29] (Spotify Ltd)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [Spotify] => C:\Users\Daniel Lendle\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-29] (Spotify Ltd)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [SpyShelter] => C:\Program Files (x86)\SpyShelter Premium\SpyShelter.exe [3521800 2015-03-12] (Datpol)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [Microsoft Service] => C:\Users\Daniel Lendle\AppData\Roaming\Microsoft Service\Service.EXE [479407 2005-04-26] (Sony Creative Software Inc.)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [HKCU] => C:\Users\Daniel Lendle\AppData\Roaming\install\server.exe [1100820 2006-05-01] ()
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\MountPoints2: E - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL C:\MMAG\Beratung\Bedarfsanalysecenter\automaxx.exe
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\MountPoints2: {267076c7-8157-11e4-b513-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\MountPoints2: {67ad6998-d616-11e4-893f-74d435d2478b} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL C:\MMAG\Beratung\Bedarfsanalysecenter\automaxx.exe
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\MountPoints2: {8ee8c0ed-050d-11e5-a153-74d435d2478b} - F:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-12-11]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:53036;https=127.0.0.1:53036;
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/de-de/?pc=UP97&ocid=UP97DHP
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
SearchScopes: HKU\S-1-5-21-899878976-3090959046-1222253798-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-12-11] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll [2014-12-11] (Google Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-12-11] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2014-12-11] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-12-11] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-12-11] (Google Inc.)
Toolbar: HKU\S-1-5-21-899878976-3090959046-1222253798-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-12-11] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [332448 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [332448 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [332448 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [332448 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9 15 C:\Windows\SysWOW64\ColorMedia.dll [332448 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378888 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378888 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378888 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378888 2014-12-11] (Say Media Group LTD)
Winsock: Catalog9-x64 15 C:\Windows\system32\ColorMedia64.dll [378888 2014-12-11] (Say Media Group LTD)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Daniel Lendle\AppData\Roaming\Mozilla\Firefox\Profiles\uevf2v88.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-11] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2015-06-07]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1418332736&from=cvs&uid=ST2000DM001-1ER164_Z4Z0H5XJXXXXZ4Z0H5XJ"
CHR Profile: C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-11]
CHR Extension: (Adblock Plus) - C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-11]
CHR Extension: (AdBlock) - C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-14]
CHR Extension: (Norton Identity Safe) - C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-13]
CHR Extension: (Norton Security Toolbar) - C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-12-11]
CHR Extension: (Google Wallet) - C:\Users\Daniel Lendle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-23]
CHR HKU\S-1-5-21-899878976-3090959046-1222253798-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1401344 2014-12-07] (Say Media Group LTD)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-12-14] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-02] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [997664 2014-12-20] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-12-31] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-31] ()
R2 SpyShelterSrv; C:\Program Files (x86)\SpyShelter Premium\SpyShelterSrv.exe [44032 2015-03-12] (Datpol) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-12-11] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2013-12-17] (AVM Berlin)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20150309.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-12] (Symantec Corporation)
R3 fwlanusb6; C:\Windows\System32\DRIVERS\fwlanusb6.sys [1327744 2014-03-27] (AVM GmbH)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-11] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20150311.001\IDSvia64.sys [669400 2015-02-06] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-12-11] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20150311.020\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20150311.020\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
R1 Spyshelter; C:\Program Files (x86)\SpyShelter Premium\SpyShelter.sys [414472 2015-03-12] (SpyShelter)
R1 SpyshelterKb; C:\Program Files (x86)\SpyShelter Premium\SpyshelterKb.sys [163592 2015-02-02] (SpyShelter)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-12-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [223744 2013-03-19] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-03-19] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 17:37 - 2015-06-07 17:38 - 00025695 _____ C:\Users\Daniel Lendle\Downloads\FRST.txt
2015-06-07 17:37 - 2015-06-07 17:37 - 02108928 _____ (Farbar) C:\Users\Daniel Lendle\Downloads\FRST64.exe
2015-06-07 17:37 - 2015-06-07 17:37 - 00000000 ____D C:\FRST
2015-06-07 16:59 - 2015-06-07 16:59 - 00212557 _____ C:\Users\Daniel Lendle\Downloads\FRITZ.Box 7490 113.06.20_02.01.70_0439.export
2015-06-05 22:00 - 2015-06-05 22:00 - 06467216 _____ (Datpol ) C:\Users\Daniel Lendle\Downloads\setup (2).exe
2015-06-05 21:58 - 2015-06-05 21:58 - 00001829 _____ C:\Users\Daniel Lendle\Downloads\sg_backup_2015-06-05-2158.spg
2015-06-05 21:58 - 2015-06-05 21:58 - 00001829 _____ C:\Users\Daniel Lendle\Downloads\FirstBackup.spg
2015-06-05 21:57 - 2015-06-05 21:57 - 00659456 _____ (Speed Guide Inc.) C:\Users\Daniel Lendle\Downloads\TCPOptimizer_v308.exe
2015-06-01 16:42 - 2015-06-01 16:42 - 00262144 _____ C:\Users\Daniel Lendle\Downloads\DCEC20DE-0B03-4206-B2E0-8D9702C5A284.Diagnose.0.etl
2015-06-01 15:30 - 2015-06-07 14:40 - 00000896 _____ C:\Windows\setupact.log
2015-06-01 15:30 - 2015-06-01 15:30 - 00000000 _____ C:\Windows\setuperr.log
2015-05-31 23:16 - 2015-05-31 23:16 - 00005312 _____ C:\Windows\avmfwlanci.log
2015-05-31 23:07 - 2015-05-31 23:07 - 00002820 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-31 23:06 - 2015-05-31 23:06 - 05313056 _____ (Piriform Ltd) C:\Users\Daniel Lendle\Downloads\ccsetup506_slim.exe
2015-05-31 23:06 - 2015-05-31 23:06 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-31 23:06 - 2015-05-31 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-31 23:06 - 2015-05-31 23:06 - 00000000 ____D C:\Program Files\CCleaner
2015-05-31 22:35 - 2015-05-31 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2015-05-31 22:35 - 2015-05-31 22:35 - 00000000 ____D C:\Program Files (x86)\avmwlanstick
2015-05-31 22:34 - 2015-05-31 22:34 - 02787944 _____ (AVM GmbH ) C:\Users\Daniel Lendle\Downloads\AVM_FRITZ!WLAN_USB_Stick_AC_430_x64_Build_140304.exe
2015-05-31 22:34 - 2015-05-31 22:34 - 00000000 ____D C:\Program Files (x86)\AVM_update
2015-05-29 14:37 - 2015-05-29 14:37 - 00324639 _____ C:\Users\Apps\local-files-desktop.spa
2015-05-28 11:21 - 2015-05-28 11:21 - 00000000 ____D C:\Windows\AVM_Driver
2015-05-28 11:21 - 2015-05-28 11:21 - 00000000 ____D C:\Users\Daniel Lendle\AVM_Driver
2015-05-28 11:21 - 2014-03-27 01:00 - 01327744 _____ (AVM GmbH) C:\Windows\system32\Drivers\fwlanusb6.sys
2015-05-28 11:21 - 2014-03-27 01:00 - 00104448 _____ (AVM Berlin) C:\Windows\system32\fwlan6ci.dll
2015-05-28 11:21 - 2014-03-27 01:00 - 00080360 _____ C:\Windows\system32\Drivers\fwlanusb6.bin
2015-05-28 11:21 - 2013-12-17 01:00 - 00014120 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmeject.sys
2015-05-21 10:02 - 2015-05-21 10:02 - 00114078 _____ C:\Users\Daniel Lendle\Downloads\AchievementsReminder6.101.zip
2015-05-21 09:50 - 2015-05-21 09:50 - 00237141 _____ C:\Users\Daniel Lendle\Downloads\RaidAchievement6.101.zip
2015-05-21 08:33 - 2015-05-21 08:34 - 06336424 _____ (Datpol ) C:\Users\Daniel Lendle\Downloads\setup (1).exe
2015-05-13 19:31 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:31 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:00 - 2015-04-02 19:03 - 00000000 ____D C:\Users\Daniel Lendle\Downloads\HandyNotes_DraenorTreasures
2015-05-13 15:59 - 2015-05-13 15:59 - 00073024 _____ C:\Users\Daniel Lendle\Downloads\HandyNotes_DraenorTreasures_v1_11a.zip
2015-05-13 15:58 - 2015-05-13 15:58 - 00000000 ____D C:\Users\Daniel Lendle\Downloads\HandyNotes
2015-05-13 15:57 - 2015-05-13 15:57 - 00175779 _____ C:\Users\Daniel Lendle\Downloads\HandyNotes-v1.3.3.zip
2015-05-13 15:50 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:50 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:50 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:50 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:50 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:50 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:50 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:50 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:50 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:50 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:50 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:50 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:50 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:50 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:50 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:50 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:50 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:50 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:50 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:50 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:50 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:50 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:50 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:50 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:50 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:50 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:50 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:50 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:50 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:50 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:50 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:50 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:50 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:50 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:50 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:50 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:50 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:50 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:50 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:50 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:50 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:50 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:50 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:50 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:50 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:50 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:50 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:50 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:50 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:50 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:50 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:50 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:50 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:50 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:50 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:50 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:50 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:50 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:50 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:50 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:49 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:49 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:49 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:49 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:49 - 2015-04-04 05:29 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:49 - 2015-04-04 05:29 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:49 - 2015-04-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:49 - 2015-04-04 05:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:49 - 2015-04-04 05:20 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:49 - 2015-04-04 05:20 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:49 - 2015-04-04 05:17 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:49 - 2015-04-04 05:17 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:49 - 2015-04-04 05:15 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:49 - 2015-04-04 05:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:49 - 2015-04-04 05:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:49 - 2015-04-04 05:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:49 - 2015-04-04 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:49 - 2015-04-04 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:49 - 2015-04-04 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:48 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:48 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:48 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:48 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:48 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:48 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:48 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:48 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:47 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:47 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:35 - 2015-05-29 14:37 - 00145701 _____ C:\Users\Apps\hub.spa
2015-05-10 12:45 - 2015-05-13 15:46 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-05-10 12:45 - 2015-05-10 17:52 - 00000000 ____D C:\Users\Daniel Lendle\Documents\StarCraft II
2015-05-10 12:45 - 2015-05-10 12:45 - 00001097 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2015-05-10 12:45 - 2015-05-10 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 17:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-06-07 17:29 - 2015-01-06 01:15 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Roaming\Spotify
2015-06-07 17:20 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 17:20 - 2009-07-14 06:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 17:16 - 2014-12-11 19:03 - 01440382 _____ C:\Windows\WindowsUpdate.log
2015-06-07 17:11 - 2014-12-11 22:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 17:03 - 2014-12-11 21:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-07 16:43 - 2014-12-11 20:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-07 10:23 - 2014-12-14 21:55 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Roaming\Skype
2015-06-07 10:15 - 2015-01-03 23:07 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Local\Overwolf
2015-06-07 10:15 - 2014-12-11 23:12 - 00000000 ____D C:\ProgramData\Origin
2015-06-07 10:14 - 2015-01-06 01:15 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Local\Spotify
2015-06-07 10:14 - 2014-12-11 20:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 10:14 - 2014-12-11 19:20 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Local\VirtualStore
2015-06-07 10:12 - 2014-12-11 20:59 - 00131072 _____ C:\Windows\system32\Ikeext.etl
2015-06-07 10:12 - 2014-12-11 20:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-07 10:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 13:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-05 22:03 - 2014-12-14 21:35 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Local\Adobe
2015-06-05 22:02 - 2014-12-11 22:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-05 22:01 - 2014-12-11 22:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-05 22:01 - 2014-12-11 22:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-05 19:25 - 2014-12-15 09:18 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Local\CrashDumps
2015-06-02 09:25 - 2014-12-11 23:12 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Roaming\Origin
2015-06-02 09:25 - 2014-12-11 23:12 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-01 15:44 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-05-31 23:22 - 2015-01-03 23:09 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Roaming\TS3Client
2015-05-31 23:08 - 2014-12-20 11:51 - 00000000 ____D C:\Windows\Minidump
2015-05-31 23:08 - 2014-12-11 18:55 - 00000000 ____D C:\Windows\Panther
2015-05-29 14:37 - 2015-04-23 10:15 - 41287224 _____ C:\Users\libcef.dll
2015-05-29 14:37 - 2015-04-23 10:15 - 10457856 _____ C:\Users\icudtl.dat
2015-05-29 14:37 - 2015-04-23 10:15 - 07323192 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-05-29 14:37 - 2015-04-23 10:15 - 04253463 _____ C:\Users\devtools_resources.pak
2015-05-29 14:37 - 2015-04-23 10:15 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-05-29 14:37 - 2015-04-23 10:15 - 02314260 _____ C:\Users\Apps\musixmatch-lyrics.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 02157552 _____ C:\Users\Apps\glue-resources.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-05-29 14:37 - 2015-04-23 10:15 - 02021944 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-05-29 14:37 - 2015-04-23 10:15 - 02018406 _____ C:\Users\cef.pak
2015-05-29 14:37 - 2015-04-23 10:15 - 01488440 _____ C:\Users\libGLESv2.dll
2015-05-29 14:37 - 2015-04-23 10:15 - 00968248 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll
2015-05-29 14:37 - 2015-04-23 10:15 - 00828468 _____ C:\Users\Apps\zlink.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00777272 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-05-29 14:37 - 2015-04-23 10:15 - 00713882 _____ C:\Users\Apps\browse.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00598403 _____ C:\Users\cef_200_percent.pak
2015-05-29 14:37 - 2015-04-23 10:15 - 00532827 _____ C:\Users\Apps\notification-center.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00523578 _____ C:\Users\Apps\collection.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00505562 _____ C:\Users\Apps\genre.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00502734 _____ C:\Users\Apps\collection-artist.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00489222 _____ C:\Users\Apps\discover.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00463102 _____ C:\Users\Apps\collection-album.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00444515 _____ C:\Users\cef_100_percent.pak
2015-05-29 14:37 - 2015-04-23 10:15 - 00436638 _____ C:\Users\Apps\article.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00419994 _____ C:\Users\Apps\messages.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00408845 _____ C:\Users\Apps\album.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00385462 _____ C:\Users\Apps\social-feed.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00363379 _____ C:\Users\Apps\collection-songs.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00361920 _____ C:\Users\Apps\charts.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00357199 _____ C:\Users\Apps\artist.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00345753 _____ C:\Users\Apps\social-chart.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00344387 _____ C:\Users\Apps\buddy-list.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00331084 _____ C:\Users\Apps\playlist-desktop.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00299819 _____ C:\Users\Apps\radio.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00285287 _____ C:\Users\Apps\folder.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00251227 _____ C:\Users\Apps\profile.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00246374 _____ C:\Users\Apps\share.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00233679 _____ C:\Users\Apps\chart.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00209721 _____ C:\Users\Apps\findfriends.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00191376 _____ C:\Users\Apps\search.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00178608 _____ C:\Users\Apps\settings.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00177470 _____ C:\Users\Apps\suggest.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00162516 _____ C:\Users\Apps\zlink-queue.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00158229 _____ C:\Users\Apps\follow.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00124472 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-05-29 14:37 - 2015-04-23 10:15 - 00112424 _____ C:\Users\Apps\zlogin.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00086386 _____ C:\Users\Apps\about.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00079928 _____ C:\Users\libEGL.dll
2015-05-29 14:37 - 2015-04-23 10:15 - 00073272 _____ C:\Users\wow_helper.exe
2015-05-29 14:37 - 2015-04-23 10:15 - 00053462 _____ C:\Users\Apps\ad.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00040253 _____ C:\Users\Apps\licenses.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00038320 _____ C:\Users\Apps\error.spa
2015-05-29 14:37 - 2015-04-23 10:15 - 00013506 _____ C:\Users\locales\en-US.pak
2015-05-29 14:37 - 2015-04-23 10:15 - 00007047 _____ C:\Users\locales\el.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006945 _____ C:\Users\locales\ru.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006203 _____ C:\Users\locales\ja.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006086 _____ C:\Users\locales\fr-CA.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006079 _____ C:\Users\locales\hu.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006022 _____ C:\Users\locales\fr.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006007 _____ C:\Users\locales\fi.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00006006 _____ C:\Users\locales\pl.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005947 _____ C:\Users\locales\es-419.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005914 _____ C:\Users\locales\nl.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005872 _____ C:\Users\locales\es.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005868 _____ C:\Users\locales\zsm.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005868 _____ C:\Users\locales\de.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005859 _____ C:\Users\locales\tr.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005859 _____ C:\Users\locales\it.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005858 _____ C:\Users\locales\zh-Hant.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005852 _____ C:\Users\locales\pt-BR.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005808 _____ C:\Users\locales\sv.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005694 _____ C:\Users\locales\arb.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00005623 _____ C:\Users\locales\en.mo
2015-05-29 14:37 - 2015-04-23 10:15 - 00000020 _____ C:\Users\inst_ver.dat
2015-05-29 14:37 - 2015-04-23 10:15 - 00000000 ____D C:\Users\locales
2015-05-29 14:37 - 2015-04-23 10:15 - 00000000 _____ C:\Users\Daniel.redir
2015-05-28 16:21 - 2014-12-14 21:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-28 12:01 - 2011-04-12 09:43 - 00697658 _____ C:\Windows\system32\perfh007.dat
2015-05-28 12:01 - 2011-04-12 09:43 - 00148452 _____ C:\Windows\system32\perfc007.dat
2015-05-28 12:01 - 2009-07-14 07:13 - 01615906 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-28 11:21 - 2014-12-11 19:20 - 00000000 ____D C:\Users\Daniel Lendle
2015-05-26 00:12 - 2015-03-29 20:28 - 00000000 ____D C:\Users\Daniel Lendle\AppData\Local\Battle.net
2015-05-19 22:34 - 2015-03-29 20:33 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-05-17 11:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-05-15 13:45 - 2015-04-17 18:17 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-05-15 13:37 - 2015-04-23 10:20 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-05-14 11:03 - 2009-07-14 06:45 - 00266400 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 11:02 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 19:36 - 2015-01-29 16:03 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 19:31 - 2015-01-29 16:03 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 19:31 - 2015-01-03 03:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 19:30 - 2015-01-03 03:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 19:30 - 2015-01-03 03:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 15:33 - 2014-12-14 21:55 - 00000000 ____D C:\ProgramData\Skype
2015-05-12 18:14 - 2015-03-29 20:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-05-10 12:45 - 2015-03-29 20:27 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
==================== Files in the root of some directories =======
2015-04-10 09:59 - 2015-04-10 09:59 - 0154283 ____H () C:\Users\Daniel Lendle\AppData\Roaming\Daniel Lendle-wchelper.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-05 13:06
==================== End of log ============================ --- --- ---
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Daniel Lendle at 2015-06-07 17:38:13
Running from C:\Users\Daniel Lendle\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-899878976-3090959046-1222253798-500 - Administrator - Disabled)
Daniel Lendle (S-1-5-21-899878976-3090959046-1222253798-1000 - Administrator - Enabled) => C:\Users\Daniel Lendle
Gast (S-1-5-21-899878976-3090959046-1222253798-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-899878976-3090959046-1222253798-1002 - Limited - Enabled)
Sonos (S-1-5-21-899878976-3090959046-1222253798-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin’s Creed Unity (HKLM-x32\...\Steam App 289650) (Version: - Ubisoft)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version: 2.06 - JoWooD Productions Software AG)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.8 - Electronic Arts)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Knights of Honor (HKLM-x32\...\Steam App 25830) (Version: - Black Sea Studios Ltd)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150223.102780 - Square Enix Ltd)
NVIDIA 3D Vision Controller-Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.81.36.0 - Overwolf Ltd.)
PatchBeam (HKLM-x32\...\PatchBeam) (Version: 1.20 - ConeXware, Inc.)
PicColor Utility (HKLM-x32\...\PicColor Utility) (Version: 1.0.0.165 - )
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
PowerArchiver 2015 (HKLM-x32\...\PowerArchiver 2015 15.00.38) (Version: 15.00.38 - ConeXware, Inc.)
PowerArchiver 2015 (x32 Version: 15.00.38 - ConeXware, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version: - Crytek)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 28.1.86200 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-899878976-3090959046-1222253798-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
SpyShelter Premium 9.7 (HKLM\...\SpyShelter_is1) (Version: 9.7 - Datpol)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
The Guild II - Venice (HKLM-x32\...\TheGuild2Venice_is1) (Version: 3.0 - JoWood)
The Raven - Legacy of a Master Thief (HKLM-x32\...\Steam App 233370) (Version: - KING Art)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
webssearches uninstall (HKLM-x32\...\webssearches uninstall) (Version: - webssearches) <==== ATTENTION
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-899878976-3090959046-1222253798-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
29-05-2015 14:06:45 Windows Update
02-06-2015 18:46:24 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12572C34-952E-46C0-B7D5-FC191CA248AF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {199FD271-CD92-4C95-A1A6-2FDCDAAE1BE2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.)
Task: {1BE7F47E-2BFC-4A89-8438-18FE5BF382D0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-12-20] (Overwolf LTD)
Task: {2AFF3509-DF76-4BCA-B339-F2B34D41DCC1} - System32\Tasks\PurpleRain\PurpleRain3 => C:\ProgramData\PurpleRain\PurpleRain.exe
Task: {419C33E8-A75F-46ED-B3A9-A5C9DD2A2018} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4A4F33C8-00D2-4138-94A8-063D354A07D8} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {87730EB4-FDF5-43B2-ACF3-0D38D826AB92} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {9A00EFE4-BC39-4FAA-889B-0B05D12BD8E7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {BC1DA309-CF89-42F8-8A4C-DBDE6F4EFBD2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {CAB301B4-3E9F-4868-A61F-8B2CC58C6DA4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-05] (Adobe Systems Incorporated)
Task: {D689DBBD-D4FE-4BD7-9751-6496B67DB1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-12-11 20:34 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-31 18:53 - 2014-12-31 18:53 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-20 22:55 - 2014-12-20 22:55 - 00077088 _____ () C:\Program Files (x86)\Overwolf\0.81.36.0\OverwolfBrowser.exe
2014-12-11 23:12 - 2015-06-02 09:24 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-12-11 23:12 - 2015-06-02 09:24 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2014-12-20 22:53 - 2014-12-20 22:53 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.81.36.0\CoreAudioApi.dll
2014-12-20 22:53 - 2014-12-20 22:53 - 38713856 _____ () C:\Program Files (x86)\Overwolf\0.81.36.0\libcef.DLL
2015-03-10 17:28 - 2015-05-29 14:37 - 41287224 _____ () C:\Users\Daniel Lendle\AppData\Roaming\Spotify\libcef.dll
2015-03-13 15:11 - 2015-03-12 01:09 - 00323584 _____ () C:\Program Files (x86)\SpyShelter Premium\klhelper.dll
2015-03-10 17:28 - 2015-05-29 14:37 - 01488440 _____ () C:\Users\Daniel Lendle\AppData\Roaming\Spotify\libglesv2.dll
2015-03-10 17:28 - 2015-05-29 14:37 - 00079928 _____ () C:\Users\Daniel Lendle\AppData\Roaming\Spotify\libegl.dll
2015-03-10 17:28 - 2015-03-19 17:02 - 09305656 _____ () C:\Users\Daniel Lendle\AppData\Roaming\Spotify\pdf.dll
2014-12-11 20:46 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-20 22:53 - 2014-12-20 22:53 - 00514528 _____ () C:\Program Files (x86)\Overwolf\0.81.36.0\libglesv2.dll
2014-12-20 22:53 - 2014-12-20 22:53 - 00105952 _____ () C:\Program Files (x86)\Overwolf\0.81.36.0\libegl.dll
2014-12-11 21:46 - 2014-12-06 03:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 21:46 - 2014-12-06 03:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 21:46 - 2014-12-06 03:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 21:46 - 2014-12-06 03:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-11 21:46 - 2014-12-06 03:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-12-11 21:09 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-30 15:03 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-30 15:03 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-30 15:03 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-11 21:09 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-11 21:09 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-11 21:09 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-11 21:09 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-11 21:09 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-11 21:09 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-11 21:09 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-12-11 21:09 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:905844AA
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-899878976-3090959046-1222253798-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel Lendle\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{519A8740-05CC-42D7-A600-DE7EDFC93843}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DB375A9-8D06-4711-BC29-96E5E51357DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{37D98ABA-DA78-421C-B7CF-42DC78C65569}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{4D887585-AEB3-4F89-9DFE-7868D1E5EA15}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{F9176880-8142-4BD3-A6CC-AC20D675D43F}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{1BD03E1A-52C7-4168-BA05-4CF69A5E1DBB}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{BA3D5E3B-FC19-4835-B0CE-8538C05B362B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B232C897-CBE4-4143-BF41-86267CDC54C7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{169A93E4-254A-4F6D-B13A-5777FD7F9EE2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1402BD22-C9E4-464E-AA68-408BD769DDF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D9EB9B5B-DF0D-4451-9837-1AA08A682EEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F14E25C6-ECD1-464E-ADBE-95AAF96A84DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{69D407D4-21CD-4521-898B-EEB4161691F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights of Honor\KoH.exe
FirewallRules: [{F152C29F-F538-4097-AA4D-DAFEC442C9FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{3A49A6B5-2983-4649-916B-25C605E773B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{F945B731-B042-4117-9161-88F3DFAD6A89}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2C5BB40-1B8D-48F8-A9B8-5A63AE2F6677}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B74C7CB5-387B-47E7-8CFA-B4DCA7FA2FFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3C6502C5-9CF9-4963-9796-B3841D536A20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2AE58F30-6FB1-44B7-A052-CDB072CD6653}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9A5B486E-DA0A-4869-ADCF-14E844CA87C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Unity\ACU.exe
FirewallRules: [{470EEF12-24A4-4CE5-9736-E0DC04366C50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed Unity\ACU.exe
FirewallRules: [{6DF370DE-05EE-424F-8794-122058FF81D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{97BBC5AB-7C86-4B28-A2B8-FE3839EEA44A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{7D944C37-130A-465A-9351-524C2491D150}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A5247F62-FD9D-4636-A27D-25A8AEBE9616}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{27A66BCF-20C6-4BC5-8CFE-201DE0F6F715}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2EA20CFD-15E2-4828-ACE7-4914A3D37B29}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{54E2C084-6898-416B-B87A-0EF06E317002}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{9CC7037D-00CB-4A3B-8232-7363E70D83C7}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [TCP Query User{66EC035D-3977-4FD4-B8A0-7EDB096EE41E}C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{50988AA6-7F5A-4937-840D-18036440D346}C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe
FirewallRules: [{490A79A7-9BC6-445D-A10F-584C0A70859C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{98457B13-8CD4-4AD8-BBA5-24F16B2921A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{1157ABFB-6646-49DC-B270-8BDD3E587666}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{AC290B47-29E9-47CE-8CD2-068F43639B4D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{31E000E9-F8A7-4EC3-8650-9090FD152A46}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{D2BAAE99-4945-4FCB-994B-722AB0A3DF94}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{FC55FD45-105C-4E1E-BB59-7E735B531B07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A55954B6-F84D-4164-BC9E-884B55671A6B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B31BE6EC-7325-4FB5-86DE-3CEA5155CA52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{EE6F2493-FC5A-4E42-9352-7FD34F871325}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{CE3B7A06-C675-46B7-BD25-DCE3755ABD14}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5269FACF-BA89-4238-BE42-2F0464E38552}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{9D596034-D1D7-4DD2-980C-1CB0E216676C}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BAB42209-3A09-4EBB-B4E9-F9C1E3BDA2F1}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{9503DA17-6DF5-4E22-BCFB-BFD4269224FB}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BE8907DB-650C-46EB-AD0A-8992B81EE7A3}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{CDC486F3-3444-43CE-B141-D58B6FEB6892}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9AD394DD-6938-443D-9AEB-EBAA5DE04828}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{BEFD7A66-8EFE-463B-9140-5BA666B50881}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4A42A23E-5EDF-4027-9CF4-3A11B3CBAA1A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{98A6DA96-DBD5-4597-9C8A-68AE9B12EE79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0859B8BE-7307-4DD5-ACEE-14DBDC89F9D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3BB601DB-7140-450A-B956-1977F6C9592C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6CC1F684-C6CC-4846-8F87-84F019AD9108}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D15C1A96-36F8-414C-A49F-548B612FDE12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{8774F403-FAFB-4D03-AD17-AA9DD18C3C38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Legacy\rust.exe
FirewallRules: [{630FAB5A-2658-4F5F-94E7-14C03415CC5E}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{CB128AA9-0C74-4C7A-B34F-B785A02E65DB}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{79D21682-0944-4094-9962-D2BD803059F9}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2F986A67-C067-464C-8EA2-CD22CFC8471B}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{9A720C85-BC89-483B-BDC4-B03BA447FA42}C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9188F857-D3B5-40D8-B83E-F703EF9625EF}C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\daniel lendle\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{862A9703-DA33-4306-9C6B-21739EB911D6}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{461D52FF-9D79-4C97-9BA3-4A5C748E735B}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{7D75DF07-188D-4226-B1B4-439D8DD63E07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{3B07F090-EED3-4BEA-BD73-AED06F497F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{E79F0851-1FC3-4E54-AA97-615168867E38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{BF1C87F8-51FA-4A05-B76A-40F5FB2FBAFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{5B1BDA3C-7D93-4D0F-897F-D7673E706E8A}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{853A4188-3478-421A-8652-9BA0E6E39CEA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{74C218E0-ED11-4232-A774-210C46C3942F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{C9C6DA76-1ADF-4FED-86B3-84F592F12CD4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{AB4D4B6B-863C-441D-A42E-BCB82853C0FD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2AF18410-1D87-44DE-BDB4-E769281F8D18}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{4DCD8E48-81F3-4F4D-8D6A-3A32144AE2A9}C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Allow) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe
FirewallRules: [UDP Query User{5ADE32A7-FBB1-436A-B5C6-D1C487A4FF65}C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe] => (Allow) C:\program files (x86)\origin games\dragon age inquisition\dragonageinquisition.exe
==================== Faulty Device Manager Devices =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Intel(R) HD Graphics 4600
Description: Intel(R) HD Graphics 4600
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/07/2015 10:14:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2015 10:12:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012bb8
ID des fehlerhaften Prozesses: 0x54c
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Error: (06/06/2015 01:05:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2015 01:03:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012bb8
ID des fehlerhaften Prozesses: 0x564
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Error: (06/05/2015 10:01:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2015 09:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3960, Zeitstempel: 0x54299ab0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000012bb8
ID des fehlerhaften Prozesses: 0x538
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Error: (06/05/2015 09:15:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm rads_user_kernel.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 22a8
Startzeit: 01d09fc3f88b9a2b
Endzeit: 1
Anwendungspfad: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Berichts-ID: 3a82719a-0bb7-11e5-93cc-a5fc1f574002
Error: (06/05/2015 07:18:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: Adobe AIR.dll, Version: 3.7.0.1530, Zeitstempel: 0x5156646c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006dd76
ID des fehlerhaften Prozesses: 0x244c
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3
Error: (06/05/2015 10:29:42 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (06/05/2015 10:20:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/07/2015 10:12:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (06/07/2015 10:12:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (06/06/2015 01:08:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/06/2015 01:03:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (06/06/2015 01:03:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (06/05/2015 09:59:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%-2147467259
Error: (06/05/2015 09:59:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (06/05/2015 06:16:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/05/2015 06:16:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/05/2015 10:19:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet:
%%-2147467259
Microsoft Office:
=========================
Error: (06/07/2015 10:14:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2015 10:12:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c00000050000000000012bb854c01d0a0f9b7a7db40C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exefd66e673-0cec-11e5-9a2b-ac79aeb47401
Error: (06/06/2015 01:05:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2015 01:03:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c00000050000000000012bb856401d0a048733969f0C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exeb7dff087-0c3b-11e5-8168-8ae9697ae218
Error: (06/05/2015 10:01:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2015 09:59:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c00000050000000000012bb853801d09fca254ab7e4C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe6718c1ee-0bbd-11e5-9a2b-d0859fd36303
Error: (06/05/2015 09:15:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rads_user_kernel.exe0.0.0.022a801d09fc3f88b9a2b1C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe3a82719a-0bb7-11e5-93cc-a5fc1f574002
Error: (06/05/2015 07:18:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd76244c01d09fac3ff3c043C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.146\deploy\LolClient.exeC:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.146\deploy\Adobe AIR\Versions\1.0\Adobe AIR.dlle257f8fb-0ba6-11e5-93cc-a5fc1f574002
Error: (06/05/2015 10:29:42 AM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (06/05/2015 10:20:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 50%
Total physical RAM: 8076.28 MB
Available physical RAM: 4005.43 MB
Total Pagefile: 16150.75 MB
Available Pagefile: 11430.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1485.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 70C4DDBF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
==================== End of log ============================ --- --- ---
Nun, kann man daraus etwas schliessen oder wie soll ich weiter vorgehen? :)
danke schon einmal vorweg für die Antwort schrauber. |