PC friert oft beim laden von seiten/anwendungen ein (viren/trojanerverdacht)

KHudzi · 12.02.2016, 18:21

Guten abend.

Ich habe folgendes Problem:
Mein PC läuft seit einigen Tagen plötzlich langsamer und hängt sich auch manchmal beim öffnen bzw laden von anwendungen und/oder youtubevideos auf.
Dies ist ganz plötzlich vor einigen Tagen zum ersten mal aufgetreten. Davor ist der PC reibungsfrei gelaufen.
Ich habe daher mein Avira durchlaufen lassen, welcher bis auf 2 meldungen (die das programm auch behoben hat) nichts mehr gefunden hat.
Ich vermute aber dennoch, dass es sich hierbei um einen virus und oder trojaner handeln muss, weil ich ein ähnliches Problem schon einmal vor einem halben Jahr auf meinem laptop hatte. Damals hat mir die community dieser Plattform beim beheben sehr geholfen das Problem zu beheben.
Nun hoffe ich auch ebenfalls auf einige Hilfreiche ratschläge, die mir helfen würden das problem zu beheben.
Ich danke schon mal im vorraus und freue mich auf eure antworten !

MfG KHudzi

cosinus · 12.02.2016, 23:31

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

KHudzi · 13.02.2016, 11:27

Erst einmal, danke für die schnelle Antwort

Die log dateien kann ich leider nich finden von avira bzw AVG

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by KHudzi (administrator) on TRAPSTATION (13-02-2016 11:20:41)
Running from C:\Users\KHudzi\Downloads
Loaded Profiles: KHudzi (Available Profiles: KHudzi)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\loggingserver.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2857544 2016-02-01] ()
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.Core.Common.Starter.exe [14960 2016-01-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2015-10-08] (Power Software Ltd)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\Run: [GoogleChromeAutoLaunch_E488E95AD6A24822E6C7E7988CBC3F32] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\MountPoints2: {f7f0a94e-7f23-11e5-824b-806e6f6e6963} - "E:\Setup\PVESetup.exe" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4E61EAC7-E7C9-4F41-89DD-6FAF2C1C176F}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1323012160-659710808-212240714-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={9C0F42BE-A7EB-4706-8248-6E83A89B6044}&mid=91cdd959b86a47cca1cb0982cc7f91c8-e4d8218fcb043a365cb8da30b84b91204afa31d1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-11-11 21:28:20&v=4.2.4.155&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1323012160-659710808-212240714-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1323012160-659710808-212240714-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C0F42BE-A7EB-4706-8248-6E83A89B6044}&mid=91cdd959b86a47cca1cb0982cc7f91c8-e4d8218fcb043a365cb8da30b84b91204afa31d1&lang=de&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-11-11 21:28:20&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> {097E403F-E328-457C-9B70-1F1C2F2DC8FF} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C0F42BE-A7EB-4706-8248-6E83A89B6044}&mid=91cdd959b86a47cca1cb0982cc7f91c8-e4d8218fcb043a365cb8da30b84b91204afa31d1&lang=de&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-11-11 21:28:20&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.5.441\AVG Web TuneUp.dll [2016-02-01] (AVG)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.5.441\AVG Web TuneUp.dll [2016-02-01] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.5\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1323012160-659710808-212240714-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-06] ()
FF SearchPlugin: C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\searchplugins\avg-secure-search.xml [2016-02-01]
FF Extension: Avira Browser Safety - C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\Extensions\abs@avira.com [2015-11-08] [not signed]
FF Extension: AVG Web TuneUp - C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\Extensions\avg@toolbar.xpi [2016-02-01]

Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://start.iminent.com/?appId=FB073E03-98B2-46AB-9A23-748D7E4EF4DE","hxxp://istart.webssearches.com/?type=hp&ts=1396010274&from=tugs&uid=ST9500325AS_6VEE8DW9XXXX6VEE8DW9"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-02]
CHR Extension: (Google Docs) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02]
CHR Extension: (Google Drive) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (AVG Secure Search) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-01-27]
CHR Extension: (Google-Suche) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Google Tabellen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-02]
CHR Extension: (Avira Browserschutz) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-26]
CHR Extension: (Google Docs Offline) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02]
CHR Extension: (Google Mail) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\KHudzi\Documents\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1323012160-659710808-212240714-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-11-17] (Advanced Micro Devices) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2016-01-26] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [168448 2016-01-26] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-06] ()
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [File not signed]
R2 SpeedupService; C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe [24224 2016-01-12] (Avira Operations GmbH & Co. KG)
R2 vToolbarUpdater40.2.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\ToolbarUpdater.exe [1936968 2016-02-01] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205832 2016-02-01] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2015-11-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-10-30] (Basil Projects)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 11:20 - 2016-02-13 11:21 - 00020352 _____ C:\Users\KHudzi\Downloads\FRST.txt
2016-02-13 11:20 - 2016-02-13 11:20 - 00000000 ____D C:\FRST
2016-02-13 11:19 - 2016-02-13 11:20 - 02370560 _____ (Farbar) C:\Users\KHudzi\Downloads\FRST64.exe
2016-02-13 11:19 - 2016-02-13 11:19 - 01721344 _____ (Farbar) C:\Users\KHudzi\Downloads\FRST.exe
2016-02-11 20:27 - 2016-02-11 20:27 - 00000000 ____D C:\Users\KHudzi\Documents\Addictive Keys
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Users\KHudzi\Documents\Addictive Keys Logs
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Addictive Keys
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-11 20:16 - 2016-02-11 20:16 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2016-02-11 20:16 - 2016-02-11 20:16 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-02-11 20:16 - 2016-02-11 20:16 - 00001257 _____ C:\Users\KHudzi\Desktop\Addictive Keys.lnk
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\ProgramData\XLN Audio
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\Program Files (x86)\XLN Audio
2016-02-10 18:05 - 2016-02-10 18:05 - 00000222 _____ C:\Users\KHudzi\Desktop\Outlast.url
2016-02-10 17:37 - 2016-02-10 17:37 - 00056200 _____ C:\Users\KHudzi\Downloads\steam_api.zip
2016-02-10 14:06 - 2016-02-10 14:06 - 69124453 _____ C:\Users\KHudzi\Downloads\VoxengoDrumServiceCymbals.rar
2016-02-09 19:36 - 2016-02-10 12:16 - 02979845 _____ C:\Users\KHudzi\Downloads\Dark mean piano 2.zip
2016-02-09 11:38 - 2016-02-09 11:38 - 00107111 _____ C:\Users\KHudzi\Downloads\Hold On - Gangsta Rap Beat, Future Style French Mobntana, Tyga Type Instrumental (1).zip
2016-02-09 11:37 - 2016-02-09 11:37 - 06196957 _____ C:\Users\KHudzi\Downloads\monter.zip
2016-02-09 11:37 - 2016-02-09 11:37 - 00107111 _____ C:\Users\KHudzi\Downloads\Hold On - Gangsta Rap Beat, Future Style French Mobntana, Tyga Type Instrumental.zip
2016-02-09 11:36 - 2016-02-09 11:36 - 06196957 _____ C:\Users\KHudzi\Desktop\monter.zip
2016-02-09 10:32 - 2016-02-12 23:39 - 00000000 ____D C:\Users\KHudzi\Desktop\physik
2016-02-09 10:04 - 2016-02-09 10:04 - 00508463 _____ C:\Users\KHudzi\Desktop\wintermadness.aep
2016-02-08 23:21 - 2016-02-11 20:01 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\uTorrent
2016-02-08 21:39 - 2016-02-08 21:39 - 10189368 _____ (Igor Pavlov) C:\Users\KHudzi\Downloads\esXP.exe
2016-02-08 21:10 - 2016-02-09 09:34 - 00000000 ____D C:\Users\KHudzi\Documents\Adobe
2016-02-08 20:39 - 2016-02-08 20:39 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2016-02-08 20:39 - 2016-02-08 20:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-08 20:37 - 2016-02-08 20:37 - 00001348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2016-02-08 20:35 - 2016-02-08 20:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-08 20:35 - 2016-02-08 20:38 - 00000000 ____D C:\Program Files\Adobe
2016-02-08 20:33 - 2016-02-08 20:33 - 00001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-02-08 20:33 - 2016-02-08 20:33 - 00001546 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-02-08 20:30 - 2016-02-08 21:11 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Adobe
2016-02-08 20:30 - 2016-02-08 20:39 - 00000000 ____D C:\ProgramData\Adobe
2016-02-07 16:11 - 2016-02-07 16:12 - 113388660 _____ C:\Users\KHudzi\Downloads\mw2patch.rar
2016-02-07 14:20 - 2016-02-07 14:20 - 00065336 _____ C:\Users\KHudzi\Downloads\MW2Unleashed@erikvargas.zip
2016-02-07 14:20 - 2009-11-14 18:18 - 00048640 _____ (Ultimate Filez) C:\Users\KHudzi\Desktop\MW2_Unleashed.dll
2016-02-07 08:25 - 2016-02-08 21:12 - 00000000 ____D C:\Users\KHudzi\Desktop\tripp music
2016-02-06 22:35 - 2016-02-06 22:35 - 00000221 _____ C:\Users\KHudzi\Desktop\Call of Duty Modern Warfare 2.url
2016-02-06 22:35 - 2016-02-06 22:35 - 00000221 _____ C:\Users\KHudzi\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2016-02-06 19:50 - 2016-02-06 19:50 - 05441776 _____ C:\Users\KHudzi\Downloads\FlyBeats - Jungle Drum Kit.rar
2016-02-06 10:00 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-06 10:00 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-06 09:59 - 2016-02-06 09:59 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-06 09:59 - 2016-02-06 09:59 - 00000000 ____D C:\Program Files\MSBuild
2016-02-06 09:57 - 2016-02-06 11:34 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Ubisoft Game Launcher
2016-02-06 09:57 - 2016-02-06 09:57 - 00001217 _____ C:\Users\KHudzi\Desktop\Uplay.lnk
2016-02-06 09:57 - 2016-02-06 09:57 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-06 09:57 - 2016-02-06 09:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-06 09:57 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-02-06 09:57 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-02-06 08:07 - 2016-02-06 08:07 - 00000222 _____ C:\Users\KHudzi\Desktop\Far Cry 3.url
2016-02-06 07:59 - 2016-02-06 08:00 - 00000000 ____D C:\Users\KHudzi\Desktop\Future - EVOL
2016-02-06 07:57 - 2016-02-06 07:58 - 87947373 _____ C:\Users\KHudzi\Downloads\Future - EVOL .zip
2016-02-05 18:17 - 2016-02-05 18:17 - 00090564 _____ C:\Users\KHudzi\Downloads\1058-Cop Car Siren-SoundBible.com-1231381021.zip
2016-02-05 16:51 - 2016-02-05 16:52 - 08900138 _____ C:\Users\KHudzi\Downloads\ANKA DRUMS.zip
2016-02-04 19:33 - 2016-02-04 19:33 - 00000222 _____ C:\Users\KHudzi\Desktop\Patch testing for Chivalry.url
2016-02-01 11:53 - 2016-02-01 11:53 - 00079108 _____ C:\Users\KHudzi\Downloads\Selbstauskunft Lederergasse.pdf
2016-01-31 20:01 - 2016-01-31 20:01 - 00012857 _____ C:\Users\KHudzi\Downloads\Eisen.be
2016-01-31 19:39 - 2016-01-31 19:39 - 00670266 _____ C:\Users\KHudzi\Downloads\Eisen und Chrom (1).pdf
2016-01-31 19:32 - 2016-02-01 21:56 - 00005183 _____ C:\Users\KHudzi\Downloads\Nickel.be
2016-01-31 19:15 - 2016-01-31 19:15 - 00670266 _____ C:\Users\KHudzi\Downloads\Eisen und Chrom.pdf
2016-01-31 19:15 - 2016-01-31 19:15 - 00476852 _____ C:\Users\KHudzi\Downloads\Nickel.pdf
2016-01-30 21:43 - 2016-01-30 21:43 - 32590375 _____ C:\Users\KHudzi\Downloads\FUTURE _Bye Bye_ Prod by Zaytoven.mp4
2016-01-28 20:37 - 2016-01-28 20:37 - 49638803 _____ C:\Users\KHudzi\Desktop\Dark Objects.zip
2016-01-27 17:18 - 2016-01-27 17:18 - 01207871 _____ C:\Users\KHudzi\Downloads\Calcium.pdf
2016-01-27 17:18 - 2016-01-27 17:18 - 00737989 _____ C:\Users\KHudzi\Downloads\Arsen und Kupfer.pdf
2016-01-27 14:58 - 2016-01-27 14:58 - 01314496 _____ C:\Users\KHudzi\Downloads\Vorlesung_09_11_2015.pdf
2016-01-27 14:40 - 2016-01-27 14:40 - 00171119 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_Vorlesung04_02_11_2015.pdf
2016-01-27 14:38 - 2016-01-27 14:38 - 01068004 _____ C:\Users\KHudzi\Downloads\Vorlesung03_26_10_15.pdf
2016-01-27 14:37 - 2016-01-27 14:37 - 01642521 _____ C:\Users\KHudzi\Downloads\Allgememeine_Chemie02_19_10_2015 (1).pdf
2016-01-27 13:27 - 2016-01-27 13:27 - 00404606 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_18_01_2016.pdf
2016-01-27 12:18 - 2016-01-27 12:18 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid (2).pdf
2016-01-27 11:44 - 2016-01-27 11:44 - 08547811 _____ C:\Users\KHudzi\Downloads\Linie43Haltestellenfahrplanab15.09.2014.pdf
2016-01-27 10:54 - 2016-01-27 10:54 - 00000000 ____D C:\Users\KHudzi\Documents\massive preset
2016-01-27 10:04 - 2016-01-27 10:04 - 00162067 _____ C:\Users\KHudzi\Downloads\GTuneWin32.zip
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\system32\msmq
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\system32\BestPractices
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\inetpub
2016-01-26 18:12 - 2016-01-26 18:12 - 00192426 _____ C:\Users\KHudzi\Downloads\Übungsaufgaben.pdf
2016-01-26 18:12 - 2016-01-26 18:12 - 00033752 _____ C:\Users\KHudzi\Downloads\VDW Kritischer Punkt.mw
2016-01-26 18:11 - 2016-01-26 18:11 - 00018378 _____ C:\Users\KHudzi\Downloads\Literatur.pdf
2016-01-26 17:54 - 2016-01-26 17:54 - 03075362 _____ C:\Users\KHudzi\Downloads\AC PCTeil K 5.pdf
2016-01-26 17:01 - 2016-01-26 17:01 - 05351863 _____ C:\Users\KHudzi\Downloads\AC PCTeil K1-4.pdf
2016-01-25 16:49 - 2016-01-25 16:49 - 00054358 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_25_01_2016.pdf
2016-01-25 16:47 - 2016-01-25 16:47 - 00038830 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen III.pdf
2016-01-25 16:47 - 2016-01-25 16:47 - 00038830 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen III (1).pdf
2016-01-25 16:28 - 2016-01-25 16:28 - 06977250 _____ C:\Users\KHudzi\Downloads\Ex-VL 6.pdf
2016-01-25 16:28 - 2016-01-25 16:28 - 00145983 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen II.pdf
2016-01-25 16:27 - 2016-01-25 16:27 - 05843177 _____ C:\Users\KHudzi\Downloads\Ex-VL 5.pdf
2016-01-25 16:23 - 2016-01-25 16:23 - 04372620 _____ C:\Users\KHudzi\Downloads\Ex-VL 4 (2).pdf
2016-01-25 16:23 - 2016-01-25 16:23 - 01659659 _____ C:\Users\KHudzi\Downloads\Ex-VL 2 (1).pdf
2016-01-25 16:17 - 2016-01-25 16:17 - 04372620 _____ C:\Users\KHudzi\Downloads\Ex-VL 4 (1).pdf
2016-01-25 16:17 - 2016-01-25 16:17 - 00812625 _____ C:\Users\KHudzi\Downloads\Ex-VL 1.pdf
2016-01-25 16:14 - 2016-01-25 16:14 - 00329737 _____ C:\Users\KHudzi\Downloads\WS2012-13_Lösungen.pdf
2016-01-25 16:14 - 2016-01-25 16:14 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh (2).pdf
2016-01-25 14:35 - 2016-01-25 14:35 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13 (2).pdf
2016-01-25 14:25 - 2016-01-25 14:25 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh (1).pdf
2016-01-25 14:00 - 2016-01-25 14:00 - 00025834 _____ C:\Users\KHudzi\Downloads\myLectureseb976523-1bc6-4af1-a5f1-e8e7effc47f1.pdf
2016-01-25 11:27 - 2016-01-25 11:27 - 00000000 ____D C:\Users\KHudzi\Desktop\Omnisphere 2 Keygen.app
2016-01-25 10:19 - 2016-01-25 10:19 - 00001019 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\PowerISO
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\Program Files (x86)\PowerISO
2016-01-25 10:19 - 2015-10-08 08:00 - 00127760 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2016-01-25 10:18 - 2016-01-25 22:28 - 12582912 _____ C:\Users\KHudzi\Downloads\PowerISO6.vhdx
2016-01-25 10:14 - 2016-01-25 10:14 - 00001146 _____ C:\Users\KHudzi\Desktop\DMG Extractor.lnk
2016-01-25 10:14 - 2016-01-25 10:14 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Reincubate
2016-01-25 10:14 - 2016-01-25 10:14 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2016-01-24 15:34 - 2016-01-24 15:34 - 01768809 _____ C:\Users\KHudzi\Downloads\Ergänzungsfolien_MO-Theorie, Phosphor, Schwefel, Übungsaufgabe 6.2.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00505495 _____ C:\Users\KHudzi\Downloads\WS2014-15-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00436032 _____ C:\Users\KHudzi\Downloads\WS2013-14 (1).pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00400952 _____ C:\Users\KHudzi\Downloads\WS2013-14-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13 (1).pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00107989 _____ C:\Users\KHudzi\Downloads\WS2011-12-Wdh.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 04428434 _____ C:\Users\KHudzi\Downloads\Kap_5.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 03665505 _____ C:\Users\KHudzi\Downloads\Kap_3 (2).pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 02989399 _____ C:\Users\KHudzi\Downloads\Kap_6.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 01825057 _____ C:\Users\KHudzi\Downloads\Kap_4.pdf
2016-01-24 14:30 - 2016-01-24 14:30 - 00478649 _____ C:\Users\KHudzi\Downloads\WS2014-15_Lösungen.pdf
2016-01-24 14:28 - 2016-01-24 14:28 - 00432363 _____ C:\Users\KHudzi\Downloads\WS2014-15 (1).pdf
2016-01-24 14:28 - 2016-01-24 14:28 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13.pdf
2016-01-24 14:18 - 2016-01-24 14:18 - 02638294 _____ C:\Users\KHudzi\Downloads\Kap_2.pdf
2016-01-24 14:17 - 2016-01-24 14:17 - 00553541 _____ C:\Users\KHudzi\Downloads\Folie_ACAn_Tut-1 (1).pdf
2016-01-24 13:46 - 2016-01-24 13:46 - 03150217 _____ C:\Users\KHudzi\Downloads\Kap_1.pdf
2016-01-24 13:12 - 2016-01-24 13:12 - 00000000 ____D C:\Users\KHudzi\Downloads\midi
2016-01-24 13:08 - 2016-01-24 13:08 - 00000000 _____ C:\Users\KHudzi\Desktop\klausur.txt
2016-01-24 01:15 - 2016-01-31 09:36 - 02330035 _____ C:\Users\KHudzi\Downloads\Mozart 40 Symphony.flp
2016-01-23 22:12 - 2016-01-24 14:11 - 02288270 _____ C:\Users\KHudzi\Downloads\VaNDinA - Mozart Symphony 40.flp
2016-01-23 21:51 - 2016-01-23 21:51 - 00058979 _____ C:\Users\KHudzi\Downloads\SwedishRhapsodyPolka-HB0174.mid
2016-01-23 21:51 - 2016-01-23 21:51 - 00046362 _____ C:\Users\KHudzi\Downloads\SwedishRhapsody-RM022k.mid
2016-01-22 16:45 - 2016-01-22 16:45 - 00014189 _____ C:\Users\KHudzi\Downloads\stronghold-crusader-2-multi8pcdvdcodexwwwgamestorrentsco..torrent
2016-01-22 15:15 - 2016-01-22 15:15 - 00260528 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2016-01-21 19:34 - 2016-01-21 19:34 - 00010295 _____ C:\Users\KHudzi\Downloads\Calcium.be
2016-01-21 19:34 - 2016-01-21 19:34 - 00009898 _____ C:\Users\KHudzi\Downloads\Arsenkupfer.be
2016-01-20 19:20 - 2016-01-20 19:20 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Avira
2016-01-19 19:17 - 2016-01-19 19:17 - 00001217 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-01-19 19:17 - 2016-01-19 19:17 - 00000000 ____D C:\Users\KHudzi\AppData\Local\AviraSpeedup
2016-01-19 19:16 - 2016-01-22 15:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-01-19 19:16 - 2016-01-19 19:16 - 00003360 _____ C:\Windows\System32\Tasks\Avira System Speedup Tray
2016-01-18 22:51 - 2014-02-25 21:03 - 00000000 ____D C:\Users\KHudzi\Downloads\Migos - No Label 2 (DatPiff.com)
2016-01-18 22:51 - 2013-10-01 12:39 - 00000000 ____D C:\Users\KHudzi\Downloads\Migos  Rich The Kid - Streets On Lock 2 (DatPiff.com)
2016-01-18 20:35 - 2016-01-18 20:35 - 18900044 _____ C:\Users\KHudzi\Downloads\150017__klankbeeld__horror-kids-02.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 19355502 _____ C:\Users\KHudzi\Downloads\193692__xdimebagx__atmosphere-horror-1-loop.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 14971372 _____ C:\Users\KHudzi\Downloads\22039__erdie__breathe.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 03289192 _____ C:\Users\KHudzi\Downloads\9695__suonho__suonho-scaryscape-01.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 02352034 _____ C:\Users\KHudzi\Downloads\171078__klankbeeld__horror-scream-woman-long.wav
2016-01-18 20:34 - 2016-01-18 20:34 - 01941056 _____ C:\Users\KHudzi\Downloads\60571__gabemiller74__breathofdeath.aif
2016-01-18 20:34 - 2016-01-18 20:34 - 01339520 _____ C:\Users\KHudzi\Downloads\126113__klankbeeld__laugh.wav
2016-01-18 20:34 - 2016-01-18 20:34 - 00394508 _____ C:\Users\KHudzi\Downloads\168777__robinhood76__03792-children-screaming.wav
2016-01-18 20:32 - 2016-01-18 20:34 - 29140530 _____ C:\Users\KHudzi\Downloads\333011__michael-kur95__monster-01.wav
2016-01-18 20:32 - 2016-01-18 20:32 - 00182262 _____ C:\Users\KHudzi\Downloads\333012__michael-kur95__jump-03.wav
2016-01-18 20:32 - 2016-01-18 20:32 - 00012332 _____ C:\Users\KHudzi\Downloads\333047__christopherderp__videogame-menu-button-clicking-sound-18.wav
2016-01-18 20:28 - 2016-01-18 20:29 - 09880036 _____ C:\Users\KHudzi\Downloads\333048__zagi2__possessed-accordion-intro.wav
2016-01-18 20:28 - 2016-01-18 20:28 - 01203008 _____ C:\Users\KHudzi\Downloads\333230__robinhood76__06264-holy-hour-trailer-punch.wav
2016-01-18 19:29 - 2016-01-18 19:29 - 01174335 _____ C:\Users\KHudzi\Desktop\#flp.rar
2016-01-18 19:29 - 2012-06-13 16:26 - 00080669 _____ C:\Users\KHudzi\Desktop\TUTORIAL BEAT.flp
2016-01-18 19:29 - 2000-12-03 02:01 - 00000662 _____ C:\Users\KHudzi\Desktop\BDB BELL4.fst
2016-01-18 18:05 - 2016-01-18 22:53 - 00008367 _____ C:\Users\KHudzi\Downloads\Mangan.be
2016-01-18 18:04 - 2016-01-18 18:04 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid (1).pdf
2016-01-18 18:04 - 2016-01-18 18:04 - 00315816 _____ C:\Users\KHudzi\Downloads\Mangan.pdf
2016-01-17 21:49 - 2016-01-31 10:13 - 01627457 _____ C:\Users\KHudzi\Downloads\ROOSTER IN MY RARI (BALLER03676).flp
2016-01-17 20:45 - 2016-01-17 21:37 - 01929951 _____ C:\Users\KHudzi\Downloads\Hate Bein Sober Instrumental (baller03676 remake).flp
2016-01-17 19:35 - 2016-01-17 19:35 - 00012965 _____ C:\Users\KHudzi\Downloads\Chlorid.be
2016-01-17 18:58 - 2016-01-17 18:58 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid.pdf
2016-01-16 20:39 - 2016-01-16 20:39 - 00000000 ____D C:\Crash
2016-01-16 19:15 - 2016-01-16 19:16 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\Daybreak Game Company
2016-01-16 19:15 - 2016-01-16 19:15 - 00002465 _____ C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\Public\Daybreak Game Company
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\KHudzi\AppData\Local\SCE
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Daybreak Game Company
2016-01-16 19:14 - 2016-01-16 19:14 - 33097848 _____ C:\Users\KHudzi\Downloads\PS2_setup.exe
2016-01-16 18:30 - 2014-12-18 17:30 - 00000000 ____D C:\Users\KHudzi\Documents\convert2mp3_video_converter_2.4
2016-01-16 13:58 - 2016-01-16 13:58 - 06882502 _____ C:\Users\KHudzi\Downloads\AC PCTeil K 6 (1).pdf
2016-01-16 13:17 - 2016-01-16 13:17 - 00028672 _____ C:\Windows\SysWOW64\NSREG.DLL
2016-01-16 12:17 - 2016-01-16 12:19 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrainWave Generator.lnk
2016-01-16 12:17 - 2016-01-16 12:19 - 00000000 ____D C:\Program Files (x86)\BrainWave Generator
2016-01-16 12:17 - 2016-01-16 12:17 - 01207296 _____ C:\Users\KHudzi\Downloads\bwgen31.exe
2016-01-16 12:17 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-01-16 11:59 - 2016-01-16 11:59 - 00150316 _____ C:\Users\KHudzi\Downloads\WS2011-12_Lösungen.pdf
2016-01-16 11:43 - 2016-01-16 11:43 - 00057485 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen I.pdf
2016-01-16 11:42 - 2016-01-16 11:42 - 00060741 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen 0.pdf
2016-01-16 11:39 - 2016-01-16 11:39 - 00035854 _____ C:\Users\KHudzi\Downloads\WS2011-12.pdf
2016-01-16 11:35 - 2016-01-16 11:35 - 01642521 _____ C:\Users\KHudzi\Downloads\Allgememeine_Chemie02_19_10_2015.pdf
2016-01-16 10:18 - 2016-01-16 10:18 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\Unity
2016-01-14 21:22 - 2016-01-14 21:22 - 00000000 ____D C:\ProgramData\ATI
2016-01-14 20:10 - 2016-01-14 20:10 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Downloaded Installations
2016-01-14 19:32 - 2016-01-14 19:33 - 09119232 _____ (Copyright © 2006-2011 Prodipe) C:\Users\KHudzi\Downloads\PVESetup.exe
2016-01-14 19:32 - 2016-01-14 19:32 - 01720832 _____ (Copyright © 2008 Prodipe) C:\Users\KHudzi\Downloads\FixSWSynthVistaOrHigher.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 11:19 - 2015-11-02 13:56 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{17AC85C5-86A9-4AB4-A299-ACEF01BCA66E}
2016-02-13 11:18 - 2016-01-10 11:04 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-13 11:18 - 2015-11-02 13:58 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-13 11:17 - 2015-11-08 21:29 - 00000000 ____D C:\ProgramData\MFAData
2016-02-13 11:17 - 2015-10-30 17:40 - 00915828 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-13 11:17 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-13 11:15 - 2015-11-02 13:58 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-13 11:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\inetsrv
2016-02-13 11:12 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-12 18:02 - 2015-11-02 15:08 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-11 21:24 - 2015-11-04 07:38 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\uTorrent
2016-02-11 20:16 - 2015-11-02 10:31 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-02-11 19:13 - 2015-11-04 18:27 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-02-11 19:13 - 2015-11-04 09:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-02-11 17:09 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-11 15:36 - 2015-10-30 17:55 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1323012160-659710808-212240714-1001
2016-02-11 12:38 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 12:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-11 12:08 - 2015-11-08 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-11 12:08 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-02-11 11:33 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-11 00:59 - 2015-10-30 17:44 - 00000000 ____D C:\Users\KHudzi
2016-02-10 21:37 - 2015-11-04 09:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-02-10 21:16 - 2015-11-02 13:58 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 21:16 - 2015-11-02 13:58 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 18:52 - 2015-11-02 13:42 - 00000000 ____D C:\Users\KHudzi\Documents\My Games
2016-02-10 18:05 - 2016-01-10 11:11 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-10 17:37 - 2015-11-11 15:50 - 00000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition
2016-02-10 14:08 - 2015-11-02 10:11 - 00000000 ____D C:\Users\KHudzi\Documents\1 Drumkits
2016-02-09 12:18 - 2015-11-02 10:17 - 00000000 ____D C:\Users\KHudzi\Documents\FL Keygen
2016-02-09 08:15 - 2013-08-22 15:44 - 05070072 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-08 21:11 - 2015-10-30 17:44 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Adobe
2016-02-08 20:36 - 2015-11-02 15:08 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-06 23:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-06 11:30 - 2015-12-23 15:46 - 00000000 ____D C:\Users\KHudzi\AppData\Local\My Games
2016-02-06 10:33 - 2015-11-04 09:54 - 00000000 ____D C:\Users\KHudzi\AppData\Local\PunkBuster
2016-02-06 10:01 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-06 09:57 - 2015-11-04 09:59 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-02-04 17:39 - 2015-11-08 15:37 - 00001154 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-02-04 17:39 - 2015-11-08 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-02 20:10 - 2015-11-02 13:58 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 20:10 - 2015-11-02 13:58 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 21:17 - 2015-11-11 21:28 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-02-01 21:17 - 2015-11-11 21:28 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-02-01 21:17 - 2015-11-11 21:28 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-01-31 19:51 - 2015-12-07 18:12 - 00000000 ____D C:\Users\KHudzi\Documents\beryllium
2016-01-27 19:02 - 2015-11-11 13:57 - 00000000 ____D C:\Users\KHudzi\Desktop\New folder
2016-01-26 20:44 - 2015-11-04 09:30 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsec.dll
2016-01-26 20:44 - 2015-11-04 09:30 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqad.dll
2016-01-26 20:44 - 2015-11-04 09:30 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcmiplugin.dll
2016-01-26 20:44 - 2015-11-04 09:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqmigplugin.dll
2016-01-26 20:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-26 20:44 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mqoa30.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\mqoa20.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mqoa10.tlb
2016-01-26 20:44 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mqac.sys
2016-01-26 20:44 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\mqutil.dll
2016-01-26 20:44 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\mqcertui.dll
2016-01-26 20:44 - 2013-08-22 11:51 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\mqtrig.dll
2016-01-26 20:44 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\mqrt.dll
2016-01-26 20:44 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\mqsnap.dll
2016-01-26 20:44 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\mqlogmgr.dll
2016-01-26 20:44 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa30.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa20.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa10.tlb
2016-01-26 20:44 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqutil.dll
2016-01-26 20:44 - 2013-08-22 05:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoctrs.dll
2016-01-26 20:44 - 2013-08-22 05:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoadmn.dll
2016-01-26 20:44 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcertui.dll
2016-01-26 20:44 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.dll
2016-01-26 20:44 - 2013-08-22 04:29 - 00165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqtrig.dll
2016-01-26 20:44 - 2013-08-22 04:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqise.dll
2016-01-26 20:44 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqrt.dll
2016-01-26 20:44 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsnap.dll
2016-01-26 20:44 - 2013-08-22 00:55 - 00009096 _____ C:\Windows\SysWOW64\msmqtrc.mof
2016-01-26 20:43 - 2015-11-04 09:30 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\mqsec.dll
2016-01-26 20:43 - 2015-11-04 09:30 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\mqad.dll
2016-01-26 20:43 - 2015-11-04 09:28 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\mqcmiplugin.dll
2016-01-26 20:43 - 2015-11-04 09:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-01-26 20:43 - 2015-11-04 09:26 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\mqmigplugin.dll
2016-01-26 20:43 - 2015-11-04 09:25 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-01-26 20:43 - 2015-11-04 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-01-26 20:43 - 2015-11-04 09:22 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-01-26 20:43 - 2015-11-04 09:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-01-26 20:43 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\mqsvc.exe
2016-01-26 20:43 - 2013-08-22 12:32 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\infoctrs.dll
2016-01-26 20:43 - 2013-08-22 12:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\infoadmn.dll
2016-01-26 20:43 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\mqbkup.exe
2016-01-26 20:43 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.dll
2016-01-26 20:43 - 2013-08-22 11:41 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
2016-01-26 20:43 - 2013-08-22 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mqise.dll
2016-01-26 20:43 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\Windows\system32\mqqm.dll
2016-01-26 20:43 - 2013-08-22 07:59 - 00009096 _____ C:\Windows\system32\msmqtrc.mof
2016-01-25 15:47 - 2015-11-11 21:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-19 19:16 - 2015-11-08 15:36 - 00000000 ____D C:\ProgramData\Avira
2016-01-19 19:16 - 2015-11-08 15:36 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-16 19:15 - 2015-11-11 16:07 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-01-16 19:15 - 2015-11-11 16:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-16 08:13 - 2015-11-02 15:09 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Raptr

==================== Files in the root of some directories =======

2015-11-08 16:19 - 2011-09-17 14:00 - 52578120 _____ (Native Instruments GmbH) C:\Program Files (x86)\Massive - Copy.dll
2015-11-08 16:19 - 2011-09-17 14:00 - 52578120 _____ (Native Instruments GmbH) C:\Program Files (x86)\Massive.dll
2015-11-04 08:26 - 2009-10-23 23:00 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll

Some files in TEMP:
====================
C:\Users\KHudzi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 14:56

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

--- --- ---

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by KHudzi (2016-02-13 11:21:31)
Running from C:\Users\KHudzi\Downloads
Windows 8.1 Pro (X64) (2015-10-30 16:44:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1323012160-659710808-212240714-500 - Administrator - Disabled)
Guest (S-1-5-21-1323012160-659710808-212240714-501 - Limited - Disabled)
KHudzi (S-1-5-21-1323012160-659710808-212240714-1001 - Administrator - Enabled) => C:\Users\KHudzi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
ACP Application (Version: 2015.1117.2341.12 - Advanced Micro Devices, Inc.) Hidden
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4530 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.5.441 - AVG Technologies)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BOSS Userlist Manager (HKLM-x32\...\{6E78AAAD-9BC0-4326-8DE4-03013C85CA92}) (Version: 6.8.0000 - Surazal)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
DMG Extractor (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DMG Extractor) (Version: 1.3.15.0 - Reincubate Ltd)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.174.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.1.1526 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Patch testing for Chivalry (HKLM-x32\...\Steam App 232210) (Version:  - )
PlanetSide 2 (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.191 - Daybreak Game Company)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\{EAABE756-8A47-440F-AAC7-2F6BFF589169}) (Version: 6.0 - Black Box)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Waves Central V1.0.2.2 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.3 - Waves)
WinRAR 5.30 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0620CA7E-32B8-4D5F-8D88-EB47A8375AF3} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe [2016-01-12] (Avira Operations GmbH & Co. KG)
Task: {1A1E8CCE-B569-471E-9F69-2A88B698BD50} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {1BE1AB6F-A4AA-4D0D-9807-DAB1A0B67601} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.)
Task: {42C13DF3-4B7C-4AE6-A9FB-0DD087ABFB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.)
Task: {B48B1132-3DBD-435B-8F50-060DF426D2C4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-11 21:28 - 2016-02-01 21:17 - 01205832 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-11-04 09:59 - 2016-02-06 09:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-02-01 21:17 - 2016-02-01 21:17 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\loggingserver.exe
2015-11-11 21:28 - 2016-02-01 21:17 - 02857544 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-02-01 21:17 - 2016-02-01 21:17 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\log4cplusU.dll
2016-01-10 11:05 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-01-10 11:05 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-01-10 11:05 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2016-01-10 11:05 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-01-10 11:05 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-01-10 11:05 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-01-10 11:05 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-02-10 21:16 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 21:16 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
2015-11-08 21:28 - 2015-11-08 21:28 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-01-10 11:05 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1323012160-659710808-212240714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\KHudzi\Downloads\planets-wide.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Raptr"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{20F5D01C-AEBE-4AE7-99A9-033FFD5DC925}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{17AC8184-20E7-43CD-A85C-0F461DF49B8D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7E5D1930-477F-4E8E-A8CD-AF3029210702}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8B195E5C-DEEF-46BD-AFB4-36138ABB6F45}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{4278FACE-CD81-4767-BDA4-F7F9B7E6CB29}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{2A5A2907-592F-4070-9C54-C41704E0BE3F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{33066E79-807D-4AEE-967E-EF3B31D3DFD5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A4920E15-50D9-4D60-9B0E-53915A4E1CA0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{619FCD7F-CA9B-4CA1-9958-CB6DE705A9FF}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1CC9009-3183-4269-BA08-A96E2978C5F5}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23D51743-DA76-41D8-B600-B570E146F312}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03B513F8-9735-43DB-8509-2627957376FF}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{034AD6A7-A6F9-45C2-81B2-E0EF98C9E695}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A42B51A-8843-43B2-8A9E-BCFDDFE668F2}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{DE3D4597-DD14-4271-AC9F-811D2699868E}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Allow) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [UDP Query User{A42C518B-E82E-42FD-9A2D-C80AB36690D7}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Allow) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [TCP Query User{3386DD8D-819D-4C73-B8F3-E4A1E656DCB5}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Block) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [UDP Query User{CA74471D-13F6-46F5-9835-2BF30F51F598}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Block) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [{0FB56A78-293E-44D3-AC23-A1365BE84218}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8EFCB2F7-5C68-4975-94BE-FDC24D22C4D0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{25CE1BFD-A9E9-4EED-9BED-845A2D9B7380}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B88806CC-4853-4334-A46D-C88DCA358731}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9817424C-FE04-4859-BC71-A49E8B3FD839}] => (Allow) LPort=1688
FirewallRules: [{8BD73C82-E9AC-4726-9D06-14B5FEC9F9FE}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{C218F1F9-E0FB-4137-A0FF-92C3E0710E0F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{B8DEC66B-A266-4A73-BF24-A6B5F1EECE9F}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{DE31FBD3-A9F8-428A-836A-1DF3828A1F58}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [TCP Query User{136895F9-16D4-4786-963F-00C7302253BD}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [UDP Query User{386B351A-B7CB-40EA-B8E7-414F16C7C491}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [TCP Query User{BCC58342-A8E0-4A68-B702-9FEE794AA215}C:\program files (x86)\total war rome ii - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{C712025E-EE55-43A6-88A8-E3E9ACC2E923}C:\program files (x86)\total war rome ii - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{6120AE25-31B8-4094-AE79-6612625B8219}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5D5CDE12-90E6-4FA6-A71B-58DD7BAD4799}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A4BD6790-8896-4DB0-913E-7E04D240BD71}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6A9FDBE9-2C2F-4CED-B5B8-F353916DE42A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{654CDE8D-045A-44BE-B799-26E17656B193}C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{419817BF-29AC-440D-8B81-C9C54C8A021E}C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe
FirewallRules: [{5802C14F-2694-4A00-B905-2C5FF5A5C8D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A71BF597-CDCB-4401-8065-80CFC6D5169B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03433AEB-BA9B-4897-8A4E-7FAC39B106B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3E182E98-E352-40D8-A0C9-5A3A8CF232B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{519613D4-5BD7-4760-A642-E5BB7938ADC1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9B080102-B1C7-4766-89D0-A61CAFB0A88C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0C12AC95-EAEF-4917-BA46-A8AED96F275A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{508D5200-3F9B-43DC-8A88-871B93C667C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{050E4C95-5406-473A-98A5-D10FFF8BD045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{5CFCB738-BEBD-46FA-B29D-F4733ABA0725}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{64253C5B-7491-4719-AE98-EB4A0EE03393}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{1AD7E85C-2541-4941-80AB-44114AA37DB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{FCAF9120-7606-4ED2-A6DD-4A07F774CBC5}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [UDP Query User{85BFE613-21D9-4A71-B876-AD7369E6754A}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [TCP Query User{207417DC-D412-4177-93E1-33F8A807209F}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{1DE45DA4-CD8C-4CAE-907B-3096EE4254D4}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{93F56052-D7B7-4678-9908-4C237F9507C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{EF777044-90CB-48A7-83AB-51DAE6A58E89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{4CEF3733-B5B3-4DF3-B5FB-2806829AFDF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{1F4D3170-2742-4DDF-8776-6BB7C78A6BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{1BDB1B1A-DBD7-4E9F-BEC2-EEF7638CAF6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{158AEA18-F090-485B-8E04-6EC185560797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{D0D5FE01-DC58-4DE9-9BAE-BE541AA7A01B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{2FDDE667-1BE0-4506-9992-7DC5F18FFA15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{F42D3432-5D75-4523-822E-CA58AECC1039}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{FC5B1096-57CE-4DAD-BBC5-967D74A1520E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{D8EA1EF6-05B4-42EF-8056-971D34A97DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{82D26A34-5623-4FA4-9089-73847643BD5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{C9C44F7D-A7F0-42BA-B4AE-AC861B1295A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{9FD381A2-45D5-4D30-AE49-498BD21CDEB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{D8F55BFC-0441-45B3-BA9C-733F519C277D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F33214F9-0B6B-459E-AB4B-A7564D00264E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3A9C3011-36E2-4615-B0C3-3EF8CA03C8E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E8BC9CED-1A24-4068-92CF-208B33BA6A8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D349586-3156-48F7-B80C-CA9849CA563D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B3F7DCDB-DA27-49D3-A065-ACB73245662F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2D0DCAB1-1747-4230-9558-9DC72AAC93DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{94B27C4F-999F-4EC8-BCDB-320519C374FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{23B13BDA-CC46-445F-AC22-A7A5AFB71F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F3742C91-8878-4758-A5C9-DD80D6BCE63F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{627556DC-E502-4FF8-AB2D-08FFF65EA05B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E1C29F8C-D14E-4472-ACF4-D9DDBEAC2B72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{394FF988-751E-4BEA-9BBF-FC66291E0DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{5B145EEA-2D1D-44A5-922C-CF91777054A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{8F33F664-F853-4C75-9230-0DF6EFDED638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7FC50B89-FB88-43FB-ACEE-0680A003F067}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{32C5C2F3-E40A-4794-84D5-147D3DE2C8CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{54A7DD3E-63DC-439F-BC9A-EDA7C9C25352}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E14797E6-BDBF-47E2-8F8E-D6485DC3C7D1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{769E0E6D-373D-46FC-89FC-C1A057D2EAE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E1C2F3CF-4F02-4E0D-94C1-EBEEA0A38F6C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4AE2A03A-915C-4F4D-813A-30009C654B45}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BFC64282-E3A6-4385-846A-CF6D0021FD12}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

06-02-2016 09:55:34 Installed DirectX
08-02-2016 20:32:12 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
08-02-2016 20:33:02 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2016 11:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe85bd0668
Faulting process id: 0xc74
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/12/2016 06:06:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffd1ad40668
Faulting process id: 0xb20
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/12/2016 05:51:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007fff3afa0668
Faulting process id: 0xc28
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/11/2016 05:12:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe3bd40668
Faulting process id: 0xb40
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/11/2016 05:11:14 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 12:38:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 11:30:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffaac140668
Faulting process id: 0xc60
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/10/2016 05:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESV.exe, version: 1.9.32.0, time stamp: 0x51437ce5
Faulting module name: steam_api.dll, version: 6.3.9600.18007, time stamp: 0x55c4bc8e
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0x187c
Faulting application start time: 0xTESV.exe0
Faulting application path: TESV.exe1
Faulting module path: TESV.exe2
Report Id: TESV.exe3
Faulting package full name: TESV.exe4
Faulting package-relative application ID: TESV.exe5

Error: (02/10/2016 05:34:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyrimLauncher.exe, version: 1.3.22.0, time stamp: 0x4f3956c2
Faulting module name: steam_api.dll, version: 6.3.9600.18007, time stamp: 0x55c4bc8e
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0x17f0
Faulting application start time: 0xSkyrimLauncher.exe0
Faulting application path: SkyrimLauncher.exe1
Faulting module path: SkyrimLauncher.exe2
Report Id: SkyrimLauncher.exe3
Faulting package full name: SkyrimLauncher.exe4
Faulting package-relative application ID: SkyrimLauncher.exe5

Error: (02/10/2016 05:34:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESV.exe, version: 1.9.32.0, time stamp: 0x51437ce5
Faulting module name: steam_api.dll, version: 6.3.9600.18007, time stamp: 0x55c4bc8e
Exception code: 0xc0000135
Fault offset: 0x0009d4f2
Faulting process id: 0xc20
Faulting application start time: 0xTESV.exe0
Faulting application path: TESV.exe1
Faulting module path: TESV.exe2
Report Id: TESV.exe3
Faulting package full name: TESV.exe4
Faulting package-relative application ID: TESV.exe5


System errors:
=============
Error: (02/13/2016 11:14:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/13/2016 11:12:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/13/2016 11:12:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 02:03:49 on ‎13.‎02.‎2016 was unexpected.

Error: (02/13/2016 02:02:44 AM) (Source: DCOM) (EventID: 10010) (User: Trapstation)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/13/2016 02:02:14 AM) (Source: DCOM) (EventID: 10010) (User: Trapstation)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/12/2016 07:43:29 PM) (Source: DCOM) (EventID: 10010) (User: Trapstation)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (02/12/2016 07:42:59 PM) (Source: DCOM) (EventID: 10010) (User: Trapstation)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (02/12/2016 06:06:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/12/2016 06:05:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (02/12/2016 06:03:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126


CodeIntegrity:
===================================
  Date: 2016-02-13 11:17:32.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:26.451
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:14.630
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:13.755
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:13.661
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:13.552
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:13.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:14:09.655
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:14:09.186
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:14:08.748
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 8119.99 MB
Available physical RAM: 5972.86 MB
Total Virtual: 9399.99 MB
Available Virtual: 6616.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931 GB) (Free:592.16 GB) NTFS
Drive e: (PVE) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0972DD4A)

Partition: GPT.

==================== End of Addition.txt ============================

--- --- ---

cosinus · 13.02.2016, 12:20

Bitte Avira und AVG deinstallieren!!! Avira empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf - so etwas ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen.

Gib Bescheid wenn beide weg sind.

Außerdem:

Zitat:

S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe
C:\Users\KHudzi\Desktop\Omnisphere 2 Keygen.app
C:\Users\KHudzi\Documents\FL Keygen

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

KHudzi · 13.02.2016, 13:46

ok, ich glaube ich es müsste alles weg sein.
hab First nochmal durchlaufen lassen und hier die logs:
falls da noch was störendes dabei sein sollte bitte mir mitteilen. ich werde es dann unverzüglich entfernen

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by KHudzi (administrator) on TRAPSTATION (13-02-2016 13:42:10)
Running from C:\Users\KHudzi\Desktop
Loaded Profiles: KHudzi (Available Profiles: KHudzi)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.2.5\ScriptHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.Core.Common.Starter.exe
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2015-10-08] (Power Software Ltd)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\Run: [GoogleChromeAutoLaunch_E488E95AD6A24822E6C7E7988CBC3F32] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\MountPoints2: {f7f0a94e-7f23-11e5-824b-806e6f6e6963} - "E:\Setup\PVESetup.exe" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4E61EAC7-E7C9-4F41-89DD-6FAF2C1C176F}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1323012160-659710808-212240714-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={9C0F42BE-A7EB-4706-8248-6E83A89B6044}&mid=91cdd959b86a47cca1cb0982cc7f91c8-e4d8218fcb043a365cb8da30b84b91204afa31d1&lang=de&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2015-11-11 21:28:20&v=4.2.4.155&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1323012160-659710808-212240714-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1323012160-659710808-212240714-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C0F42BE-A7EB-4706-8248-6E83A89B6044}&mid=91cdd959b86a47cca1cb0982cc7f91c8-e4d8218fcb043a365cb8da30b84b91204afa31d1&lang=de&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-11-11 21:28:20&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> {097E403F-E328-457C-9B70-1F1C2F2DC8FF} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C0F42BE-A7EB-4706-8248-6E83A89B6044}&mid=91cdd959b86a47cca1cb0982cc7f91c8-e4d8218fcb043a365cb8da30b84b91204afa31d1&lang=de&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-11-11 21:28:20&v=4.2.4.155&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.5.441\AVG Web TuneUp.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.5\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1323012160-659710808-212240714-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-06] ()
FF SearchPlugin: C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\searchplugins\avg-secure-search.xml [2016-02-01]
FF Extension: Avira Browser Safety - C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\Extensions\abs@avira.com [2015-11-08] [not signed]
FF Extension: AVG Web TuneUp - C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\Extensions\avg@toolbar.xpi [2016-02-01]

Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://start.iminent.com/?appId=FB073E03-98B2-46AB-9A23-748D7E4EF4DE","hxxp://istart.webssearches.com/?type=hp&ts=1396010274&from=tugs&uid=ST9500325AS_6VEE8DW9XXXX6VEE8DW9"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-02]
CHR Extension: (Google Docs) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02]
CHR Extension: (Google Drive) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (AVG Secure Search) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-01-27]
CHR Extension: (Google-Suche) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Google Tabellen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02]
CHR Extension: (Google Mail) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\KHudzi\Documents\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1323012160-659710808-212240714-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-11-17] (Advanced Micro Devices) [File not signed]
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2016-01-26] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [168448 2016-01-26] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-06] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
S2 SpeedupService; "C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe" [X]
S2 vToolbarUpdater40.2.5; "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\ToolbarUpdater.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2015-11-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 13:42 - 2016-02-13 13:42 - 00015484 _____ C:\Users\KHudzi\Desktop\FRST.txt
2016-02-13 13:11 - 2016-02-13 13:11 - 03948148 _____ C:\Users\KHudzi\Downloads\avg_remover_stf_x16_7134.zip
2016-02-13 11:21 - 2016-02-13 11:22 - 00043720 _____ C:\Users\KHudzi\Downloads\Addition.txt
2016-02-13 11:20 - 2016-02-13 13:42 - 00000000 ____D C:\FRST
2016-02-13 11:20 - 2016-02-13 13:41 - 00048635 _____ C:\Users\KHudzi\Downloads\FRST.txt
2016-02-13 11:19 - 2016-02-13 11:20 - 02370560 _____ (Farbar) C:\Users\KHudzi\Desktop\FRST64.exe
2016-02-13 11:19 - 2016-02-13 11:19 - 01721344 _____ (Farbar) C:\Users\KHudzi\Downloads\FRST.exe
2016-02-11 20:27 - 2016-02-11 20:27 - 00000000 ____D C:\Users\KHudzi\Documents\Addictive Keys
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Users\KHudzi\Documents\Addictive Keys Logs
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Addictive Keys
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-11 20:16 - 2016-02-11 20:16 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2016-02-11 20:16 - 2016-02-11 20:16 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-02-11 20:16 - 2016-02-11 20:16 - 00001257 _____ C:\Users\KHudzi\Desktop\Addictive Keys.lnk
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\ProgramData\XLN Audio
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\Program Files (x86)\XLN Audio
2016-02-10 18:05 - 2016-02-10 18:05 - 00000222 _____ C:\Users\KHudzi\Desktop\Outlast.url
2016-02-10 17:37 - 2016-02-10 17:37 - 00056200 _____ C:\Users\KHudzi\Downloads\steam_api.zip
2016-02-10 14:06 - 2016-02-10 14:06 - 69124453 _____ C:\Users\KHudzi\Downloads\VoxengoDrumServiceCymbals.rar
2016-02-09 19:36 - 2016-02-10 12:16 - 02979845 _____ C:\Users\KHudzi\Downloads\Dark mean piano 2.zip
2016-02-09 11:38 - 2016-02-09 11:38 - 00107111 _____ C:\Users\KHudzi\Downloads\Hold On - Gangsta Rap Beat, Future Style French Mobntana, Tyga Type Instrumental (1).zip
2016-02-09 11:37 - 2016-02-09 11:37 - 06196957 _____ C:\Users\KHudzi\Downloads\monter.zip
2016-02-09 11:37 - 2016-02-09 11:37 - 00107111 _____ C:\Users\KHudzi\Downloads\Hold On - Gangsta Rap Beat, Future Style French Mobntana, Tyga Type Instrumental.zip
2016-02-09 11:36 - 2016-02-09 11:36 - 06196957 _____ C:\Users\KHudzi\Desktop\monter.zip
2016-02-09 10:32 - 2016-02-12 23:39 - 00000000 ____D C:\Users\KHudzi\Desktop\physik
2016-02-09 10:04 - 2016-02-09 10:04 - 00508463 _____ C:\Users\KHudzi\Desktop\wintermadness.aep
2016-02-08 23:21 - 2016-02-11 20:01 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\uTorrent
2016-02-08 21:39 - 2016-02-08 21:39 - 10189368 _____ (Igor Pavlov) C:\Users\KHudzi\Downloads\esXP.exe
2016-02-08 21:10 - 2016-02-09 09:34 - 00000000 ____D C:\Users\KHudzi\Documents\Adobe
2016-02-08 20:39 - 2016-02-08 20:39 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2016-02-08 20:39 - 2016-02-08 20:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-08 20:37 - 2016-02-08 20:37 - 00001348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2016-02-08 20:35 - 2016-02-08 20:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-08 20:35 - 2016-02-08 20:38 - 00000000 ____D C:\Program Files\Adobe
2016-02-08 20:33 - 2016-02-08 20:33 - 00001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-02-08 20:33 - 2016-02-08 20:33 - 00001546 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-02-08 20:30 - 2016-02-08 21:11 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Adobe
2016-02-08 20:30 - 2016-02-08 20:39 - 00000000 ____D C:\ProgramData\Adobe
2016-02-07 16:11 - 2016-02-07 16:12 - 113388660 _____ C:\Users\KHudzi\Downloads\mw2patch.rar
2016-02-07 14:20 - 2016-02-07 14:20 - 00065336 _____ C:\Users\KHudzi\Downloads\MW2Unleashed@erikvargas.zip
2016-02-07 14:20 - 2009-11-14 18:18 - 00048640 _____ (Ultimate Filez) C:\Users\KHudzi\Desktop\MW2_Unleashed.dll
2016-02-07 08:25 - 2016-02-08 21:12 - 00000000 ____D C:\Users\KHudzi\Desktop\tripp music
2016-02-06 22:35 - 2016-02-06 22:35 - 00000221 _____ C:\Users\KHudzi\Desktop\Call of Duty Modern Warfare 2.url
2016-02-06 22:35 - 2016-02-06 22:35 - 00000221 _____ C:\Users\KHudzi\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2016-02-06 19:50 - 2016-02-06 19:50 - 05441776 _____ C:\Users\KHudzi\Downloads\FlyBeats - Jungle Drum Kit.rar
2016-02-06 10:00 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-06 10:00 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-06 09:59 - 2016-02-06 09:59 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-06 09:59 - 2016-02-06 09:59 - 00000000 ____D C:\Program Files\MSBuild
2016-02-06 09:57 - 2016-02-06 11:34 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Ubisoft Game Launcher
2016-02-06 09:57 - 2016-02-06 09:57 - 00001217 _____ C:\Users\KHudzi\Desktop\Uplay.lnk
2016-02-06 09:57 - 2016-02-06 09:57 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-06 09:57 - 2016-02-06 09:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-06 09:57 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-02-06 09:57 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-02-06 08:07 - 2016-02-06 08:07 - 00000222 _____ C:\Users\KHudzi\Desktop\Far Cry 3.url
2016-02-06 07:59 - 2016-02-06 08:00 - 00000000 ____D C:\Users\KHudzi\Desktop\Future - EVOL
2016-02-06 07:57 - 2016-02-06 07:58 - 87947373 _____ C:\Users\KHudzi\Downloads\Future - EVOL .zip
2016-02-05 18:17 - 2016-02-05 18:17 - 00090564 _____ C:\Users\KHudzi\Downloads\1058-Cop Car Siren-SoundBible.com-1231381021.zip
2016-02-05 16:51 - 2016-02-05 16:52 - 08900138 _____ C:\Users\KHudzi\Downloads\ANKA DRUMS.zip
2016-02-04 19:33 - 2016-02-04 19:33 - 00000222 _____ C:\Users\KHudzi\Desktop\Patch testing for Chivalry.url
2016-02-01 11:53 - 2016-02-01 11:53 - 00079108 _____ C:\Users\KHudzi\Downloads\Selbstauskunft Lederergasse.pdf
2016-01-31 20:01 - 2016-01-31 20:01 - 00012857 _____ C:\Users\KHudzi\Downloads\Eisen.be
2016-01-31 19:39 - 2016-01-31 19:39 - 00670266 _____ C:\Users\KHudzi\Downloads\Eisen und Chrom (1).pdf
2016-01-31 19:32 - 2016-02-01 21:56 - 00005183 _____ C:\Users\KHudzi\Downloads\Nickel.be
2016-01-31 19:15 - 2016-01-31 19:15 - 00670266 _____ C:\Users\KHudzi\Downloads\Eisen und Chrom.pdf
2016-01-31 19:15 - 2016-01-31 19:15 - 00476852 _____ C:\Users\KHudzi\Downloads\Nickel.pdf
2016-01-30 21:43 - 2016-01-30 21:43 - 32590375 _____ C:\Users\KHudzi\Downloads\FUTURE _Bye Bye_ Prod by Zaytoven.mp4
2016-01-28 20:37 - 2016-01-28 20:37 - 49638803 _____ C:\Users\KHudzi\Desktop\Dark Objects.zip
2016-01-27 17:18 - 2016-01-27 17:18 - 01207871 _____ C:\Users\KHudzi\Downloads\Calcium.pdf
2016-01-27 17:18 - 2016-01-27 17:18 - 00737989 _____ C:\Users\KHudzi\Downloads\Arsen und Kupfer.pdf
2016-01-27 14:58 - 2016-01-27 14:58 - 01314496 _____ C:\Users\KHudzi\Downloads\Vorlesung_09_11_2015.pdf
2016-01-27 14:40 - 2016-01-27 14:40 - 00171119 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_Vorlesung04_02_11_2015.pdf
2016-01-27 14:38 - 2016-01-27 14:38 - 01068004 _____ C:\Users\KHudzi\Downloads\Vorlesung03_26_10_15.pdf
2016-01-27 14:37 - 2016-01-27 14:37 - 01642521 _____ C:\Users\KHudzi\Downloads\Allgememeine_Chemie02_19_10_2015 (1).pdf
2016-01-27 13:27 - 2016-01-27 13:27 - 00404606 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_18_01_2016.pdf
2016-01-27 12:18 - 2016-01-27 12:18 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid (2).pdf
2016-01-27 11:44 - 2016-01-27 11:44 - 08547811 _____ C:\Users\KHudzi\Downloads\Linie43Haltestellenfahrplanab15.09.2014.pdf
2016-01-27 10:54 - 2016-01-27 10:54 - 00000000 ____D C:\Users\KHudzi\Documents\massive preset
2016-01-27 10:04 - 2016-01-27 10:04 - 00162067 _____ C:\Users\KHudzi\Downloads\GTuneWin32.zip
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\system32\msmq
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\system32\BestPractices
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\inetpub
2016-01-26 18:12 - 2016-01-26 18:12 - 00192426 _____ C:\Users\KHudzi\Downloads\Übungsaufgaben.pdf
2016-01-26 18:12 - 2016-01-26 18:12 - 00033752 _____ C:\Users\KHudzi\Downloads\VDW Kritischer Punkt.mw
2016-01-26 18:11 - 2016-01-26 18:11 - 00018378 _____ C:\Users\KHudzi\Downloads\Literatur.pdf
2016-01-26 17:54 - 2016-01-26 17:54 - 03075362 _____ C:\Users\KHudzi\Downloads\AC PCTeil K 5.pdf
2016-01-26 17:01 - 2016-01-26 17:01 - 05351863 _____ C:\Users\KHudzi\Downloads\AC PCTeil K1-4.pdf
2016-01-25 16:49 - 2016-01-25 16:49 - 00054358 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_25_01_2016.pdf
2016-01-25 16:47 - 2016-01-25 16:47 - 00038830 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen III.pdf
2016-01-25 16:47 - 2016-01-25 16:47 - 00038830 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen III (1).pdf
2016-01-25 16:28 - 2016-01-25 16:28 - 06977250 _____ C:\Users\KHudzi\Downloads\Ex-VL 6.pdf
2016-01-25 16:28 - 2016-01-25 16:28 - 00145983 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen II.pdf
2016-01-25 16:27 - 2016-01-25 16:27 - 05843177 _____ C:\Users\KHudzi\Downloads\Ex-VL 5.pdf
2016-01-25 16:23 - 2016-01-25 16:23 - 04372620 _____ C:\Users\KHudzi\Downloads\Ex-VL 4 (2).pdf
2016-01-25 16:23 - 2016-01-25 16:23 - 01659659 _____ C:\Users\KHudzi\Downloads\Ex-VL 2 (1).pdf
2016-01-25 16:17 - 2016-01-25 16:17 - 04372620 _____ C:\Users\KHudzi\Downloads\Ex-VL 4 (1).pdf
2016-01-25 16:17 - 2016-01-25 16:17 - 00812625 _____ C:\Users\KHudzi\Downloads\Ex-VL 1.pdf
2016-01-25 16:14 - 2016-01-25 16:14 - 00329737 _____ C:\Users\KHudzi\Downloads\WS2012-13_Lösungen.pdf
2016-01-25 16:14 - 2016-01-25 16:14 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh (2).pdf
2016-01-25 14:35 - 2016-01-25 14:35 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13 (2).pdf
2016-01-25 14:25 - 2016-01-25 14:25 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh (1).pdf
2016-01-25 14:00 - 2016-01-25 14:00 - 00025834 _____ C:\Users\KHudzi\Downloads\myLectureseb976523-1bc6-4af1-a5f1-e8e7effc47f1.pdf
2016-01-25 11:27 - 2016-02-13 12:52 - 00000000 ____D C:\Users\KHudzi\Desktop\Omnisphere 2 Keygen.app
2016-01-25 10:19 - 2016-01-25 10:19 - 00001019 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\PowerISO
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\Program Files (x86)\PowerISO
2016-01-25 10:19 - 2015-10-08 08:00 - 00127760 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2016-01-25 10:18 - 2016-01-25 22:28 - 12582912 _____ C:\Users\KHudzi\Downloads\PowerISO6.vhdx
2016-01-25 10:14 - 2016-01-25 10:14 - 00001146 _____ C:\Users\KHudzi\Desktop\DMG Extractor.lnk
2016-01-25 10:14 - 2016-01-25 10:14 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Reincubate
2016-01-25 10:14 - 2016-01-25 10:14 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2016-01-24 15:34 - 2016-01-24 15:34 - 01768809 _____ C:\Users\KHudzi\Downloads\Ergänzungsfolien_MO-Theorie, Phosphor, Schwefel, Übungsaufgabe 6.2.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00505495 _____ C:\Users\KHudzi\Downloads\WS2014-15-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00436032 _____ C:\Users\KHudzi\Downloads\WS2013-14 (1).pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00400952 _____ C:\Users\KHudzi\Downloads\WS2013-14-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13 (1).pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00107989 _____ C:\Users\KHudzi\Downloads\WS2011-12-Wdh.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 04428434 _____ C:\Users\KHudzi\Downloads\Kap_5.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 03665505 _____ C:\Users\KHudzi\Downloads\Kap_3 (2).pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 02989399 _____ C:\Users\KHudzi\Downloads\Kap_6.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 01825057 _____ C:\Users\KHudzi\Downloads\Kap_4.pdf
2016-01-24 14:30 - 2016-01-24 14:30 - 00478649 _____ C:\Users\KHudzi\Downloads\WS2014-15_Lösungen.pdf
2016-01-24 14:28 - 2016-01-24 14:28 - 00432363 _____ C:\Users\KHudzi\Downloads\WS2014-15 (1).pdf
2016-01-24 14:28 - 2016-01-24 14:28 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13.pdf
2016-01-24 14:18 - 2016-01-24 14:18 - 02638294 _____ C:\Users\KHudzi\Downloads\Kap_2.pdf
2016-01-24 14:17 - 2016-01-24 14:17 - 00553541 _____ C:\Users\KHudzi\Downloads\Folie_ACAn_Tut-1 (1).pdf
2016-01-24 13:46 - 2016-01-24 13:46 - 03150217 _____ C:\Users\KHudzi\Downloads\Kap_1.pdf
2016-01-24 13:12 - 2016-01-24 13:12 - 00000000 ____D C:\Users\KHudzi\Downloads\midi
2016-01-24 13:08 - 2016-01-24 13:08 - 00000000 _____ C:\Users\KHudzi\Desktop\klausur.txt
2016-01-24 01:15 - 2016-01-31 09:36 - 02330035 _____ C:\Users\KHudzi\Downloads\Mozart 40 Symphony.flp
2016-01-23 22:12 - 2016-01-24 14:11 - 02288270 _____ C:\Users\KHudzi\Downloads\VaNDinA - Mozart Symphony 40.flp
2016-01-23 21:51 - 2016-01-23 21:51 - 00058979 _____ C:\Users\KHudzi\Downloads\SwedishRhapsodyPolka-HB0174.mid
2016-01-23 21:51 - 2016-01-23 21:51 - 00046362 _____ C:\Users\KHudzi\Downloads\SwedishRhapsody-RM022k.mid
2016-01-22 16:45 - 2016-01-22 16:45 - 00014189 _____ C:\Users\KHudzi\Downloads\stronghold-crusader-2-multi8pcdvdcodexwwwgamestorrentsco..torrent
2016-01-21 19:34 - 2016-01-21 19:34 - 00010295 _____ C:\Users\KHudzi\Downloads\Calcium.be
2016-01-21 19:34 - 2016-01-21 19:34 - 00009898 _____ C:\Users\KHudzi\Downloads\Arsenkupfer.be
2016-01-20 19:20 - 2016-01-20 19:20 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Avira
2016-01-19 19:17 - 2016-01-19 19:17 - 00000000 ____D C:\Users\KHudzi\AppData\Local\AviraSpeedup
2016-01-19 19:16 - 2016-01-22 15:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-01-19 19:16 - 2016-01-19 19:16 - 00003360 _____ C:\Windows\System32\Tasks\Avira System Speedup Tray
2016-01-18 22:51 - 2014-02-25 21:03 - 00000000 ____D C:\Users\KHudzi\Downloads\Migos - No Label 2 (DatPiff.com)
2016-01-18 22:51 - 2013-10-01 12:39 - 00000000 ____D C:\Users\KHudzi\Downloads\Migos  Rich The Kid - Streets On Lock 2 (DatPiff.com)
2016-01-18 20:35 - 2016-01-18 20:35 - 18900044 _____ C:\Users\KHudzi\Downloads\150017__klankbeeld__horror-kids-02.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 19355502 _____ C:\Users\KHudzi\Downloads\193692__xdimebagx__atmosphere-horror-1-loop.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 14971372 _____ C:\Users\KHudzi\Downloads\22039__erdie__breathe.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 03289192 _____ C:\Users\KHudzi\Downloads\9695__suonho__suonho-scaryscape-01.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 02352034 _____ C:\Users\KHudzi\Downloads\171078__klankbeeld__horror-scream-woman-long.wav
2016-01-18 20:34 - 2016-01-18 20:34 - 01941056 _____ C:\Users\KHudzi\Downloads\60571__gabemiller74__breathofdeath.aif
2016-01-18 20:34 - 2016-01-18 20:34 - 01339520 _____ C:\Users\KHudzi\Downloads\126113__klankbeeld__laugh.wav
2016-01-18 20:34 - 2016-01-18 20:34 - 00394508 _____ C:\Users\KHudzi\Downloads\168777__robinhood76__03792-children-screaming.wav
2016-01-18 20:32 - 2016-01-18 20:34 - 29140530 _____ C:\Users\KHudzi\Downloads\333011__michael-kur95__monster-01.wav
2016-01-18 20:32 - 2016-01-18 20:32 - 00182262 _____ C:\Users\KHudzi\Downloads\333012__michael-kur95__jump-03.wav
2016-01-18 20:32 - 2016-01-18 20:32 - 00012332 _____ C:\Users\KHudzi\Downloads\333047__christopherderp__videogame-menu-button-clicking-sound-18.wav
2016-01-18 20:28 - 2016-01-18 20:29 - 09880036 _____ C:\Users\KHudzi\Downloads\333048__zagi2__possessed-accordion-intro.wav
2016-01-18 20:28 - 2016-01-18 20:28 - 01203008 _____ C:\Users\KHudzi\Downloads\333230__robinhood76__06264-holy-hour-trailer-punch.wav
2016-01-18 19:29 - 2016-01-18 19:29 - 01174335 _____ C:\Users\KHudzi\Desktop\#flp.rar
2016-01-18 19:29 - 2012-06-13 16:26 - 00080669 _____ C:\Users\KHudzi\Desktop\TUTORIAL BEAT.flp
2016-01-18 19:29 - 2000-12-03 02:01 - 00000662 _____ C:\Users\KHudzi\Desktop\BDB BELL4.fst
2016-01-18 18:05 - 2016-01-18 22:53 - 00008367 _____ C:\Users\KHudzi\Downloads\Mangan.be
2016-01-18 18:04 - 2016-01-18 18:04 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid (1).pdf
2016-01-18 18:04 - 2016-01-18 18:04 - 00315816 _____ C:\Users\KHudzi\Downloads\Mangan.pdf
2016-01-17 21:49 - 2016-01-31 10:13 - 01627457 _____ C:\Users\KHudzi\Downloads\ROOSTER IN MY RARI (BALLER03676).flp
2016-01-17 20:45 - 2016-01-17 21:37 - 01929951 _____ C:\Users\KHudzi\Downloads\Hate Bein Sober Instrumental (baller03676 remake).flp
2016-01-17 19:35 - 2016-01-17 19:35 - 00012965 _____ C:\Users\KHudzi\Downloads\Chlorid.be
2016-01-17 18:58 - 2016-01-17 18:58 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid.pdf
2016-01-16 20:39 - 2016-01-16 20:39 - 00000000 ____D C:\Crash
2016-01-16 19:15 - 2016-01-16 19:16 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\Daybreak Game Company
2016-01-16 19:15 - 2016-01-16 19:15 - 00002465 _____ C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\Public\Daybreak Game Company
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\KHudzi\AppData\Local\SCE
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Daybreak Game Company
2016-01-16 19:14 - 2016-01-16 19:14 - 33097848 _____ C:\Users\KHudzi\Downloads\PS2_setup.exe
2016-01-16 18:30 - 2014-12-18 17:30 - 00000000 ____D C:\Users\KHudzi\Documents\convert2mp3_video_converter_2.4
2016-01-16 13:58 - 2016-01-16 13:58 - 06882502 _____ C:\Users\KHudzi\Downloads\AC PCTeil K 6 (1).pdf
2016-01-16 13:17 - 2016-01-16 13:17 - 00028672 _____ C:\Windows\SysWOW64\NSREG.DLL
2016-01-16 12:17 - 2016-01-16 12:19 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrainWave Generator.lnk
2016-01-16 12:17 - 2016-01-16 12:19 - 00000000 ____D C:\Program Files (x86)\BrainWave Generator
2016-01-16 12:17 - 2016-01-16 12:17 - 01207296 _____ C:\Users\KHudzi\Downloads\bwgen31.exe
2016-01-16 12:17 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-01-16 11:59 - 2016-01-16 11:59 - 00150316 _____ C:\Users\KHudzi\Downloads\WS2011-12_Lösungen.pdf
2016-01-16 11:43 - 2016-01-16 11:43 - 00057485 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen I.pdf
2016-01-16 11:42 - 2016-01-16 11:42 - 00060741 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen 0.pdf
2016-01-16 11:39 - 2016-01-16 11:39 - 00035854 _____ C:\Users\KHudzi\Downloads\WS2011-12.pdf
2016-01-16 11:35 - 2016-01-16 11:35 - 01642521 _____ C:\Users\KHudzi\Downloads\Allgememeine_Chemie02_19_10_2015.pdf
2016-01-16 10:18 - 2016-01-16 10:18 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\Unity
2016-01-14 21:22 - 2016-01-14 21:22 - 00000000 ____D C:\ProgramData\ATI
2016-01-14 20:10 - 2016-01-14 20:10 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Downloaded Installations
2016-01-14 19:32 - 2016-01-14 19:33 - 09119232 _____ (Copyright © 2006-2011 Prodipe) C:\Users\KHudzi\Downloads\PVESetup.exe
2016-01-14 19:32 - 2016-01-14 19:32 - 01720832 _____ (Copyright © 2008 Prodipe) C:\Users\KHudzi\Downloads\FixSWSynthVistaOrHigher.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-13 13:32 - 2015-10-30 17:55 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1323012160-659710808-212240714-1001
2016-02-13 13:28 - 2015-10-30 17:40 - 00915828 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-13 13:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-13 13:23 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\inetsrv
2016-02-13 13:22 - 2016-01-10 11:04 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-13 13:22 - 2015-11-02 13:58 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-13 13:21 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-13 13:20 - 2015-11-08 21:28 - 00000000 ____D C:\ProgramData\Avg
2016-02-13 13:20 - 2015-11-02 15:08 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-13 13:18 - 2015-11-08 21:27 - 00000000 ____D C:\Users\KHudzi\AppData\Local\AvgSetupLog
2016-02-13 13:15 - 2015-11-02 13:58 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-13 13:11 - 2015-11-08 21:32 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\AVG
2016-02-13 13:11 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-02-13 12:59 - 2015-11-08 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-13 12:59 - 2015-11-08 15:36 - 00000000 ____D C:\ProgramData\Avira
2016-02-13 12:59 - 2015-11-02 15:08 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-13 11:19 - 2015-11-02 13:56 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{17AC85C5-86A9-4AB4-A299-ACEF01BCA66E}
2016-02-11 21:24 - 2015-11-04 07:38 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\uTorrent
2016-02-11 20:16 - 2015-11-02 10:31 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-02-11 19:13 - 2015-11-04 18:27 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-02-11 19:13 - 2015-11-04 09:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-02-11 17:09 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-11 12:38 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 12:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-11 11:33 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-11 00:59 - 2015-10-30 17:44 - 00000000 ____D C:\Users\KHudzi
2016-02-10 21:37 - 2015-11-04 09:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-02-10 21:16 - 2015-11-02 13:58 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 21:16 - 2015-11-02 13:58 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 18:52 - 2015-11-02 13:42 - 00000000 ____D C:\Users\KHudzi\Documents\My Games
2016-02-10 18:05 - 2016-01-10 11:11 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-10 17:37 - 2015-11-11 15:50 - 00000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition
2016-02-10 14:08 - 2015-11-02 10:11 - 00000000 ____D C:\Users\KHudzi\Documents\1 Drumkits
2016-02-09 08:15 - 2013-08-22 15:44 - 05070072 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-08 21:11 - 2015-10-30 17:44 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Adobe
2016-02-06 23:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-06 11:30 - 2015-12-23 15:46 - 00000000 ____D C:\Users\KHudzi\AppData\Local\My Games
2016-02-06 10:33 - 2015-11-04 09:54 - 00000000 ____D C:\Users\KHudzi\AppData\Local\PunkBuster
2016-02-06 10:01 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-06 09:57 - 2015-11-04 09:59 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-02-02 20:10 - 2015-11-02 13:58 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 20:10 - 2015-11-02 13:58 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 21:17 - 2015-11-11 21:28 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-01-31 19:51 - 2015-12-07 18:12 - 00000000 ____D C:\Users\KHudzi\Documents\beryllium
2016-01-27 19:02 - 2015-11-11 13:57 - 00000000 ____D C:\Users\KHudzi\Desktop\New folder
2016-01-26 20:44 - 2015-11-04 09:30 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsec.dll
2016-01-26 20:44 - 2015-11-04 09:30 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqad.dll
2016-01-26 20:44 - 2015-11-04 09:30 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcmiplugin.dll
2016-01-26 20:44 - 2015-11-04 09:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqmigplugin.dll
2016-01-26 20:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-26 20:44 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mqoa30.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\mqoa20.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mqoa10.tlb
2016-01-26 20:44 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mqac.sys
2016-01-26 20:44 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\mqutil.dll
2016-01-26 20:44 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\mqcertui.dll
2016-01-26 20:44 - 2013-08-22 11:51 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\mqtrig.dll
2016-01-26 20:44 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\mqrt.dll
2016-01-26 20:44 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\mqsnap.dll
2016-01-26 20:44 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\mqlogmgr.dll
2016-01-26 20:44 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa30.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa20.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa10.tlb
2016-01-26 20:44 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqutil.dll
2016-01-26 20:44 - 2013-08-22 05:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoctrs.dll
2016-01-26 20:44 - 2013-08-22 05:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoadmn.dll
2016-01-26 20:44 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcertui.dll
2016-01-26 20:44 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.dll
2016-01-26 20:44 - 2013-08-22 04:29 - 00165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqtrig.dll
2016-01-26 20:44 - 2013-08-22 04:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqise.dll
2016-01-26 20:44 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqrt.dll
2016-01-26 20:44 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsnap.dll
2016-01-26 20:44 - 2013-08-22 00:55 - 00009096 _____ C:\Windows\SysWOW64\msmqtrc.mof
2016-01-26 20:43 - 2015-11-04 09:30 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\mqsec.dll
2016-01-26 20:43 - 2015-11-04 09:30 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\mqad.dll
2016-01-26 20:43 - 2015-11-04 09:28 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\mqcmiplugin.dll
2016-01-26 20:43 - 2015-11-04 09:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-01-26 20:43 - 2015-11-04 09:26 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\mqmigplugin.dll
2016-01-26 20:43 - 2015-11-04 09:25 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-01-26 20:43 - 2015-11-04 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-01-26 20:43 - 2015-11-04 09:22 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-01-26 20:43 - 2015-11-04 09:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-01-26 20:43 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\mqsvc.exe
2016-01-26 20:43 - 2013-08-22 12:32 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\infoctrs.dll
2016-01-26 20:43 - 2013-08-22 12:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\infoadmn.dll
2016-01-26 20:43 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\mqbkup.exe
2016-01-26 20:43 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.dll
2016-01-26 20:43 - 2013-08-22 11:41 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
2016-01-26 20:43 - 2013-08-22 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mqise.dll
2016-01-26 20:43 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\Windows\system32\mqqm.dll
2016-01-26 20:43 - 2013-08-22 07:59 - 00009096 _____ C:\Windows\system32\msmqtrc.mof
2016-01-25 15:47 - 2015-11-11 21:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-16 19:15 - 2015-11-11 16:07 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-01-16 19:15 - 2015-11-11 16:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-16 08:13 - 2015-11-02 15:09 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Raptr

==================== Files in the root of some directories =======

2015-11-08 16:19 - 2011-09-17 14:00 - 52578120 _____ (Native Instruments GmbH) C:\Program Files (x86)\Massive - Copy.dll
2015-11-08 16:19 - 2011-09-17 14:00 - 52578120 _____ (Native Instruments GmbH) C:\Program Files (x86)\Massive.dll
2015-11-04 08:26 - 2009-10-23 23:00 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll

Some files in TEMP:
====================
C:\Users\KHudzi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 14:56

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

--- --- ---

[CODE]Additional
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by KHudzi (2016-02-13 13:42:21)
Running from C:\Users\KHudzi\Desktop
Windows 8.1 Pro (X64) (2015-10-30 16:44:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1323012160-659710808-212240714-500 - Administrator - Disabled)
Guest (S-1-5-21-1323012160-659710808-212240714-501 - Limited - Disabled)
KHudzi (S-1-5-21-1323012160-659710808-212240714-1001 - Administrator - Enabled) => C:\Users\KHudzi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
ACP Application (Version: 2015.1117.2341.12 - Advanced Micro Devices, Inc.) Hidden
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.5.441 - AVG Technologies)
BOSS Userlist Manager (HKLM-x32\...\{6E78AAAD-9BC0-4326-8DE4-03013C85CA92}) (Version: 6.8.0000 - Surazal)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
DMG Extractor (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DMG Extractor) (Version: 1.3.15.0 - Reincubate Ltd)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.174.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.1.1526 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Patch testing for Chivalry (HKLM-x32\...\Steam App 232210) (Version:  - )
PlanetSide 2 (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.191 - Daybreak Game Company)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\{EAABE756-8A47-440F-AAC7-2F6BFF589169}) (Version: 6.0 - Black Box)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Waves Central V1.0.2.2 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.3 - Waves)
WinRAR 5.30 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0620CA7E-32B8-4D5F-8D88-EB47A8375AF3} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
Task: {1A1E8CCE-B569-471E-9F69-2A88B698BD50} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {1BE1AB6F-A4AA-4D0D-9807-DAB1A0B67601} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.)
Task: {42C13DF3-4B7C-4AE6-A9FB-0DD087ABFB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.)
Task: {B48B1132-3DBD-435B-8F50-060DF426D2C4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-04 09:59 - 2016-02-06 09:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-10 11:05 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-01-10 11:05 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-01-10 11:05 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2016-01-10 11:05 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-01-10 11:05 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-01-10 11:05 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-01-10 11:05 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-01-10 11:05 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-01-10 11:05 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-02-01 21:17 - 2016-02-01 21:17 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.5\log4cplusU.dll
2016-02-10 21:16 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 21:16 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1323012160-659710808-212240714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\KHudzi\Downloads\planets-wide.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Raptr"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{20F5D01C-AEBE-4AE7-99A9-033FFD5DC925}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{17AC8184-20E7-43CD-A85C-0F461DF49B8D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7E5D1930-477F-4E8E-A8CD-AF3029210702}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8B195E5C-DEEF-46BD-AFB4-36138ABB6F45}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{4278FACE-CD81-4767-BDA4-F7F9B7E6CB29}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{2A5A2907-592F-4070-9C54-C41704E0BE3F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{33066E79-807D-4AEE-967E-EF3B31D3DFD5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A4920E15-50D9-4D60-9B0E-53915A4E1CA0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{619FCD7F-CA9B-4CA1-9958-CB6DE705A9FF}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1CC9009-3183-4269-BA08-A96E2978C5F5}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23D51743-DA76-41D8-B600-B570E146F312}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03B513F8-9735-43DB-8509-2627957376FF}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{034AD6A7-A6F9-45C2-81B2-E0EF98C9E695}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A42B51A-8843-43B2-8A9E-BCFDDFE668F2}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{DE3D4597-DD14-4271-AC9F-811D2699868E}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Allow) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [UDP Query User{A42C518B-E82E-42FD-9A2D-C80AB36690D7}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Allow) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [TCP Query User{3386DD8D-819D-4C73-B8F3-E4A1E656DCB5}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Block) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [UDP Query User{CA74471D-13F6-46F5-9835-2BF30F51F598}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Block) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [{0FB56A78-293E-44D3-AC23-A1365BE84218}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8EFCB2F7-5C68-4975-94BE-FDC24D22C4D0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9817424C-FE04-4859-BC71-A49E8B3FD839}] => (Allow) LPort=1688
FirewallRules: [{8BD73C82-E9AC-4726-9D06-14B5FEC9F9FE}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{C218F1F9-E0FB-4137-A0FF-92C3E0710E0F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{B8DEC66B-A266-4A73-BF24-A6B5F1EECE9F}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{DE31FBD3-A9F8-428A-836A-1DF3828A1F58}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [TCP Query User{136895F9-16D4-4786-963F-00C7302253BD}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [UDP Query User{386B351A-B7CB-40EA-B8E7-414F16C7C491}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [TCP Query User{BCC58342-A8E0-4A68-B702-9FEE794AA215}C:\program files (x86)\total war rome ii - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{C712025E-EE55-43A6-88A8-E3E9ACC2E923}C:\program files (x86)\total war rome ii - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{6120AE25-31B8-4094-AE79-6612625B8219}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5D5CDE12-90E6-4FA6-A71B-58DD7BAD4799}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A4BD6790-8896-4DB0-913E-7E04D240BD71}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6A9FDBE9-2C2F-4CED-B5B8-F353916DE42A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{654CDE8D-045A-44BE-B799-26E17656B193}C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{419817BF-29AC-440D-8B81-C9C54C8A021E}C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe
FirewallRules: [{5802C14F-2694-4A00-B905-2C5FF5A5C8D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A71BF597-CDCB-4401-8065-80CFC6D5169B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03433AEB-BA9B-4897-8A4E-7FAC39B106B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3E182E98-E352-40D8-A0C9-5A3A8CF232B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{519613D4-5BD7-4760-A642-E5BB7938ADC1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9B080102-B1C7-4766-89D0-A61CAFB0A88C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0C12AC95-EAEF-4917-BA46-A8AED96F275A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{508D5200-3F9B-43DC-8A88-871B93C667C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{050E4C95-5406-473A-98A5-D10FFF8BD045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{5CFCB738-BEBD-46FA-B29D-F4733ABA0725}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{64253C5B-7491-4719-AE98-EB4A0EE03393}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{1AD7E85C-2541-4941-80AB-44114AA37DB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{FCAF9120-7606-4ED2-A6DD-4A07F774CBC5}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [UDP Query User{85BFE613-21D9-4A71-B876-AD7369E6754A}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [TCP Query User{207417DC-D412-4177-93E1-33F8A807209F}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{1DE45DA4-CD8C-4CAE-907B-3096EE4254D4}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{93F56052-D7B7-4678-9908-4C237F9507C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{EF777044-90CB-48A7-83AB-51DAE6A58E89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{4CEF3733-B5B3-4DF3-B5FB-2806829AFDF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{1F4D3170-2742-4DDF-8776-6BB7C78A6BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{1BDB1B1A-DBD7-4E9F-BEC2-EEF7638CAF6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{158AEA18-F090-485B-8E04-6EC185560797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{D0D5FE01-DC58-4DE9-9BAE-BE541AA7A01B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{2FDDE667-1BE0-4506-9992-7DC5F18FFA15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{F42D3432-5D75-4523-822E-CA58AECC1039}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{FC5B1096-57CE-4DAD-BBC5-967D74A1520E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{D8EA1EF6-05B4-42EF-8056-971D34A97DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{82D26A34-5623-4FA4-9089-73847643BD5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{C9C44F7D-A7F0-42BA-B4AE-AC861B1295A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{9FD381A2-45D5-4D30-AE49-498BD21CDEB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{D8F55BFC-0441-45B3-BA9C-733F519C277D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F33214F9-0B6B-459E-AB4B-A7564D00264E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3A9C3011-36E2-4615-B0C3-3EF8CA03C8E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E8BC9CED-1A24-4068-92CF-208B33BA6A8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D349586-3156-48F7-B80C-CA9849CA563D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B3F7DCDB-DA27-49D3-A065-ACB73245662F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2D0DCAB1-1747-4230-9558-9DC72AAC93DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{94B27C4F-999F-4EC8-BCDB-320519C374FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{23B13BDA-CC46-445F-AC22-A7A5AFB71F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F3742C91-8878-4758-A5C9-DD80D6BCE63F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{627556DC-E502-4FF8-AB2D-08FFF65EA05B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E1C29F8C-D14E-4472-ACF4-D9DDBEAC2B72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{394FF988-751E-4BEA-9BBF-FC66291E0DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{5B145EEA-2D1D-44A5-922C-CF91777054A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{8F33F664-F853-4C75-9230-0DF6EFDED638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7FC50B89-FB88-43FB-ACEE-0680A003F067}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{32C5C2F3-E40A-4794-84D5-147D3DE2C8CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{769E0E6D-373D-46FC-89FC-C1A057D2EAE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E1C2F3CF-4F02-4E0D-94C1-EBEEA0A38F6C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4AE2A03A-915C-4F4D-813A-30009C654B45}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BFC64282-E3A6-4385-846A-CF6D0021FD12}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

06-02-2016 09:55:34 Installed DirectX
08-02-2016 20:32:12 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
08-02-2016 20:33:02 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/13/2016 01:09:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/13/2016 12:58:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ff9a09d0668
Faulting process id: 0x840
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/13/2016 12:54:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/13/2016 11:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe85bd0668
Faulting process id: 0xc74
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/12/2016 06:06:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffd1ad40668
Faulting process id: 0xb20
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/12/2016 05:51:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007fff3afa0668
Faulting process id: 0xc28
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/11/2016 05:12:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe3bd40668
Faulting process id: 0xb40
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/11/2016 05:11:14 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 12:38:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 11:30:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffaac140668
Faulting process id: 0xc60
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5


System errors:
=============
Error: (02/13/2016 01:23:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Avira System Speedup service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/13/2016 01:21:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater40.2.5 service failed to start due to the following error: 
%%2

Error: (02/13/2016 01:21:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
%%2

Error: (02/13/2016 01:21:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/13/2016 01:21:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WtuSystemSupport service failed to start due to the following error: 
%%2

Error: (02/13/2016 01:19:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

Error: (02/13/2016 01:14:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgsvc service.

Error: (02/13/2016 01:13:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater40.2.5 service failed to start due to the following error: 
%%2

Error: (02/13/2016 01:13:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
%%2

Error: (02/13/2016 01:13:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126


CodeIntegrity:
===================================
  Date: 2016-02-13 13:01:49.785
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:48.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:38.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:37.871
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:37.761
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:37.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 12:58:35.828
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 12:58:34.812
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 12:58:34.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:32.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8119.99 MB
Available physical RAM: 5757.89 MB
Total Virtual: 9399.99 MB
Available Virtual: 6534.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931 GB) (Free:605.92 GB) NTFS
Drive e: (PVE) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0972DD4A)

Partition: GPT.

==================== End of Addition.txt ============================

--- --- ---

--- --- ---

--- --- ---

Was für ein antivirenprogramm soll ich nun istallieren ?

cosinus · 13.02.2016, 13:56

Jetzt garnicht. Ich schrieb doch, dass wir uns darum kümmern wenn wir durch sind.

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

KHudzi · 13.02.2016, 14:37

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.13.02
  rootkit: v2016.02.08.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18053
KHudzi :: TRAPSTATION [administrator]

13.02.2016 14:21:20
mbar-log-2016-02-13 (14-21-20).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 339874
Time elapsed: 13 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

beim ersten scan hat es nur eine maleware angezeigt, welche erfolgreich entfernt werden konnte

cosinus · 14.02.2016, 10:06

Du sollst auch das Log mit dem Fund posten und nicht nur das ohne Funde

KHudzi · 14.02.2016, 10:09

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.13.02
  rootkit: v2016.02.08.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18053
KHudzi :: TRAPSTATION [administrator]

13.02.2016 14:04:09
mbar-log-2016-02-13 (14-04-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 340085
Time elapsed: 12 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\Cod 4\key-generator.exe (CrackTool.Agent) -> Delete on reboot. [65d1461acfcac0765ae611563ec3d030]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 14.02.2016, 10:43

Zitat:

C:\Program Files (x86)\Cod 4\key-generator.exe (CrackTool.Agent)

Das wäre dann jetzt die 2. Ermahnung zu Cracks und Keygens

KHudzi · 14.02.2016, 11:01

der keygen war auch die maleware die das programm auch erfolgreich entfernt hat.
Mein pc ist seit dem zweiten scan also keygen frei.
Ich kann gerne noch einen dritten scan starten und ihn dir schicken, falls du mir nicht glauben solltest

cosinus · 14.02.2016, 11:08

Das Spiel, das du damit gecrackt hast, ist aber immer noch installiert.

Zitat:

Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward)

KHudzi · 14.02.2016, 11:19

Ehm, modern warfare 2 habe ich letze woche bei steam gekauft

Zitat:

Hallo khudzi,
Vielen Dank für Ihre kürzlich getätigte Transaktion auf Steam.
Die unten aufgeführten Artikel wurden Ihrer Steam-Bibliothek hinzugefügt.
Falls Sie neu bei Steam sind, können Sie die Steam-Anwendung hier kostenlos herunterladen.

Call of Duty®: Modern Warfare® 2
Zwischensumme (ohne MwSt.): 8,39€
MwSt. (19%): 1,60€
Summe: 9,99€
Accountname: khudzi Zwischensumme (ohne MwSt.): 8,39€
Rechnung: 646633430687079544 MwSt. (19%): 1,60€
Auftragsdatum: 6. Feb. 2016 um 22:32 Uhr CET Summe: 9,99€
Diese Bestellung wurde mit folgender IP-Adresse abgeschickt:
93.196.244.24
Oberwinkling, Bayern
Deutschland
Valve Corporation
PO Box 1688
Bellevue, WA 98009
United States
VAT ID: EU826000671

Bitte beachten Sie, dass dies keine Rücksendeadresse ist.
Accountname: khudzi Ihre Summe für diese Transaktion: 9,99€
Zahlungsmethode: Sofortueberweisung
Diese E-Mail dient als Ihre Einkaufsbestätigung. Sie können Ihren Einkaufsverlauf jederzeit einsehen.
Für viele Produkte auf Steam sind Rückerstattungen und/oder Rücksendungen möglich. Erfahren Sie hier mehr über Rückerstattungen bei Steam oder erstellen Sie hier eine Rückerstattungsanfrage.
Das Steam-Supportteam
hxxp://help.steampowered.com

das ist die bestätigungs mail die ich erhalten habe

Ich kann sie dir auch weiterleiten, wenn du mir deine email adresse hinterlegst

cosinus · 14.02.2016, 11:20

ok

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

KHudzi · 14.02.2016, 11:54

Code:

ATTFilter

# AdwCleaner v5.033 - Logfile created 14/02/2016 at 11:27:22
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : KHudzi - TRAPSTATION
# Running from : C:\Users\KHudzi\Downloads\AdwCleaner_5.033.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.2.5

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\Users\KHudzi\AppData\Local\YSearchUtil
[-] Folder Deleted : C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Files ] *****

[-] File Deleted : C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\Extensions\Avg@toolbar.xpi
[-] File Deleted : C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\searchplugins\avg-secure-search.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://start.iminent.com/?appId=FB073E03-98B2-46AB-9A23-748D7E4EF4DE
[-] [C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://istart.webssearches.com/?type=hp&ts=1396010274&from=tugs&uid=ST9500325AS_6VEE8DW9XXXX6VEE8DW9
[-] [C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : npdicihegicnhaangkdmcgbjceoemeoo
[-] [C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://start.iminent.com/?appId=FB073E03-98B2-46AB-9A23-748D7E4EF4DE

*************************

:: "Tracing" keys removed
:: Proxy settings cleared
:: Winsock settings cleared
:: Chrome policies deleted

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5994 bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 8.1 Pro x64 
Ran by KHudzi (Administrator) on 14.02.2016 at 11:34:01,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\Users\KHudzi\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File) 
Successfully deleted: C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File) 
Successfully deleted: C:\Windows\system32\Tasks\Avira System Speedup Tray (Task)



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E488E95AD6A24822E6C7E7988CBC3F32 (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.02.2016 at 11:35:34,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by KHudzi (administrator) on TRAPSTATION (14-02-2016 11:51:38)
Running from C:\Users\KHudzi\Desktop
Loaded Profiles: KHudzi (Available Profiles: KHudzi)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MsmqIntCert] => "C:\Windows\System32\regsvr32.exe" /s "C:\Windows\System32\mqrt.dll"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Raptr] => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.Core.Common.Starter.exe
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [366904 2015-10-08] (Power Software Ltd)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\MountPoints2: {f7f0a94e-7f23-11e5-824b-806e6f6e6963} - "E:\Setup\PVESetup.exe" 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4E61EAC7-E7C9-4F41-89DD-6FAF2C1C176F}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1323012160-659710808-212240714-1001 -> {097E403F-E328-457C-9B70-1F1C2F2DC8FF} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1323012160-659710808-212240714-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-06] ()
FF Extension: Avira Browser Safety - C:\Users\KHudzi\AppData\Roaming\Mozilla\Firefox\Profiles\8gGZQPUk.default\Extensions\abs@avira.com [2015-11-08] [not signed]

Chrome: 
=======
CHR Profile: C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-02]
CHR Extension: (Google Docs) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02]
CHR Extension: (Google Drive) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Adblock Plus) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Google-Suche) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Google Tabellen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02]
CHR Extension: (Google Mail) - C:\Users\KHudzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02]
CHR Extension: (convert2mp3.net Online Video Converter) - C:\Users\KHudzi\Documents\convert2mp3_video_converter_2.4 [2014-12-18] [UpdateUrl: hxxp://convert2mp3.net/misc/chrome_update.xml] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-11-17] (Advanced Micro Devices) [File not signed]
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2016-01-26] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [168448 2016-01-26] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-06] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
S2 SpeedupService; "C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.SpeedupService.exe" [X]
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2015-11-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                           )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 11:51 - 2016-02-14 11:52 - 00010835 _____ C:\Users\KHudzi\Desktop\FRST.txt
2016-02-14 11:35 - 2016-02-14 11:35 - 00001169 _____ C:\Users\KHudzi\Desktop\JRT.txt
2016-02-14 11:33 - 2016-02-14 11:33 - 01609032 _____ (Malwarebytes) C:\Users\KHudzi\Downloads\JRT.exe
2016-02-14 11:24 - 2016-02-14 11:27 - 00000000 ____D C:\AdwCleaner
2016-02-14 11:23 - 2016-02-14 11:23 - 01508352 _____ C:\Users\KHudzi\Downloads\AdwCleaner_5.033.exe
2016-02-14 00:39 - 2016-02-14 00:39 - 00004402 _____ C:\Users\KHudzi\Downloads\freddy.mid
2016-02-14 00:22 - 2016-02-14 00:22 - 00016969 _____ C:\Users\KHudzi\Downloads\03F!Chopin=_Funeral_March (1).mid
2016-02-14 00:20 - 2016-02-14 00:20 - 00012227 _____ C:\Users\KHudzi\Downloads\06J!Brahms=_Hungarian_Dance.mid
2016-02-14 00:18 - 2016-02-14 00:18 - 00024795 _____ C:\Users\KHudzi\Downloads\05C!Saint-Saens=_Danse_Macabre_-_excerpt.mid
2016-02-14 00:17 - 2016-02-14 00:17 - 00017099 _____ C:\Users\KHudzi\Downloads\03F!Chopin=_Funeral_March.mid
2016-02-14 00:16 - 2016-02-14 00:16 - 00031937 _____ C:\Users\KHudzi\Downloads\02J!S!Bach=_Toccata_and_Fugue.mid
2016-02-14 00:16 - 2016-02-14 00:16 - 00007409 _____ C:\Users\KHudzi\Downloads\01F!Ferrari=_Halloween_Night.mid
2016-02-14 00:07 - 2016-02-14 00:07 - 01198512 _____ C:\Users\KHudzi\Downloads\Free FLP.rar
2016-02-14 00:04 - 2016-02-14 00:04 - 00073508 _____ C:\Users\KHudzi\Downloads\VegardE Sad Piano Melody [Free FLP].flp
2016-02-13 18:48 - 2016-02-13 18:48 - 03926978 _____ C:\Users\KHudzi\Desktop\differenceII808mafiaexp.rar
2016-02-13 18:46 - 2016-02-13 19:36 - 03818737 _____ C:\Users\KHudzi\Desktop\Difference II.zip
2016-02-13 16:49 - 2016-02-13 16:49 - 00039536 _____ C:\Users\KHudzi\Desktop\Difference.zip
2016-02-13 15:55 - 2016-02-13 15:55 - 05675156 _____ C:\Users\KHudzi\Desktop\Outlast.zip
2016-02-13 15:12 - 2016-02-13 15:12 - 00230703 _____ C:\Users\KHudzi\Downloads\widerrufsbelehrung.pdf
2016-02-13 14:04 - 2016-02-14 11:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-13 14:04 - 2016-02-13 14:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-13 14:04 - 2016-02-13 14:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-13 14:03 - 2016-02-13 14:35 - 00000000 ____D C:\Users\KHudzi\Desktop\mbar
2016-02-13 14:03 - 2016-02-13 14:20 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-13 14:02 - 2016-02-13 14:02 - 16563352 _____ (Malwarebytes Corp.) C:\Users\KHudzi\Downloads\mbar-1.09.3.1001.exe
2016-02-13 13:11 - 2016-02-13 13:11 - 03948148 _____ C:\Users\KHudzi\Downloads\avg_remover_stf_x16_7134.zip
2016-02-13 11:21 - 2016-02-13 11:22 - 00043720 _____ C:\Users\KHudzi\Downloads\Addition.txt
2016-02-13 11:20 - 2016-02-14 11:51 - 00000000 ____D C:\FRST
2016-02-13 11:20 - 2016-02-13 13:41 - 00048635 _____ C:\Users\KHudzi\Downloads\FRST.txt
2016-02-13 11:19 - 2016-02-13 11:20 - 02370560 _____ (Farbar) C:\Users\KHudzi\Desktop\FRST64.exe
2016-02-11 20:27 - 2016-02-11 20:27 - 00000000 ____D C:\Users\KHudzi\Documents\Addictive Keys
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Users\KHudzi\Documents\Addictive Keys Logs
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Addictive Keys
2016-02-11 20:20 - 2016-02-11 20:20 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-11 20:16 - 2016-02-11 20:16 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2016-02-11 20:16 - 2016-02-11 20:16 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-02-11 20:16 - 2016-02-11 20:16 - 00001257 _____ C:\Users\KHudzi\Desktop\Addictive Keys.lnk
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\ProgramData\XLN Audio
2016-02-11 20:16 - 2016-02-11 20:16 - 00000000 ____D C:\Program Files (x86)\XLN Audio
2016-02-10 18:05 - 2016-02-10 18:05 - 00000222 _____ C:\Users\KHudzi\Desktop\Outlast.url
2016-02-10 17:37 - 2016-02-10 17:37 - 00056200 _____ C:\Users\KHudzi\Downloads\steam_api.zip
2016-02-10 14:06 - 2016-02-10 14:06 - 69124453 _____ C:\Users\KHudzi\Downloads\VoxengoDrumServiceCymbals.rar
2016-02-09 19:36 - 2016-02-10 12:16 - 02979845 _____ C:\Users\KHudzi\Downloads\Dark mean piano 2.zip
2016-02-09 11:38 - 2016-02-09 11:38 - 00107111 _____ C:\Users\KHudzi\Downloads\Hold On - Gangsta Rap Beat, Future Style French Mobntana, Tyga Type Instrumental (1).zip
2016-02-09 11:37 - 2016-02-09 11:37 - 06196957 _____ C:\Users\KHudzi\Downloads\monter.zip
2016-02-09 11:37 - 2016-02-09 11:37 - 00107111 _____ C:\Users\KHudzi\Downloads\Hold On - Gangsta Rap Beat, Future Style French Mobntana, Tyga Type Instrumental.zip
2016-02-09 11:36 - 2016-02-09 11:36 - 06196957 _____ C:\Users\KHudzi\Desktop\monter.zip
2016-02-09 10:32 - 2016-02-12 23:39 - 00000000 ____D C:\Users\KHudzi\Desktop\physik
2016-02-09 10:04 - 2016-02-09 10:04 - 00508463 _____ C:\Users\KHudzi\Desktop\wintermadness.aep
2016-02-08 23:21 - 2016-02-11 20:01 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\uTorrent
2016-02-08 21:39 - 2016-02-08 21:39 - 10189368 _____ (Igor Pavlov) C:\Users\KHudzi\Downloads\esXP.exe
2016-02-08 21:10 - 2016-02-09 09:34 - 00000000 ____D C:\Users\KHudzi\Documents\Adobe
2016-02-08 20:39 - 2016-02-08 20:39 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk
2016-02-08 20:39 - 2016-02-08 20:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-02-08 20:37 - 2016-02-08 20:37 - 00001348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk
2016-02-08 20:35 - 2016-02-08 20:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-02-08 20:35 - 2016-02-08 20:38 - 00000000 ____D C:\Program Files\Adobe
2016-02-08 20:33 - 2016-02-08 20:33 - 00001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-02-08 20:33 - 2016-02-08 20:33 - 00001546 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-02-08 20:30 - 2016-02-08 21:11 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Adobe
2016-02-08 20:30 - 2016-02-08 20:39 - 00000000 ____D C:\ProgramData\Adobe
2016-02-07 16:11 - 2016-02-07 16:12 - 113388660 _____ C:\Users\KHudzi\Downloads\mw2patch.rar
2016-02-07 14:20 - 2016-02-07 14:20 - 00065336 _____ C:\Users\KHudzi\Downloads\MW2Unleashed@erikvargas.zip
2016-02-07 14:20 - 2009-11-14 18:18 - 00048640 _____ (Ultimate Filez) C:\Users\KHudzi\Desktop\MW2_Unleashed.dll
2016-02-07 08:25 - 2016-02-08 21:12 - 00000000 ____D C:\Users\KHudzi\Desktop\tripp music
2016-02-06 22:35 - 2016-02-06 22:35 - 00000221 _____ C:\Users\KHudzi\Desktop\Call of Duty Modern Warfare 2.url
2016-02-06 22:35 - 2016-02-06 22:35 - 00000221 _____ C:\Users\KHudzi\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
2016-02-06 19:50 - 2016-02-06 19:50 - 05441776 _____ C:\Users\KHudzi\Downloads\FlyBeats - Jungle Drum Kit.rar
2016-02-06 10:00 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-06 10:00 - 2016-02-06 10:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-06 09:59 - 2016-02-06 09:59 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-06 09:59 - 2016-02-06 09:59 - 00000000 ____D C:\Program Files\MSBuild
2016-02-06 09:57 - 2016-02-06 11:34 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Ubisoft Game Launcher
2016-02-06 09:57 - 2016-02-06 09:57 - 00001217 _____ C:\Users\KHudzi\Desktop\Uplay.lnk
2016-02-06 09:57 - 2016-02-06 09:57 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-06 09:57 - 2016-02-06 09:57 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-02-06 09:57 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-02-06 09:57 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-06 09:57 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-02-06 08:07 - 2016-02-06 08:07 - 00000222 _____ C:\Users\KHudzi\Desktop\Far Cry 3.url
2016-02-06 07:59 - 2016-02-06 08:00 - 00000000 ____D C:\Users\KHudzi\Desktop\Future - EVOL
2016-02-06 07:57 - 2016-02-06 07:58 - 87947373 _____ C:\Users\KHudzi\Downloads\Future - EVOL .zip
2016-02-05 18:17 - 2016-02-05 18:17 - 00090564 _____ C:\Users\KHudzi\Downloads\1058-Cop Car Siren-SoundBible.com-1231381021.zip
2016-02-05 16:51 - 2016-02-05 16:52 - 08900138 _____ C:\Users\KHudzi\Downloads\ANKA DRUMS.zip
2016-02-04 19:33 - 2016-02-04 19:33 - 00000222 _____ C:\Users\KHudzi\Desktop\Patch testing for Chivalry.url
2016-02-01 11:53 - 2016-02-01 11:53 - 00079108 _____ C:\Users\KHudzi\Downloads\Selbstauskunft Lederergasse.pdf
2016-01-31 20:01 - 2016-01-31 20:01 - 00012857 _____ C:\Users\KHudzi\Downloads\Eisen.be
2016-01-31 19:39 - 2016-01-31 19:39 - 00670266 _____ C:\Users\KHudzi\Downloads\Eisen und Chrom (1).pdf
2016-01-31 19:32 - 2016-02-01 21:56 - 00005183 _____ C:\Users\KHudzi\Downloads\Nickel.be
2016-01-31 19:15 - 2016-01-31 19:15 - 00670266 _____ C:\Users\KHudzi\Downloads\Eisen und Chrom.pdf
2016-01-31 19:15 - 2016-01-31 19:15 - 00476852 _____ C:\Users\KHudzi\Downloads\Nickel.pdf
2016-01-30 21:43 - 2016-01-30 21:43 - 32590375 _____ C:\Users\KHudzi\Downloads\FUTURE _Bye Bye_ Prod by Zaytoven.mp4
2016-01-28 20:37 - 2016-01-28 20:37 - 49638803 _____ C:\Users\KHudzi\Desktop\Dark Objects.zip
2016-01-27 17:18 - 2016-01-27 17:18 - 01207871 _____ C:\Users\KHudzi\Downloads\Calcium.pdf
2016-01-27 17:18 - 2016-01-27 17:18 - 00737989 _____ C:\Users\KHudzi\Downloads\Arsen und Kupfer.pdf
2016-01-27 14:58 - 2016-01-27 14:58 - 01314496 _____ C:\Users\KHudzi\Downloads\Vorlesung_09_11_2015.pdf
2016-01-27 14:40 - 2016-01-27 14:40 - 00171119 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_Vorlesung04_02_11_2015.pdf
2016-01-27 14:38 - 2016-01-27 14:38 - 01068004 _____ C:\Users\KHudzi\Downloads\Vorlesung03_26_10_15.pdf
2016-01-27 14:37 - 2016-01-27 14:37 - 01642521 _____ C:\Users\KHudzi\Downloads\Allgememeine_Chemie02_19_10_2015 (1).pdf
2016-01-27 13:27 - 2016-01-27 13:27 - 00404606 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_18_01_2016.pdf
2016-01-27 12:18 - 2016-01-27 12:18 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid (2).pdf
2016-01-27 11:44 - 2016-01-27 11:44 - 08547811 _____ C:\Users\KHudzi\Downloads\Linie43Haltestellenfahrplanab15.09.2014.pdf
2016-01-27 10:54 - 2016-01-27 10:54 - 00000000 ____D C:\Users\KHudzi\Documents\massive preset
2016-01-27 10:04 - 2016-01-27 10:04 - 00162067 _____ C:\Users\KHudzi\Downloads\GTuneWin32.zip
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\system32\msmq
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\Windows\system32\BestPractices
2016-01-26 20:44 - 2016-01-26 20:44 - 00000000 ____D C:\inetpub
2016-01-26 18:12 - 2016-01-26 18:12 - 00192426 _____ C:\Users\KHudzi\Downloads\Übungsaufgaben.pdf
2016-01-26 18:12 - 2016-01-26 18:12 - 00033752 _____ C:\Users\KHudzi\Downloads\VDW Kritischer Punkt.mw
2016-01-26 18:11 - 2016-01-26 18:11 - 00018378 _____ C:\Users\KHudzi\Downloads\Literatur.pdf
2016-01-26 17:54 - 2016-01-26 17:54 - 03075362 _____ C:\Users\KHudzi\Downloads\AC PCTeil K 5.pdf
2016-01-26 17:01 - 2016-01-26 17:01 - 05351863 _____ C:\Users\KHudzi\Downloads\AC PCTeil K1-4.pdf
2016-01-25 16:49 - 2016-01-25 16:49 - 00054358 _____ C:\Users\KHudzi\Downloads\Allgemeine_Chemie_25_01_2016.pdf
2016-01-25 16:47 - 2016-01-25 16:47 - 00038830 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen III.pdf
2016-01-25 16:47 - 2016-01-25 16:47 - 00038830 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen III (1).pdf
2016-01-25 16:28 - 2016-01-25 16:28 - 06977250 _____ C:\Users\KHudzi\Downloads\Ex-VL 6.pdf
2016-01-25 16:28 - 2016-01-25 16:28 - 00145983 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen II.pdf
2016-01-25 16:27 - 2016-01-25 16:27 - 05843177 _____ C:\Users\KHudzi\Downloads\Ex-VL 5.pdf
2016-01-25 16:23 - 2016-01-25 16:23 - 04372620 _____ C:\Users\KHudzi\Downloads\Ex-VL 4 (2).pdf
2016-01-25 16:23 - 2016-01-25 16:23 - 01659659 _____ C:\Users\KHudzi\Downloads\Ex-VL 2 (1).pdf
2016-01-25 16:17 - 2016-01-25 16:17 - 04372620 _____ C:\Users\KHudzi\Downloads\Ex-VL 4 (1).pdf
2016-01-25 16:17 - 2016-01-25 16:17 - 00812625 _____ C:\Users\KHudzi\Downloads\Ex-VL 1.pdf
2016-01-25 16:14 - 2016-01-25 16:14 - 00329737 _____ C:\Users\KHudzi\Downloads\WS2012-13_Lösungen.pdf
2016-01-25 16:14 - 2016-01-25 16:14 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh (2).pdf
2016-01-25 14:35 - 2016-01-25 14:35 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13 (2).pdf
2016-01-25 14:25 - 2016-01-25 14:25 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh (1).pdf
2016-01-25 14:00 - 2016-01-25 14:00 - 00025834 _____ C:\Users\KHudzi\Downloads\myLectureseb976523-1bc6-4af1-a5f1-e8e7effc47f1.pdf
2016-01-25 11:27 - 2016-02-13 14:20 - 00000000 ____D C:\Users\KHudzi\Desktop\Omnisphere 2 Keygen.app
2016-01-25 10:19 - 2016-01-25 10:19 - 00001019 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\PowerISO
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2016-01-25 10:19 - 2016-01-25 10:19 - 00000000 ____D C:\Program Files (x86)\PowerISO
2016-01-25 10:19 - 2015-10-08 08:00 - 00127760 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2016-01-25 10:18 - 2016-01-25 22:28 - 12582912 _____ C:\Users\KHudzi\Downloads\PowerISO6.vhdx
2016-01-25 10:14 - 2016-01-25 10:14 - 00001146 _____ C:\Users\KHudzi\Desktop\DMG Extractor.lnk
2016-01-25 10:14 - 2016-01-25 10:14 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Reincubate
2016-01-25 10:14 - 2016-01-25 10:14 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2016-01-24 15:34 - 2016-01-24 15:34 - 01768809 _____ C:\Users\KHudzi\Downloads\Ergänzungsfolien_MO-Theorie, Phosphor, Schwefel, Übungsaufgabe 6.2.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00505495 _____ C:\Users\KHudzi\Downloads\WS2014-15-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00436032 _____ C:\Users\KHudzi\Downloads\WS2013-14 (1).pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00400952 _____ C:\Users\KHudzi\Downloads\WS2013-14-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13 (1).pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00314734 _____ C:\Users\KHudzi\Downloads\WS2012-13-Wdh.pdf
2016-01-24 15:21 - 2016-01-24 15:21 - 00107989 _____ C:\Users\KHudzi\Downloads\WS2011-12-Wdh.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 04428434 _____ C:\Users\KHudzi\Downloads\Kap_5.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 03665505 _____ C:\Users\KHudzi\Downloads\Kap_3 (2).pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 02989399 _____ C:\Users\KHudzi\Downloads\Kap_6.pdf
2016-01-24 14:47 - 2016-01-24 14:47 - 01825057 _____ C:\Users\KHudzi\Downloads\Kap_4.pdf
2016-01-24 14:30 - 2016-01-24 14:30 - 00478649 _____ C:\Users\KHudzi\Downloads\WS2014-15_Lösungen.pdf
2016-01-24 14:28 - 2016-01-24 14:28 - 00432363 _____ C:\Users\KHudzi\Downloads\WS2014-15 (1).pdf
2016-01-24 14:28 - 2016-01-24 14:28 - 00388501 _____ C:\Users\KHudzi\Downloads\WS2012-13.pdf
2016-01-24 14:18 - 2016-01-24 14:18 - 02638294 _____ C:\Users\KHudzi\Downloads\Kap_2.pdf
2016-01-24 14:17 - 2016-01-24 14:17 - 00553541 _____ C:\Users\KHudzi\Downloads\Folie_ACAn_Tut-1 (1).pdf
2016-01-24 13:46 - 2016-01-24 13:46 - 03150217 _____ C:\Users\KHudzi\Downloads\Kap_1.pdf
2016-01-24 13:12 - 2016-01-24 13:12 - 00000000 ____D C:\Users\KHudzi\Downloads\midi
2016-01-24 13:08 - 2016-01-24 13:08 - 00000000 _____ C:\Users\KHudzi\Desktop\klausur.txt
2016-01-24 01:15 - 2016-01-31 09:36 - 02330035 _____ C:\Users\KHudzi\Downloads\Mozart 40 Symphony.flp
2016-01-23 22:12 - 2016-01-24 14:11 - 02288270 _____ C:\Users\KHudzi\Downloads\VaNDinA - Mozart Symphony 40.flp
2016-01-23 21:51 - 2016-01-23 21:51 - 00058979 _____ C:\Users\KHudzi\Downloads\SwedishRhapsodyPolka-HB0174.mid
2016-01-23 21:51 - 2016-01-23 21:51 - 00046362 _____ C:\Users\KHudzi\Downloads\SwedishRhapsody-RM022k.mid
2016-01-22 16:45 - 2016-01-22 16:45 - 00014189 _____ C:\Users\KHudzi\Downloads\stronghold-crusader-2-multi8pcdvdcodexwwwgamestorrentsco..torrent
2016-01-21 19:34 - 2016-01-21 19:34 - 00010295 _____ C:\Users\KHudzi\Downloads\Calcium.be
2016-01-21 19:34 - 2016-01-21 19:34 - 00009898 _____ C:\Users\KHudzi\Downloads\Arsenkupfer.be
2016-01-20 19:20 - 2016-01-20 19:20 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Avira
2016-01-19 19:17 - 2016-01-19 19:17 - 00000000 ____D C:\Users\KHudzi\AppData\Local\AviraSpeedup
2016-01-19 19:16 - 2016-01-22 15:07 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-01-18 22:51 - 2014-02-25 21:03 - 00000000 ____D C:\Users\KHudzi\Downloads\Migos - No Label 2 (DatPiff.com)
2016-01-18 22:51 - 2013-10-01 12:39 - 00000000 ____D C:\Users\KHudzi\Downloads\Migos  Rich The Kid - Streets On Lock 2 (DatPiff.com)
2016-01-18 20:35 - 2016-01-18 20:35 - 18900044 _____ C:\Users\KHudzi\Downloads\150017__klankbeeld__horror-kids-02.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 19355502 _____ C:\Users\KHudzi\Downloads\193692__xdimebagx__atmosphere-horror-1-loop.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 14971372 _____ C:\Users\KHudzi\Downloads\22039__erdie__breathe.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 03289192 _____ C:\Users\KHudzi\Downloads\9695__suonho__suonho-scaryscape-01.wav
2016-01-18 20:34 - 2016-01-18 20:35 - 02352034 _____ C:\Users\KHudzi\Downloads\171078__klankbeeld__horror-scream-woman-long.wav
2016-01-18 20:34 - 2016-01-18 20:34 - 01941056 _____ C:\Users\KHudzi\Downloads\60571__gabemiller74__breathofdeath.aif
2016-01-18 20:34 - 2016-01-18 20:34 - 01339520 _____ C:\Users\KHudzi\Downloads\126113__klankbeeld__laugh.wav
2016-01-18 20:34 - 2016-01-18 20:34 - 00394508 _____ C:\Users\KHudzi\Downloads\168777__robinhood76__03792-children-screaming.wav
2016-01-18 20:32 - 2016-01-18 20:34 - 29140530 _____ C:\Users\KHudzi\Downloads\333011__michael-kur95__monster-01.wav
2016-01-18 20:32 - 2016-01-18 20:32 - 00182262 _____ C:\Users\KHudzi\Downloads\333012__michael-kur95__jump-03.wav
2016-01-18 20:32 - 2016-01-18 20:32 - 00012332 _____ C:\Users\KHudzi\Downloads\333047__christopherderp__videogame-menu-button-clicking-sound-18.wav
2016-01-18 20:28 - 2016-01-18 20:29 - 09880036 _____ C:\Users\KHudzi\Downloads\333048__zagi2__possessed-accordion-intro.wav
2016-01-18 20:28 - 2016-01-18 20:28 - 01203008 _____ C:\Users\KHudzi\Downloads\333230__robinhood76__06264-holy-hour-trailer-punch.wav
2016-01-18 19:29 - 2016-01-18 19:29 - 01174335 _____ C:\Users\KHudzi\Desktop\#flp.rar
2016-01-18 19:29 - 2012-06-13 16:26 - 00080669 _____ C:\Users\KHudzi\Desktop\TUTORIAL BEAT.flp
2016-01-18 19:29 - 2000-12-03 02:01 - 00000662 _____ C:\Users\KHudzi\Desktop\BDB BELL4.fst
2016-01-18 18:05 - 2016-01-18 22:53 - 00008367 _____ C:\Users\KHudzi\Downloads\Mangan.be
2016-01-18 18:04 - 2016-01-18 18:04 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid (1).pdf
2016-01-18 18:04 - 2016-01-18 18:04 - 00315816 _____ C:\Users\KHudzi\Downloads\Mangan.pdf
2016-01-17 21:49 - 2016-01-31 10:13 - 01627457 _____ C:\Users\KHudzi\Downloads\ROOSTER IN MY RARI (BALLER03676).flp
2016-01-17 20:45 - 2016-01-17 21:37 - 01929951 _____ C:\Users\KHudzi\Downloads\Hate Bein Sober Instrumental (baller03676 remake).flp
2016-01-17 19:35 - 2016-01-17 19:35 - 00012965 _____ C:\Users\KHudzi\Downloads\Chlorid.be
2016-01-17 18:58 - 2016-01-17 18:58 - 01012265 _____ C:\Users\KHudzi\Downloads\Chlorid.pdf
2016-01-16 20:39 - 2016-01-16 20:39 - 00000000 ____D C:\Crash
2016-01-16 19:15 - 2016-01-16 19:16 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\Daybreak Game Company
2016-01-16 19:15 - 2016-01-16 19:15 - 00002465 _____ C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\Public\Daybreak Game Company
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\KHudzi\AppData\Local\SCE
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Users\KHudzi\AppData\Local\Daybreak Game Company
2016-01-16 19:14 - 2016-01-16 19:14 - 33097848 _____ C:\Users\KHudzi\Downloads\PS2_setup.exe
2016-01-16 18:30 - 2014-12-18 17:30 - 00000000 ____D C:\Users\KHudzi\Documents\convert2mp3_video_converter_2.4
2016-01-16 13:58 - 2016-01-16 13:58 - 06882502 _____ C:\Users\KHudzi\Downloads\AC PCTeil K 6 (1).pdf
2016-01-16 13:17 - 2016-01-16 13:17 - 00028672 _____ C:\Windows\SysWOW64\NSREG.DLL
2016-01-16 12:17 - 2016-01-16 12:19 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrainWave Generator.lnk
2016-01-16 12:17 - 2016-01-16 12:19 - 00000000 ____D C:\Program Files (x86)\BrainWave Generator
2016-01-16 12:17 - 2016-01-16 12:17 - 01207296 _____ C:\Users\KHudzi\Downloads\bwgen31.exe
2016-01-16 12:17 - 1997-11-19 15:49 - 00303616 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-01-16 11:59 - 2016-01-16 11:59 - 00150316 _____ C:\Users\KHudzi\Downloads\WS2011-12_Lösungen.pdf
2016-01-16 11:43 - 2016-01-16 11:43 - 00057485 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen I.pdf
2016-01-16 11:42 - 2016-01-16 11:42 - 00060741 _____ C:\Users\KHudzi\Downloads\Fragen und Übungen 0.pdf
2016-01-16 11:39 - 2016-01-16 11:39 - 00035854 _____ C:\Users\KHudzi\Downloads\WS2011-12.pdf
2016-01-16 11:35 - 2016-01-16 11:35 - 01642521 _____ C:\Users\KHudzi\Downloads\Allgememeine_Chemie02_19_10_2015.pdf
2016-01-16 10:18 - 2016-01-16 10:18 - 00000000 ____D C:\Users\KHudzi\AppData\LocalLow\Unity

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-14 11:35 - 2015-10-30 17:40 - 00915828 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-14 11:35 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-14 11:30 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\inetsrv
2016-02-14 11:29 - 2016-01-10 11:04 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-14 11:29 - 2015-11-02 13:58 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 11:28 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-14 11:27 - 2015-11-02 15:08 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-14 11:15 - 2015-11-02 13:58 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-14 09:09 - 2015-11-04 18:27 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-02-14 09:09 - 2015-11-04 09:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-02-14 08:40 - 2015-11-02 13:56 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{17AC85C5-86A9-4AB4-A299-ACEF01BCA66E}
2016-02-13 21:09 - 2015-11-04 09:59 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-02-13 14:17 - 2015-11-04 07:29 - 00000000 ____D C:\Program Files (x86)\Cod 4
2016-02-13 13:32 - 2015-10-30 17:55 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1323012160-659710808-212240714-1001
2016-02-13 13:20 - 2015-11-08 21:28 - 00000000 ____D C:\ProgramData\Avg
2016-02-13 13:18 - 2015-11-08 21:27 - 00000000 ____D C:\Users\KHudzi\AppData\Local\AvgSetupLog
2016-02-13 13:11 - 2015-11-08 21:32 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\AVG
2016-02-13 13:11 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-02-13 12:59 - 2015-11-08 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-13 12:59 - 2015-11-08 15:36 - 00000000 ____D C:\ProgramData\Avira
2016-02-13 12:59 - 2015-11-02 15:08 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-11 21:24 - 2015-11-04 07:38 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\uTorrent
2016-02-11 20:16 - 2015-11-02 10:31 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-02-11 17:09 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-11 12:38 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 12:38 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-11 11:33 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-02-11 00:59 - 2015-10-30 17:44 - 00000000 ____D C:\Users\KHudzi
2016-02-10 21:16 - 2015-11-02 13:58 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 21:16 - 2015-11-02 13:58 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 18:52 - 2015-11-02 13:42 - 00000000 ____D C:\Users\KHudzi\Documents\My Games
2016-02-10 18:05 - 2016-01-10 11:11 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-10 17:37 - 2015-11-11 15:50 - 00000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition
2016-02-10 14:08 - 2015-11-02 10:11 - 00000000 ____D C:\Users\KHudzi\Documents\1 Drumkits
2016-02-09 08:15 - 2013-08-22 15:44 - 05070072 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-08 21:11 - 2015-10-30 17:44 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Adobe
2016-02-06 23:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-06 11:30 - 2015-12-23 15:46 - 00000000 ____D C:\Users\KHudzi\AppData\Local\My Games
2016-02-06 10:33 - 2015-11-04 09:54 - 00000000 ____D C:\Users\KHudzi\AppData\Local\PunkBuster
2016-02-06 10:01 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-06 09:57 - 2015-11-04 09:59 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-02-02 20:10 - 2015-11-02 13:58 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 20:10 - 2015-11-02 13:58 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 21:17 - 2015-11-11 21:28 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-01-31 19:51 - 2015-12-07 18:12 - 00000000 ____D C:\Users\KHudzi\Documents\beryllium
2016-01-27 19:02 - 2015-11-11 13:57 - 00000000 ____D C:\Users\KHudzi\Desktop\New folder
2016-01-26 20:44 - 2015-11-04 09:30 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsec.dll
2016-01-26 20:44 - 2015-11-04 09:30 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqad.dll
2016-01-26 20:44 - 2015-11-04 09:30 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcmiplugin.dll
2016-01-26 20:44 - 2015-11-04 09:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqmigplugin.dll
2016-01-26 20:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-26 20:44 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mqoa30.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\mqoa20.tlb
2016-01-26 20:44 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mqoa10.tlb
2016-01-26 20:44 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mqac.sys
2016-01-26 20:44 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\mqutil.dll
2016-01-26 20:44 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\mqcertui.dll
2016-01-26 20:44 - 2013-08-22 11:51 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\mqtrig.dll
2016-01-26 20:44 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\mqrt.dll
2016-01-26 20:44 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\mqsnap.dll
2016-01-26 20:44 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\mqlogmgr.dll
2016-01-26 20:44 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa30.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa20.tlb
2016-01-26 20:44 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa10.tlb
2016-01-26 20:44 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqutil.dll
2016-01-26 20:44 - 2013-08-22 05:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoctrs.dll
2016-01-26 20:44 - 2013-08-22 05:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infoadmn.dll
2016-01-26 20:44 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqcertui.dll
2016-01-26 20:44 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqoa.dll
2016-01-26 20:44 - 2013-08-22 04:29 - 00165888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqtrig.dll
2016-01-26 20:44 - 2013-08-22 04:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqise.dll
2016-01-26 20:44 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqrt.dll
2016-01-26 20:44 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mqsnap.dll
2016-01-26 20:44 - 2013-08-22 00:55 - 00009096 _____ C:\Windows\SysWOW64\msmqtrc.mof
2016-01-26 20:43 - 2015-11-04 09:30 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\mqsec.dll
2016-01-26 20:43 - 2015-11-04 09:30 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\mqad.dll
2016-01-26 20:43 - 2015-11-04 09:28 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\mqcmiplugin.dll
2016-01-26 20:43 - 2015-11-04 09:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-01-26 20:43 - 2015-11-04 09:26 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\mqmigplugin.dll
2016-01-26 20:43 - 2015-11-04 09:25 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-01-26 20:43 - 2015-11-04 09:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-01-26 20:43 - 2015-11-04 09:23 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-01-26 20:43 - 2015-11-04 09:22 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-01-26 20:43 - 2015-11-04 09:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-01-26 20:43 - 2015-11-04 09:22 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-01-26 20:43 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\mqsvc.exe
2016-01-26 20:43 - 2013-08-22 12:32 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\infoctrs.dll
2016-01-26 20:43 - 2013-08-22 12:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\infoadmn.dll
2016-01-26 20:43 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\mqbkup.exe
2016-01-26 20:43 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\Windows\system32\mqoa.dll
2016-01-26 20:43 - 2013-08-22 11:41 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
2016-01-26 20:43 - 2013-08-22 11:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mqise.dll
2016-01-26 20:43 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\Windows\system32\mqqm.dll
2016-01-26 20:43 - 2013-08-22 07:59 - 00009096 _____ C:\Windows\system32\msmqtrc.mof
2016-01-25 15:47 - 2015-11-11 21:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-16 19:15 - 2015-11-11 16:07 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-01-16 19:15 - 2015-11-11 16:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-16 08:13 - 2015-11-02 15:09 - 00000000 ____D C:\Users\KHudzi\AppData\Roaming\Raptr

==================== Files in the root of some directories =======

2015-11-08 16:19 - 2011-09-17 14:00 - 52578120 _____ (Native Instruments GmbH) C:\Program Files (x86)\Massive - Copy.dll
2015-11-08 16:19 - 2011-09-17 14:00 - 52578120 _____ (Native Instruments GmbH) C:\Program Files (x86)\Massive.dll
2015-11-04 08:26 - 2009-10-23 23:00 - 5811712 _____ (reFX) C:\Program Files (x86)\Nexus.dll

Some files in TEMP:
====================
C:\Users\KHudzi\AppData\Local\Temp\avgnt.exe
C:\Users\KHudzi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-08 14:56

==================== End of FRST.txt ============================

Code:

ATTFilter

 Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by KHudzi (2016-02-14 11:52:19)
Running from C:\Users\KHudzi\Desktop
Windows 8.1 Pro (X64) (2015-10-30 16:44:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1323012160-659710808-212240714-500 - Administrator - Disabled)
Guest (S-1-5-21-1323012160-659710808-212240714-501 - Limited - Disabled)
KHudzi (S-1-5-21-1323012160-659710808-212240714-1001 - Administrator - Enabled) => C:\Users\KHudzi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
ACP Application (Version: 2015.1117.2341.12 - Advanced Micro Devices, Inc.) Hidden
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.5.441 - AVG Technologies)
BOSS Userlist Manager (HKLM-x32\...\{6E78AAAD-9BC0-4326-8DE4-03013C85CA92}) (Version: 6.8.0000 - Surazal)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
DMG Extractor (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DMG Extractor) (Version: 1.3.15.0 - Reincubate Ltd)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.174.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.0.1.1526 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Patch testing for Chivalry (HKLM-x32\...\Steam App 232210) (Version:  - )
PlanetSide 2 (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1323012160-659710808-212240714-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.191 - Daybreak Game Company)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\{EAABE756-8A47-440F-AAC7-2F6BFF589169}) (Version: 6.0 - Black Box)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Waves Central V1.0.2.2 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}) (Version: 1.0.3 - Waves)
WinRAR 5.30 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A1E8CCE-B569-471E-9F69-2A88B698BD50} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.)
Task: {1BE1AB6F-A4AA-4D0D-9807-DAB1A0B67601} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.)
Task: {42C13DF3-4B7C-4AE6-A9FB-0DD087ABFB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-02] (Google Inc.)
Task: {B48B1132-3DBD-435B-8F50-060DF426D2C4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-04 09:59 - 2016-02-06 09:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1323012160-659710808-212240714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\KHudzi\Downloads\planets-wide.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Raptr"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{20F5D01C-AEBE-4AE7-99A9-033FFD5DC925}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{17AC8184-20E7-43CD-A85C-0F461DF49B8D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7E5D1930-477F-4E8E-A8CD-AF3029210702}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8B195E5C-DEEF-46BD-AFB4-36138ABB6F45}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{4278FACE-CD81-4767-BDA4-F7F9B7E6CB29}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{2A5A2907-592F-4070-9C54-C41704E0BE3F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{33066E79-807D-4AEE-967E-EF3B31D3DFD5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{A4920E15-50D9-4D60-9B0E-53915A4E1CA0}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{619FCD7F-CA9B-4CA1-9958-CB6DE705A9FF}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1CC9009-3183-4269-BA08-A96E2978C5F5}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23D51743-DA76-41D8-B600-B570E146F312}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03B513F8-9735-43DB-8509-2627957376FF}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{034AD6A7-A6F9-45C2-81B2-E0EF98C9E695}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5A42B51A-8843-43B2-8A9E-BCFDDFE668F2}] => (Allow) C:\Users\KHudzi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{DE3D4597-DD14-4271-AC9F-811D2699868E}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Allow) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [UDP Query User{A42C518B-E82E-42FD-9A2D-C80AB36690D7}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Allow) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [TCP Query User{3386DD8D-819D-4C73-B8F3-E4A1E656DCB5}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Block) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [UDP Query User{CA74471D-13F6-46F5-9835-2BF30F51F598}C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe] => (Block) C:\program files (x86)\cod 4\call of duty modern warfare multiplayer.exe
FirewallRules: [{0FB56A78-293E-44D3-AC23-A1365BE84218}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8EFCB2F7-5C68-4975-94BE-FDC24D22C4D0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9817424C-FE04-4859-BC71-A49E8B3FD839}] => (Allow) LPort=1688
FirewallRules: [{8BD73C82-E9AC-4726-9D06-14B5FEC9F9FE}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{C218F1F9-E0FB-4137-A0FF-92C3E0710E0F}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{B8DEC66B-A266-4A73-BF24-A6B5F1EECE9F}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{DE31FBD3-A9F8-428A-836A-1DF3828A1F58}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [TCP Query User{136895F9-16D4-4786-963F-00C7302253BD}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [UDP Query User{386B351A-B7CB-40EA-B8E7-414F16C7C491}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [TCP Query User{BCC58342-A8E0-4A68-B702-9FEE794AA215}C:\program files (x86)\total war rome ii - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii - emperor edition\rome2.exe
FirewallRules: [UDP Query User{C712025E-EE55-43A6-88A8-E3E9ACC2E923}C:\program files (x86)\total war rome ii - emperor edition\rome2.exe] => (Allow) C:\program files (x86)\total war rome ii - emperor edition\rome2.exe
FirewallRules: [{6120AE25-31B8-4094-AE79-6612625B8219}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5D5CDE12-90E6-4FA6-A71B-58DD7BAD4799}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A4BD6790-8896-4DB0-913E-7E04D240BD71}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{6A9FDBE9-2C2F-4CED-B5B8-F353916DE42A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{654CDE8D-045A-44BE-B799-26E17656B193}C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{419817BF-29AC-440D-8B81-C9C54C8A021E}C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe] => (Allow) C:\program files (x86)\r.g. freedom\dying light\dyinglightgame.exe
FirewallRules: [{5802C14F-2694-4A00-B905-2C5FF5A5C8D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A71BF597-CDCB-4401-8065-80CFC6D5169B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03433AEB-BA9B-4897-8A4E-7FAC39B106B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3E182E98-E352-40D8-A0C9-5A3A8CF232B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{519613D4-5BD7-4760-A642-E5BB7938ADC1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9B080102-B1C7-4766-89D0-A61CAFB0A88C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0C12AC95-EAEF-4917-BA46-A8AED96F275A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{508D5200-3F9B-43DC-8A88-871B93C667C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{050E4C95-5406-473A-98A5-D10FFF8BD045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{5CFCB738-BEBD-46FA-B29D-F4733ABA0725}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{64253C5B-7491-4719-AE98-EB4A0EE03393}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{1AD7E85C-2541-4941-80AB-44114AA37DB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{FCAF9120-7606-4ED2-A6DD-4A07F774CBC5}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [UDP Query User{85BFE613-21D9-4A71-B876-AD7369E6754A}C:\program files (x86)\image-line\fl studio 12\fl.exe] => (Block) C:\program files (x86)\image-line\fl studio 12\fl.exe
FirewallRules: [TCP Query User{207417DC-D412-4177-93E1-33F8A807209F}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{1DE45DA4-CD8C-4CAE-907B-3096EE4254D4}C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\daybreak game company\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{93F56052-D7B7-4678-9908-4C237F9507C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{EF777044-90CB-48A7-83AB-51DAE6A58E89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{4CEF3733-B5B3-4DF3-B5FB-2806829AFDF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{1F4D3170-2742-4DDF-8776-6BB7C78A6BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{1BDB1B1A-DBD7-4E9F-BEC2-EEF7638CAF6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{158AEA18-F090-485B-8E04-6EC185560797}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe
FirewallRules: [{D0D5FE01-DC58-4DE9-9BAE-BE541AA7A01B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{2FDDE667-1BE0-4506-9992-7DC5F18FFA15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{F42D3432-5D75-4523-822E-CA58AECC1039}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{FC5B1096-57CE-4DAD-BBC5-967D74A1520E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe
FirewallRules: [{D8EA1EF6-05B4-42EF-8056-971D34A97DD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{82D26A34-5623-4FA4-9089-73847643BD5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{C9C44F7D-A7F0-42BA-B4AE-AC861B1295A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{9FD381A2-45D5-4D30-AE49-498BD21CDEB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe
FirewallRules: [{D8F55BFC-0441-45B3-BA9C-733F519C277D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{F33214F9-0B6B-459E-AB4B-A7564D00264E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{3A9C3011-36E2-4615-B0C3-3EF8CA03C8E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E8BC9CED-1A24-4068-92CF-208B33BA6A8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3D349586-3156-48F7-B80C-CA9849CA563D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B3F7DCDB-DA27-49D3-A065-ACB73245662F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2D0DCAB1-1747-4230-9558-9DC72AAC93DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{94B27C4F-999F-4EC8-BCDB-320519C374FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{23B13BDA-CC46-445F-AC22-A7A5AFB71F90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{F3742C91-8878-4758-A5C9-DD80D6BCE63F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{627556DC-E502-4FF8-AB2D-08FFF65EA05B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E1C29F8C-D14E-4472-ACF4-D9DDBEAC2B72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{394FF988-751E-4BEA-9BBF-FC66291E0DA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{5B145EEA-2D1D-44A5-922C-CF91777054A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{8F33F664-F853-4C75-9230-0DF6EFDED638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{7FC50B89-FB88-43FB-ACEE-0680A003F067}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{32C5C2F3-E40A-4794-84D5-147D3DE2C8CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{769E0E6D-373D-46FC-89FC-C1A057D2EAE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E1C2F3CF-4F02-4E0D-94C1-EBEEA0A38F6C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4AE2A03A-915C-4F4D-813A-30009C654B45}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BFC64282-E3A6-4385-846A-CF6D0021FD12}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

13-02-2016 14:17:21 Malwarebytes Anti-Rootkit Restore Point
14-02-2016 11:34:04 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2016 09:45:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (02/13/2016 01:09:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/13/2016 12:58:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ff9a09d0668
Faulting process id: 0x840
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/13/2016 12:54:58 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/13/2016 11:14:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe85bd0668
Faulting process id: 0xc74
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/12/2016 06:06:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffd1ad40668
Faulting process id: 0xb20
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/12/2016 05:51:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007fff3afa0668
Faulting process id: 0xc28
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/11/2016 05:12:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 11.0.0.0, time stamp: 0x52a8d15d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00007ffe3bd40668
Faulting process id: 0xb40
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (02/11/2016 05:11:14 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (02/11/2016 12:38:51 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_5.1.1_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (02/14/2016 11:28:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avira System Speedup service failed to start due to the following error: 
%%2

Error: (02/14/2016 11:28:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Service KMSELDI service failed to start due to the following error: 
%%2

Error: (02/14/2016 11:28:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (02/14/2016 11:28:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WtuSystemSupport service failed to start due to the following error: 
%%2

Error: (02/14/2016 11:27:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%3

Error: (02/14/2016 11:27:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PnkBstrB service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/14/2016 11:27:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Steam Client Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/14/2016 11:27:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/14/2016 11:27:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Message Queuing Triggers service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/14/2016 11:27:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2016-02-13 13:01:49.785
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:48.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:38.529
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:37.871
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:37.761
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 13:01:37.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 12:58:35.828
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 12:58:34.812
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 12:58:34.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-02-13 11:17:32.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 8119.99 MB
Available physical RAM: 6874.93 MB
Total Virtual: 9399.99 MB
Available Virtual: 8096.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931 GB) (Free:610.24 GB) NTFS
Drive e: (PVE) (CDROM) (Total:0.27 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0972DD4A)

Partition: GPT.

==================== End of Addition.txt ============================

14.02.2016, 10:06	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PC friert oft beim laden von seiten/anwendungen ein (viren/trojanerverdacht) Du sollst auch das Log mit dem Fund posten und nicht nur das ohne Funde __________________ Logfiles bitte immer in CODE-Tags posten

PC friert oft beim laden von seiten/anwendungen ein (viren/trojanerverdacht)

Plagegeister aller Art und deren Bekämpfung: PC friert oft beim laden von seiten/anwendungen ein (viren/trojanerverdacht)