Inactive Patched_C AVG alerts

Status
Not open for further replies.
Agiste101

Agiste101

I've been getting virus alerts from AVG daily. I keep selecting protect me but I guess it doesn't work. Says the infected file is "SECOH-QAD.exe" in the "WINDOWS" folder. Not really seeing any effects as of yet(at least I think) but I'm worried about it. I ran the FRST application. Here are the logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by AntonioA (administrator) on ANTONIO (31-08-2015 17:45:33)
Running from C:\Users\AntonioA\Downloads
Loaded Profiles: AntonioA (Available Profiles: AntonioA)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\OneDrive.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(BitTorrent Inc.) C:\Users\AntonioA\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12391.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.3.8040.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1508.17010.0_x64__8wekyb3d8bbwe\Time.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.25.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184 2015-08-05] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-26] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [64000 2014-12-21] (Pushbullet inc)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Run: [Spotify Web Helper] => C:\Users\AntonioA\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-06] (Spotify Ltd)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Run: [Spotify] => C:\Users\AntonioA\AppData\Roaming\Spotify\Spotify.exe [7675448 2015-08-06] (Spotify Ltd)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Run: [OneDrive] => C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\RunOnce: [Uninstall C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\RunOnce: [Uninstall C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 208.94.176.20 208.94.176.18
Tcpip\..\Interfaces\{bd403036-3c14-43ac-b4c3-744b0c6fab8e}: [DhcpNameServer] 208.94.176.20 208.94.176.18

Internet Explorer:
==================
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={A2C96A11-51E3-40B9-B92C-F39864ED30B9}&mid=2a7a4dc35b9247d2a1ebd1c5bcd88d7e-d90c3c52ba516334726e0f849df460e0364fdf64&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-04 17:42:26&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={A2C96A11-51E3-40B9-B92C-F39864ED30B9}&mid=2a7a4dc35b9247d2a1ebd1c5bcd88d7e-d90c3c52ba516334726e0f849df460e0364fdf64&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-02-04 17:42:26&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-02-04] (AVG Secure Search)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-07-10] (Microsoft Corporation)

Chrome:
=======
CHR StartupUrls: Default -> "file:///C:/Users/AntonioA/Desktop/H2/Homepage.html"
CHR DefaultSuggestURL: Default -> https://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-03-20]
CHR Extension: (Google Drive) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-20]
CHR Extension: (YouTube) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-06]
CHR Extension: (AVG Secure Search) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-03-20]
CHR Extension: (Pushbullet) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-03-20]
CHR Extension: (Spotify - Music for every moment) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-03-20]
CHR Extension: (Google Search) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-06]
CHR Extension: (Tampermonkey) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-03-20]
CHR Extension: (Little Alchemy light) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlinaifoeodggjcfoonifcjppkklkdkd [2015-03-28]
CHR Extension: (Right-Click Search Wikipedia) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eikmpmafdimllogceehaijmnlndineje [2015-03-20]
CHR Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2015-03-20]
CHR Extension: (AdBlock) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-31]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-03-20]
CHR Extension: (TweetDeck by Twitter) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-03-20]
CHR Extension: (Sudoku for Google Chrome™) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifaabgmcffhggbfgjknkgenljelbocin [2015-03-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Pocket) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-03-20]
CHR Extension: (Save to Pocket) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-03-20]
CHR Extension: (Edge: The Web Ruler) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlkegdphefeellhaongiopcfgcinikh [2015-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-20]
CHR Extension: (Hover Zoom) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-03-20]
CHR Extension: (Gmail) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-06]
CHR Extension: (Canvas Rider) - C:\Users\AntonioA\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2014-11-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1560592 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2015-07-11] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [2987520 2014-10-28] (Microsoft Corporation) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-08-05] (Synaptics Incorporated)
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-26] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-26] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-18] (Disc Soft Ltd)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3749888 2015-07-10] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-05] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-31 17:45 - 2015-08-31 17:47 - 00023924 _____ C:\Users\AntonioA\Downloads\FRST.txt
2015-08-31 17:45 - 2015-08-31 17:45 - 00000000 ____D C:\FRST
2015-08-31 17:44 - 2015-08-31 17:45 - 02188800 _____ (Farbar) C:\Users\AntonioA\Downloads\FRST64.exe
2015-08-31 17:27 - 2015-08-31 17:28 - 00000000 ____D C:\Users\AntonioA\Downloads\1000 Forms of Fear
2015-08-31 17:05 - 2015-08-31 17:18 - 00000000 ____D C:\Users\AntonioA\Downloads\NWA Straight Outta Compton Itunes RIP
2015-08-31 17:05 - 2015-08-31 17:05 - 00015789 _____ C:\Users\AntonioA\Downloads\[kat.cr]nwa.straight.outta.compton.2002.itunes.rip.torrent
2015-08-31 16:44 - 2015-08-31 16:44 - 00016148 _____ C:\WINDOWS\system32\ANTONIO_AntonioA_HistoryPrediction.bin
2015-08-31 14:59 - 2015-08-31 14:59 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-08-31 14:59 - 2015-08-31 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-08-31 14:58 - 2015-08-31 15:05 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\Winamp
2015-08-31 14:58 - 2015-08-31 14:59 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-08-31 14:57 - 2015-08-31 14:57 - 10328598 _____ (Nullsoft, Inc.) C:\Users\AntonioA\Downloads\winamp5666_full_en-us_redux.exe
2015-08-31 13:16 - 2015-08-31 13:18 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\Apple Computer
2015-08-31 13:16 - 2015-08-31 13:16 - 00000000 ____D C:\Users\AntonioA\AppData\Local\Apple Computer
2015-08-31 13:16 - 2015-08-31 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-31 13:15 - 2015-08-31 13:16 - 00000000 ____D C:\Program Files\iTunes
2015-08-31 13:15 - 2015-08-31 13:15 - 00000000 ____D C:\ProgramData\Apple Computer
2015-08-31 13:15 - 2015-08-31 13:15 - 00000000 ____D C:\Program Files\iPod
2015-08-31 13:15 - 2015-08-31 13:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-31 13:14 - 2015-08-31 13:14 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-08-31 13:14 - 2015-08-31 13:14 - 00000000 ____D C:\Users\AntonioA\AppData\Local\Apple
2015-08-31 13:14 - 2015-08-31 13:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-08-31 13:13 - 2015-08-31 13:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-31 13:13 - 2015-08-31 13:14 - 00000000 ____D C:\ProgramData\Apple
2015-08-31 13:13 - 2015-08-31 13:13 - 00000000 ____D C:\Program Files\Bonjour
2015-08-31 13:13 - 2015-08-31 13:13 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-31 12:57 - 2015-08-31 13:09 - 155835672 _____ (Apple Inc.) C:\Users\AntonioA\Downloads\iTunes6464Setup.exe
2015-08-31 12:51 - 2015-08-31 15:10 - 00000000 ____D C:\Users\AntonioA\Downloads\Travis Scott - Rodeo [2015] [MP3-320Kbps] [CBR] [sn3h1t87] [GloDLS]
2015-08-31 12:34 - 2015-08-31 15:10 - 00000000 ____D C:\Users\AntonioA\Downloads\The Weeknd - Beauty Behind The Madness (2015) FLAC
2015-08-30 16:13 - 2015-08-30 17:04 - 650111257 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] GOD EATER - 06 [720p].mkv
2015-08-30 06:58 - 2015-08-30 06:59 - 00000000 ____D C:\Users\AntonioA\Downloads\Straight.Outta.Compton.2015.1080p.HC.WEBRip.x264.AAC2.0-FGT
2015-08-30 06:55 - 2015-08-30 06:56 - 04562212 _____ C:\Users\AntonioA\Downloads\MASS.EFFECT.2.DLCUNLOCKER.SHARETHEGOODS.ZIP
2015-08-29 23:26 - 2015-08-29 23:52 - 327382563 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] World Trigger - 44 [720p].mkv
2015-08-29 18:46 - 2015-08-29 18:46 - 00000000 ___HD C:\OneDriveTemp
2015-08-29 17:04 - 2015-08-29 17:04 - 00000031 _____ C:\Users\AntonioA\Desktop\aijtn1su.txt
2015-08-29 14:58 - 2015-08-29 15:25 - 343348739 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Charlotte - 09 [720p].mkv
2015-08-28 15:12 - 2015-08-28 15:12 - 00000000 ____D C:\WINDOWS\SysWOW64\AGEIA
2015-08-28 15:12 - 2015-08-28 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-28 15:12 - 2015-08-28 15:12 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-08-28 14:10 - 2015-08-28 14:12 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-08-28 14:10 - 2015-08-28 14:10 - 00001302 _____ C:\Users\Public\Desktop\Play Mass Effect 2.lnk
2015-08-28 09:44 - 2015-08-20 02:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-28 09:44 - 2015-08-20 02:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-28 09:44 - 2015-08-20 02:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-28 09:44 - 2015-08-20 01:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-28 09:44 - 2015-08-20 01:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-28 09:44 - 2015-08-20 01:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-28 09:44 - 2015-08-20 01:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-28 09:44 - 2015-08-20 01:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-28 09:44 - 2015-08-20 01:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-28 09:44 - 2015-08-20 00:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-28 09:44 - 2015-08-18 03:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 09:44 - 2015-08-18 03:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-28 09:44 - 2015-08-18 03:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-28 09:44 - 2015-08-18 03:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-28 09:44 - 2015-08-18 03:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-28 09:44 - 2015-08-18 03:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-28 09:44 - 2015-08-18 03:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-28 09:44 - 2015-08-18 03:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-28 09:44 - 2015-08-18 03:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-28 09:44 - 2015-08-18 03:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-28 09:44 - 2015-08-18 03:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-28 09:44 - 2015-08-18 02:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-28 09:44 - 2015-08-18 02:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-28 09:44 - 2015-08-18 02:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-28 09:44 - 2015-08-18 02:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-28 09:44 - 2015-08-18 02:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-28 09:44 - 2015-08-18 02:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-28 09:44 - 2015-08-18 02:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-28 09:44 - 2015-08-18 02:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-28 09:44 - 2015-08-18 02:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-28 09:44 - 2015-08-18 02:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-28 09:44 - 2015-08-18 02:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-28 09:44 - 2015-08-18 02:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-28 09:44 - 2015-08-18 02:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-28 09:44 - 2015-08-18 02:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-28 09:44 - 2015-08-18 02:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-28 09:44 - 2015-08-18 02:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-28 09:44 - 2015-08-18 02:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-28 09:44 - 2015-08-18 02:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-28 09:44 - 2015-08-18 02:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-28 09:44 - 2015-08-18 02:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-28 09:44 - 2015-08-18 02:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-28 09:44 - 2015-08-18 02:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-28 09:44 - 2015-08-18 00:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-27 12:33 - 2015-08-27 13:27 - 330111000 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] Naruto Shippuuden - 426 [720p].mkv
2015-08-27 00:53 - 2015-08-30 22:52 - 00000000 ____D C:\Users\AntonioA\Downloads\[NoobSubs] Bake~Nise~Neko~S2~Hana~Tsuki~monogatari (720p Blu-ray 8bit AAC MP4)
2015-08-26 22:35 - 2015-08-26 22:35 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-26 16:09 - 2015-08-26 17:19 - 00000000 ____D C:\Users\AntonioA\Documents\Universe Sandbox ²
2015-08-26 16:08 - 2015-08-26 16:08 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\Steam
2015-08-26 16:07 - 2015-08-26 16:07 - 00000000 ____D C:\Users\AntonioA\Downloads\Universe.Sandbox.2.Alpha.15.2
2015-08-26 16:06 - 2015-08-26 16:44 - 470999179 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Akagami no Shirayukihime - 08 [720p].mkv
2015-08-26 10:44 - 2015-08-26 11:29 - 359312270 ____R C:\Users\AntonioA\Downloads\Universe.Sandbox.2.Alpha.15.2.zip
2015-08-26 10:34 - 2015-08-26 16:06 - 464372815 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] OverLord - 08 [720p].mkv
2015-08-25 19:45 - 2015-08-25 19:45 - 00000000 ____D C:\Users\AntonioA\AppData\Local\EMU
2015-08-25 18:57 - 2015-08-25 18:57 - 00001457 _____ C:\Users\Public\Desktop\Rocket League.lnk
2015-08-25 18:57 - 2015-08-25 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rocket League
2015-08-25 18:48 - 2015-08-25 18:57 - 00000000 ____D C:\Program Files (x86)\rocketleague
2015-08-23 17:00 - 2015-08-24 07:51 - 00000000 ____D C:\Users\AntonioA\Downloads\Rocket League-FLT
2015-08-23 16:55 - 2015-08-23 16:55 - 00679936 _____ C:\Users\AntonioA\Downloads\Detection.msi
2015-08-22 19:25 - 2015-08-22 20:42 - 342506760 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Charlotte - 08 [720p].mkv
2015-08-22 19:25 - 2015-08-22 19:54 - 327396968 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] World Trigger - 43 [720p].mkv
2015-08-21 18:29 - 2015-08-21 18:49 - 00000000 ____D C:\Users\AntonioA\Downloads\The Weeknd - Beauty Behind The Madness [2015] [MP3-VBR] [H4CKUS] [GloDLS]
2015-08-20 17:49 - 2015-08-20 20:49 - 422262222 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Ranpo Kitan - Game of Laplace - 08 [720p].mkv
2015-08-19 09:50 - 2015-08-19 09:52 - 07041681 ____R C:\Users\AntonioA\Downloads\Fetty Wap - 679 (feat. Remy Boyz)_iT.m4a
2015-08-18 18:58 - 2015-08-18 19:51 - 468411035 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] OverLord - 07 [720p].mkv
2015-08-18 18:55 - 2015-08-13 00:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-18 18:55 - 2015-08-13 00:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-18 18:55 - 2015-08-13 00:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-18 18:55 - 2015-08-13 00:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 18:55 - 2015-08-12 23:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-18 18:55 - 2015-08-11 06:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-18 18:55 - 2015-08-11 06:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-18 18:55 - 2015-08-11 06:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-18 18:55 - 2015-08-11 06:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-18 18:55 - 2015-08-11 06:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-18 18:55 - 2015-08-11 06:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-18 18:55 - 2015-08-11 06:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-18 18:55 - 2015-08-11 05:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-18 18:55 - 2015-08-11 05:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-18 18:55 - 2015-08-11 05:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-18 18:55 - 2015-08-11 05:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-18 18:55 - 2015-08-11 05:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-18 18:55 - 2015-08-11 05:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-18 18:55 - 2015-08-11 05:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-18 18:55 - 2015-08-11 05:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-18 18:55 - 2015-08-11 05:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-18 18:55 - 2015-08-11 05:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-18 18:55 - 2015-08-11 05:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-18 18:55 - 2015-08-11 05:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-18 18:55 - 2015-08-11 05:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-18 18:55 - 2015-08-11 05:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-18 18:55 - 2015-08-11 05:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-18 18:55 - 2015-08-11 05:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-18 18:55 - 2015-08-11 05:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-18 18:55 - 2015-08-11 05:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-18 18:55 - 2015-08-11 05:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-18 18:55 - 2015-08-11 05:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-18 18:55 - 2015-08-11 05:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-18 18:55 - 2015-08-11 05:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-18 18:55 - 2015-08-11 05:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-18 18:55 - 2015-08-11 05:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-18 18:55 - 2015-08-11 05:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-18 18:55 - 2015-08-11 05:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-18 18:55 - 2015-08-11 05:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-18 18:55 - 2015-08-11 05:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-18 18:55 - 2015-08-11 05:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-18 18:55 - 2015-08-11 05:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-18 18:55 - 2015-08-11 05:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-18 18:55 - 2015-08-11 05:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-18 18:55 - 2015-08-11 05:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-18 18:55 - 2015-08-11 05:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-18 18:55 - 2015-08-11 05:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-18 18:55 - 2015-08-11 05:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-18 18:55 - 2015-08-11 05:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-18 18:55 - 2015-08-11 05:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-18 18:55 - 2015-08-11 05:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-18 18:55 - 2015-08-11 05:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-18 18:55 - 2015-08-11 05:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-18 18:55 - 2015-08-11 05:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-18 18:55 - 2015-08-11 05:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-18 18:55 - 2015-08-11 05:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-18 18:55 - 2015-08-11 05:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-18 18:55 - 2015-08-11 04:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-18 18:55 - 2015-08-11 04:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-18 18:55 - 2015-08-11 04:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-18 18:55 - 2015-08-11 04:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-18 18:55 - 2015-08-11 04:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-18 18:55 - 2015-08-11 04:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-18 18:55 - 2015-08-11 04:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-18 18:55 - 2015-08-11 04:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-18 18:55 - 2015-08-11 04:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-18 18:55 - 2015-08-11 04:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-18 18:55 - 2015-08-11 04:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-18 18:55 - 2015-08-11 04:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-18 18:55 - 2015-08-11 04:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-18 18:55 - 2015-08-11 04:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-18 18:55 - 2015-08-11 04:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-18 18:55 - 2015-08-11 04:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-18 18:55 - 2015-08-11 04:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-18 18:55 - 2015-08-11 04:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-18 18:55 - 2015-08-11 04:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-18 18:55 - 2015-08-11 04:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-18 18:55 - 2015-08-11 04:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-18 18:55 - 2015-08-11 04:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-18 18:55 - 2015-08-11 04:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-16 16:16 - 2015-08-16 17:12 - 645069969 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] GOD EATER - 05 [720p].mkv
2015-08-16 13:41 - 2015-08-16 13:48 - 00000000 ____D C:\Users\AntonioA\Downloads\Guardians of the Galaxy (2014)
2015-08-16 09:00 - 2015-08-16 09:27 - 342734142 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Charlotte - 07 [720p].mkv
2015-08-16 08:31 - 2015-08-16 09:00 - 327270238 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] World Trigger - 42 [720p].mkv
2015-08-14 21:46 - 2015-08-15 20:31 - 00000000 ____D C:\Users\AntonioA\Downloads\Dark Shadows (2012) [1080p]
2015-08-14 07:40 - 2015-08-14 07:47 - 00000000 ____D C:\Users\AntonioA\Downloads\Elfen Lied
2015-08-14 07:39 - 2015-08-14 07:39 - 00057294 _____ C:\Users\AntonioA\Downloads\[kat.cr]elfen.lied.complete.series.ost.high.quality.dual.audio.mkv.720p.blu.ray.rip.torrent
2015-08-13 18:27 - 2015-08-13 18:27 - 00000810 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2015-08-13 18:27 - 2015-08-13 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-08-13 18:26 - 2015-08-13 18:27 - 06038392 _____ (Wargaming.net ) C:\Users\AntonioA\Downloads\WoT_internet_install_na.exe
2015-08-13 16:57 - 2015-08-13 18:06 - 429942387 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] Ranpo Kitan - Game of Laplace - 07 [720p].mkv
2015-08-13 07:19 - 2015-08-13 07:45 - 330312451 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] Naruto Shippuuden - 424 [720p].mkv
2015-08-12 21:09 - 2015-08-12 21:09 - 00158553 _____ C:\Users\AntonioA\Downloads\598714.JPEG
2015-08-12 21:00 - 2015-08-12 21:00 - 00816816 _____ C:\Users\AntonioA\Downloads\618738 (1).JPEG
2015-08-12 20:58 - 2015-08-12 20:58 - 00816816 _____ C:\Users\AntonioA\Downloads\618738.JPEG
2015-08-12 20:42 - 2015-08-12 20:42 - 00408874 _____ C:\Users\AntonioA\Downloads\646518.JPEG
2015-08-12 20:41 - 2015-08-12 20:41 - 00242837 _____ C:\Users\AntonioA\Downloads\597897.JPEG
2015-08-12 09:29 - 2015-08-12 10:59 - 00000000 ____D C:\Users\AntonioA\Downloads\Chronicle (2012) [1080p]
 
2015-08-11 19:58 - 2015-08-02 22:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 19:58 - 2015-08-02 21:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 19:58 - 2015-08-02 21:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 19:58 - 2015-08-02 21:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 19:58 - 2015-08-02 21:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 19:57 - 2015-08-08 03:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 19:57 - 2015-08-08 03:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 19:57 - 2015-08-08 03:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 19:57 - 2015-08-08 02:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 19:57 - 2015-08-08 02:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 19:57 - 2015-08-08 02:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 19:57 - 2015-08-08 02:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 19:57 - 2015-08-08 02:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 19:57 - 2015-08-08 02:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 19:57 - 2015-08-05 23:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 19:57 - 2015-08-05 23:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 19:57 - 2015-08-05 22:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 19:57 - 2015-08-05 00:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 19:57 - 2015-08-05 00:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 19:57 - 2015-08-05 00:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 19:57 - 2015-08-04 23:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 19:57 - 2015-08-04 23:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 19:57 - 2015-08-04 23:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 19:57 - 2015-08-04 00:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 19:57 - 2015-08-04 00:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 19:57 - 2015-08-04 00:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 19:57 - 2015-08-03 23:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 19:57 - 2015-08-03 22:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 19:57 - 2015-08-03 22:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 19:57 - 2015-08-02 22:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 19:57 - 2015-08-02 22:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 19:57 - 2015-08-02 22:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 19:57 - 2015-08-02 22:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 19:57 - 2015-08-02 22:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 19:57 - 2015-08-02 22:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 19:57 - 2015-08-02 22:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 19:57 - 2015-08-02 22:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 19:57 - 2015-08-02 22:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 19:57 - 2015-08-02 22:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 19:57 - 2015-08-02 21:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 19:57 - 2015-08-02 21:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 19:57 - 2015-08-02 21:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 19:57 - 2015-08-02 21:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 19:57 - 2015-08-02 21:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 19:57 - 2015-08-02 21:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 19:57 - 2015-08-02 21:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 19:57 - 2015-08-02 21:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 19:57 - 2015-08-02 21:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 19:57 - 2015-08-02 21:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 19:57 - 2015-08-02 21:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 19:57 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 19:57 - 2015-08-02 21:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 19:57 - 2015-08-02 21:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 19:57 - 2015-08-02 21:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 19:57 - 2015-08-02 21:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 19:57 - 2015-08-02 21:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 19:57 - 2015-08-02 21:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 19:57 - 2015-08-02 21:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 19:57 - 2015-08-02 21:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 19:57 - 2015-08-02 21:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 19:57 - 2015-08-02 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 19:57 - 2015-08-02 21:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 19:57 - 2015-08-02 21:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 19:57 - 2015-08-02 21:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 19:57 - 2015-08-02 21:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 19:57 - 2015-08-02 21:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 19:57 - 2015-08-02 21:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 19:57 - 2015-08-02 21:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 19:57 - 2015-08-02 20:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-11 12:36 - 2015-08-11 20:44 - 466590620 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] OverLord - 06 [720p].mkv
2015-08-10 14:39 - 2015-08-11 09:54 - 473456678 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Akagami no Shirayukihime - 06 [720p].mkv
2015-08-09 16:11 - 2015-08-09 16:11 - 00001445 _____ C:\Users\Public\Desktop\Foldit.lnk
2015-08-09 16:11 - 2015-08-09 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foldit
2015-08-09 16:10 - 2015-08-09 16:17 - 00000000 ____D C:\Foldit
2015-08-09 15:56 - 2015-08-09 16:09 - 147857392 _____ C:\Users\AntonioA\Downloads\Foldit-win_x86.exe
2015-08-09 12:59 - 2015-08-09 13:35 - 447447470 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Gangsta - 06 [720p].mkv
2015-08-09 12:58 - 2015-08-09 14:34 - 601490956 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] GOD EATER - 04 [720p].mkv
2015-08-09 12:31 - 2015-08-09 12:58 - 331971977 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] World Trigger - 41 [720p].mkv
2015-08-08 19:28 - 2015-08-08 20:29 - 337768069 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] Charlotte - 06 [720p].mkv
2015-08-08 19:28 - 2015-08-08 20:02 - 446615227 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Prison School - 05 [720p].mkv
2015-08-08 19:24 - 2015-08-08 19:24 - 00000000 ____D C:\Users\AntonioA\Downloads\Terminator.Genisys.2015.1080p.HDRip.KORSUB.x264.AAC2.0-RARBG
2015-08-08 17:29 - 2015-08-31 15:10 - 00000000 ____D C:\Users\AntonioA\Downloads\Dr. Dre - Compton (Explicit) 2015 {MP3 Album}~{VBUc}
2015-08-07 12:02 - 2015-08-31 15:10 - 00000000 ____D C:\Users\AntonioA\Downloads\Miguel - Wildheart (Explicit Deluxe Version) [2015] {MP3 - 320 kbps}
2015-08-07 11:48 - 2015-08-07 11:54 - 73690807 _____ C:\Users\AntonioA\Downloads\Future & DJ Esco - 56 Nights.zip
2015-08-06 18:03 - 2015-08-06 18:04 - 00285160 _____ C:\WINDOWS\Minidump\080615-37312-01.dmp
2015-08-06 18:03 - 2015-08-06 18:03 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-06 16:32 - 2015-08-06 16:32 - 00082349 _____ C:\Users\AntonioA\Downloads\646901.JPEG
2015-08-06 15:48 - 2015-08-06 15:48 - 00119995 _____ C:\Users\AntonioA\Downloads\646904.JPEG
2015-08-06 15:47 - 2015-08-06 15:47 - 00113535 _____ C:\Users\AntonioA\Downloads\646909.JPEG
2015-08-06 15:47 - 2015-08-06 15:47 - 00095259 _____ C:\Users\AntonioA\Downloads\646905.JPEG
2015-08-06 15:47 - 2015-08-06 15:47 - 00075984 _____ C:\Users\AntonioA\Downloads\646906.JPEG
2015-08-06 15:46 - 2015-08-06 15:46 - 00076055 _____ C:\Users\AntonioA\Downloads\646915.JPEG
2015-08-06 15:46 - 2015-08-06 15:46 - 00021995 _____ C:\Users\AntonioA\Downloads\646912.JPEG
2015-08-06 15:45 - 2015-08-06 15:45 - 00121565 _____ C:\Users\AntonioA\Downloads\646920.JPEG
2015-08-06 15:45 - 2015-08-06 15:45 - 00094468 _____ C:\Users\AntonioA\Downloads\646922.JPEG
2015-08-06 15:44 - 2015-08-06 15:44 - 00277535 _____ C:\Users\AntonioA\Downloads\646931.JPEG
2015-08-06 15:44 - 2015-08-06 15:44 - 00091617 _____ C:\Users\AntonioA\Downloads\646925.JPEG
2015-08-06 15:44 - 2015-08-06 15:44 - 00082553 _____ C:\Users\AntonioA\Downloads\646930.JPEG
2015-08-06 15:42 - 2015-08-06 15:42 - 00065810 _____ C:\Users\AntonioA\Downloads\646936.JPEG
2015-08-06 15:41 - 2015-08-06 15:41 - 00065872 _____ C:\Users\AntonioA\Downloads\647539.JPEG
2015-08-06 15:39 - 2015-08-06 15:39 - 00086612 _____ C:\Users\AntonioA\Downloads\648042.JPEG
2015-08-06 15:39 - 2015-08-06 15:39 - 00057796 _____ C:\Users\AntonioA\Downloads\648039.JPEG
2015-08-06 14:55 - 2015-08-06 14:55 - 00444063 _____ C:\Users\AntonioA\Downloads\648046.JPEG
2015-08-06 14:53 - 2015-08-06 14:53 - 00149360 _____ C:\Users\AntonioA\Downloads\648051.JPEG
2015-08-06 14:53 - 2015-08-06 14:53 - 00069307 _____ C:\Users\AntonioA\Downloads\648050.JPEG
2015-08-06 14:52 - 2015-08-06 14:52 - 00036696 _____ C:\Users\AntonioA\Downloads\648055.JPEG
2015-08-06 14:52 - 2015-08-06 14:52 - 00013408 _____ C:\Users\AntonioA\Downloads\648054.JPEG
2015-08-06 14:51 - 2015-08-06 14:51 - 00263050 _____ C:\Users\AntonioA\Downloads\648059 (1).JPEG
2015-08-06 14:07 - 2015-08-06 14:48 - 429444763 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Ranpo Kitan - Game of Laplace - 06 [720p].mkv
2015-08-06 13:53 - 2015-08-31 16:07 - 00000000 ____D C:\Users\AntonioA\Downloads\Puff Daddy & The Family - Finna Get Loose (feat. Pharrell Williams) [Hip-Hop & Rap] Single 2015 [iTunes Plus M4A AAC] [UJ.rip]
2015-08-06 13:53 - 2015-08-06 13:53 - 00000000 ____D C:\Users\AntonioA\AppData\Local\CEF
2015-08-05 22:38 - 2015-08-05 22:38 - 00064773 _____ C:\Users\AntonioA\Downloads\viewer.php
2015-08-05 16:19 - 2015-07-30 02:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-05 16:19 - 2015-07-30 02:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-05 16:19 - 2015-07-30 02:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-05 16:19 - 2015-07-30 02:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-05 16:19 - 2015-07-30 02:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-05 16:19 - 2015-07-30 02:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-05 16:19 - 2015-07-30 02:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-05 16:19 - 2015-07-30 02:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-05 16:19 - 2015-07-30 02:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-05 16:19 - 2015-07-30 02:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-05 16:19 - 2015-07-30 02:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-05 16:19 - 2015-07-30 02:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-05 16:19 - 2015-07-30 01:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-05 16:19 - 2015-07-30 00:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-05 16:19 - 2015-07-30 00:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-05 16:19 - 2015-07-30 00:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-05 16:19 - 2015-07-30 00:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-05 16:19 - 2015-07-30 00:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-05 16:19 - 2015-07-30 00:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-05 16:19 - 2015-07-30 00:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-05 16:19 - 2015-07-30 00:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-05 16:19 - 2015-07-30 00:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-05 16:19 - 2015-07-30 00:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-05 16:19 - 2015-07-30 00:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-05 16:19 - 2015-07-30 00:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-05 16:19 - 2015-07-30 00:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-05 16:19 - 2015-07-30 00:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-05 16:19 - 2015-07-30 00:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-05 16:19 - 2015-07-29 23:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-05 16:19 - 2015-07-29 23:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-05 16:19 - 2015-07-29 23:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-05 16:19 - 2015-07-29 23:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-05 16:19 - 2015-07-29 23:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-05 16:19 - 2015-07-29 23:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-05 16:19 - 2015-07-29 23:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-05 16:19 - 2015-07-29 23:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-05 16:19 - 2015-07-29 23:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-05 16:19 - 2015-07-29 23:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-05 16:19 - 2015-07-29 23:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-05 16:19 - 2015-07-29 23:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-05 16:19 - 2015-07-29 23:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-05 16:19 - 2015-07-29 23:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-05 16:19 - 2015-07-29 23:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-05 16:19 - 2015-07-29 23:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-05 16:19 - 2015-07-29 23:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-05 16:19 - 2015-07-29 23:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-05 16:19 - 2015-07-29 23:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-05 16:19 - 2015-07-29 23:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-05 16:19 - 2015-07-29 23:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-05 16:19 - 2015-07-29 23:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-05 16:19 - 2015-07-29 23:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-05 16:19 - 2015-07-29 22:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-05 16:19 - 2015-07-29 22:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-05 16:18 - 2015-07-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-05 16:18 - 2015-07-29 23:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-05 16:18 - 2015-07-29 23:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-05 16:18 - 2015-07-29 23:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-05 16:18 - 2015-07-29 23:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-05 16:18 - 2015-07-29 23:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-05 11:16 - 2015-08-05 11:16 - 00254152 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo33.dll
2015-08-05 11:15 - 2015-08-05 11:15 - 00420040 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-08-05 11:15 - 2015-08-05 11:15 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-08-05 11:15 - 2015-08-05 11:15 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-08-05 10:48 - 2015-08-05 12:03 - 00000000 ____D C:\Users\AntonioA\Downloads\Man of Steel (2013)
2015-08-05 07:10 - 2015-08-05 09:03 - 00000000 ____D C:\Users\AntonioA\Downloads\Man of Steel (2013) [3D] [HSBS]
2015-08-04 12:31 - 2015-08-04 13:08 - 467073904 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] OverLord - 05 [720p].mkv
2015-08-04 11:32 - 2015-08-04 11:32 - 00304560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpa.sys
2015-08-04 11:32 - 2015-08-04 11:32 - 00250800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2015-08-03 13:28 - 2015-08-03 14:02 - 473075212 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Akagami no Shirayukihime - 04 [720p].mkv
2015-08-03 12:32 - 2015-08-03 13:07 - 472218883 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] Akagami no Shirayukihime - 05 [720p].mkv
2015-08-02 19:59 - 2015-08-02 20:33 - 445824942 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Gangsta - 05 [720p].mkv
2015-08-02 19:33 - 2015-08-02 19:59 - 343133536 ____R C:\Users\AntonioA\Downloads\[HorribleSubs] Charlotte - 05 [720p].mkv
2015-08-02 14:55 - 2015-08-02 19:33 - 332201270 _____ C:\Users\AntonioA\Downloads\[HorribleSubs] World Trigger - 40 [720p].mkv
2015-08-01 13:23 - 2015-08-01 13:23 - 00000000 ____D C:\Users\AntonioA\Downloads\Drake - 4 New Singles Released On 31th July (2015) CBR 320 Kbps [AryaN_L33T]
2015-08-01 13:22 - 2015-08-01 13:22 - 00021735 _____ C:\Users\AntonioA\Downloads\[kat.cr]drake.4.new.singles.released.on.31th.july.2015.cbr.320.kbps.aryan.l33t.torrent
2015-08-01 07:45 - 2015-08-31 16:08 - 00000000 ____D C:\Users\AntonioA\Downloads\Years & Years - Communion [Deluxe Edition] (2015) FLAC

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-31 17:46 - 2014-11-06 04:30 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\uTorrent
2015-08-31 17:36 - 2015-06-19 18:49 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\Skype
2015-08-31 17:20 - 2014-11-06 17:20 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-31 17:04 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-31 16:59 - 2015-07-10 08:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-31 16:55 - 2014-11-06 04:43 - 00000000 ____D C:\ProgramData\MFAData
2015-08-31 15:55 - 2015-06-20 21:55 - 00000000 ____D C:\Users\AntonioA\Downloads\Audio
2015-08-31 15:47 - 2014-11-06 04:30 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AA0025E5-8D9B-473F-B62D-9751DD1A5165}
2015-08-31 15:21 - 2014-11-06 17:20 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-31 08:36 - 2015-07-29 13:17 - 00000000 ____D C:\Windows.old
2015-08-30 20:27 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 13:03 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-30 09:41 - 2014-11-06 05:52 - 00000000 ____D C:\temp
2015-08-29 18:46 - 2015-04-17 11:25 - 00000000 ____D C:\Users\AntonioA\OneDrive
2015-08-29 18:45 - 2014-11-06 06:16 - 00037993 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-08-29 13:15 - 2015-03-28 04:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-08-29 12:18 - 2014-11-06 04:27 - 00000000 ____D C:\Users\AntonioA\AppData\Local\Packages
2015-08-29 00:27 - 2015-07-29 10:32 - 00000000 ____D C:\Users\AntonioA
2015-08-28 23:49 - 2015-07-10 08:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-28 23:49 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-28 23:47 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-28 23:47 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-28 15:15 - 2014-11-06 17:20 - 00003980 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 15:15 - 2014-11-06 17:20 - 00003748 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 15:09 - 2015-07-24 19:33 - 00000000 ____D C:\Users\AntonioA\Documents\BioWare
2015-08-28 15:07 - 2015-06-19 20:17 - 00000000 ____D C:\Users\AntonioA\Desktop\Docs
2015-08-28 14:12 - 2014-11-07 17:40 - 00088601 _____ C:\WINDOWS\DirectX.log
2015-08-28 14:10 - 2015-07-24 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts Inc
2015-08-28 14:10 - 2014-11-07 17:30 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2015-08-28 13:37 - 2015-07-24 19:00 - 00000000 ____D C:\Program Files (x86)\Electronic Arts Inc
2015-08-28 11:01 - 2015-07-10 06:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-27 22:22 - 2015-07-29 10:52 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-27 22:20 - 2015-07-10 08:20 - 00021974 _____ C:\WINDOWS\setupact.log
2015-08-27 16:23 - 2015-07-10 05:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-27 14:59 - 2014-11-06 19:49 - 00000000 ____D C:\Users\AntonioA\AppData\Local\Spotify
2015-08-27 14:48 - 2014-11-06 18:01 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\Spotify
2015-08-27 00:46 - 2014-11-06 04:31 - 00000000 ____D C:\ProgramData\APN
2015-08-26 23:26 - 2015-03-20 07:50 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 22:35 - 2015-03-20 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-26 22:35 - 2015-03-20 07:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-26 16:04 - 2015-02-04 18:42 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2015-08-26 16:04 - 2015-02-04 18:42 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-08-25 19:45 - 2014-11-13 06:27 - 00000000 ____D C:\Users\AntonioA\Documents\My Games
2015-08-23 20:09 - 2014-12-30 12:50 - 00000000 ____D C:\Users\AntonioA\AppData\Local\Pushbullet
2015-08-23 16:56 - 2014-12-19 19:04 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-08-22 00:16 - 2015-07-30 13:27 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 18:12 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-20 16:17 - 2015-07-29 11:12 - 00002384 _____ C:\Users\AntonioA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-19 11:53 - 2015-05-12 15:36 - 00297904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys
2015-08-19 11:52 - 2015-06-26 10:49 - 00313264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-08-17 20:15 - 2015-06-19 18:49 - 00000000 ____D C:\ProgramData\Skype
2015-08-15 22:19 - 2015-07-10 08:20 - 05035872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-15 22:15 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 22:15 - 2015-07-10 07:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 21:55 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-13 18:27 - 2014-11-07 17:14 - 00000000 ____D C:\Games
2015-08-12 11:15 - 2014-11-08 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 11:03 - 2014-11-08 20:15 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-08 11:38 - 2015-07-10 07:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 11:38 - 2015-07-10 07:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 09:08 - 2014-11-08 21:52 - 00000000 ____D C:\Users\AntonioA\AppData\Roaming\vlc
2015-08-06 19:24 - 2015-06-06 20:50 - 00000000 ____D C:\Users\AntonioA\Documents\Euro Truck Simulator 2
2015-08-06 18:03 - 2015-02-05 15:43 - 872813305 _____ C:\WINDOWS\MEMORY.DMP
2015-08-06 10:21 - 2015-07-29 11:05 - 00000000 ____D C:\Users\AntonioA\AppData\Local\Comms
2015-08-06 07:53 - 2015-07-10 07:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-05 11:16 - 2015-06-12 05:34 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-08-05 11:16 - 2015-06-12 05:34 - 00618696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-08-05 11:16 - 2015-06-12 05:34 - 00269000 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-08-05 11:15 - 2015-06-12 05:34 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-08-05 11:15 - 2015-06-12 05:34 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-08-05 10:48 - 2015-07-14 16:22 - 00000000 ____D C:\Users\AntonioA\Downloads\[Coalgirls]_Hunter_X_Hunter_(1280x720_H.264_AAC)

==================== Files in the root of some directories =======

2015-02-22 08:44 - 2015-02-22 08:44 - 0005034 _____ () C:\Users\AntonioA\AppData\Local\recently-used.xbel
2015-02-08 11:13 - 2015-02-08 11:13 - 0007597 _____ () C:\Users\AntonioA\AppData\Local\resmon.resmoncfg
2015-03-20 00:08 - 2015-03-20 00:08 - 0000410 _____ () C:\Users\AntonioA\AppData\Local\Temp-log.txt
2015-01-23 19:37 - 2015-01-23 19:37 - 0000008 _____ () C:\ProgramData\-
2015-07-29 10:29 - 2015-07-29 10:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\AntonioA\AppData\Local\Temp\pushbullet_watchdog.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-22 19:36

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by AntonioA (2015-08-31 17:48:14)
Running from C:\Users\AntonioA\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1309553870-1141191830-4033336980-500 - Administrator - Disabled)
AntonioA (S-1-5-21-1309553870-1141191830-4033336980-1001 - Administrator - Enabled) => C:\Users\AntonioA
DefaultAccount (S-1-5-21-1309553870-1141191830-4033336980-503 - Limited - Disabled)
Guest (S-1-5-21-1309553870-1141191830-4033336980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1309553870-1141191830-4033336980-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced Driver Updater (HKLM-x32\...\Advanced Driver Updater_is1) (Version: 2.1.1086.15131 - Systweak Inc)
Android Remote Server (HKLM-x32\...\AndroidRemote) (Version: - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies)
AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.6.294 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Euro Truck Simulator 2 v1.18.1.3s (26 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.18.1.3s (26 DLC)1.18.1.3s) (Version: 1.18.1.3s - Friends in War)
Foldit (HKLM-x32\...\Foldit) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3945 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Legend of Grimrock (HKLM-x32\...\Legend of Grimrock_is1) (Version: - GOG.com)
MAGIX Burn routines (HKLM\...\{A64B679B-E591-4C74-B74A-147E0CCEDCE4}) (Version: 11.0.0.238 - MAGIX Software GmbH)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Trial Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mass Effect 2 Complete Edition version 1.0.0 (HKLM-x32\...\Mass Effect 2 Complete Edition_is1) (Version: 1.0.0 - Electronic Arts Inc.)
Mass Effect Complete Edition version 1.0.0 (HKLM-x32\...\Mass Effect Complete Edition_is1) (Version: 1.0.0 - Electronic Arts Inc.)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-c581e47e-7a44-4e40-994e-1e1cfef614d2) (Version: - Epic Games, Inc.)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Pushbullet version 312 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 312 - Pushbullet Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.243 - )
Rocket League (HKLM-x32\...\Rocket League_is1) (Version: - Psyonix)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{B7245B6C-0CC0-4A69-91C1-D89058A56555}) (Version: 6.1.6.0 - Husdawg, LLC)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)
YouTube Downloader Pro YTD 4.8.1.0 Final (HKLM-x32\...\YouTube Downloader Pro YTD 4.8.1.0 Final4.8.1.0) (Version: 4.8.1.0 - Friends in War)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\AntonioA\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

12-08-2015 10:59:11 Windows Update
18-08-2015 20:54:40 Windows Update
23-08-2015 16:55:54 Installed System Requirements Lab Detection
25-08-2015 18:58:26 Installed DirectX
28-08-2015 15:11:03 Installed NVIDIA PhysX
31-08-2015 13:14:23 Installed iTunes

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {1687D514-E67F-4051-A290-41648F15EA9A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1B4021A8-F53A-4165-9375-A1D285E23A0E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2453791F-19C4-4967-9259-899E9029E6C6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {365CBD45-D247-4B67-9859-E5D4C9CB308F} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {3CDEBBB6-F38B-4903-9FF8-5ADCEF80F585} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {487D728E-3E4E-44CC-BB44-1DD31B6707A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4DA1D198-373E-43E8-A6AC-53C9C00166C4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {55E21908-1E10-4254-B5CC-4769D72AFD36} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {56D659ED-DC23-4949-B597-0B4B1863B525} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5EA243FA-515A-42CD-A2D0-684753C6B741} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5FE8DA80-6D05-4B9C-AFB5-C514A5DE3065} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6E71FD12-2490-4595-B87D-DCF9CC700DB3} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {71DAD26C-45A3-4BAF-ACF8-9E37D6E7FBDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {73D3656B-5F86-43FD-860C-8CCD69F9D5BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-29] (Microsoft Corporation)
Task: {9562FBA3-AE19-41A0-B1E8-95CDB60915E3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-05] (Synaptics Incorporated)
Task: {A5175C15-2C6B-4737-B2C9-DA6FD0D98195} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {AA620A5F-F425-4B4A-B56D-A3BF4B94D825} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {B0C54025-9171-4EEA-B89F-0DA5754BD415} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B49CE59E-BF5A-462E-BB22-9CD4A12E454D} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {BA455BF0-1022-4EE8-9ADC-2251FF4DDF2B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-03] ()
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CDF40C79-37B0-4C8F-A05A-1298FB7EEBA9} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2014-11-06] (Systweak Inc)
Task: {D7667647-7AAC-4888-AAA5-4C4DDEC0F833} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {E374BAB0-4D99-42A7-AC99-DC3136E8419D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {E9B8019A-1EFD-4A29-8D27-9232ABB2A5FF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F2C2EA13-7A57-498A-B99F-86DBCFC1C469} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 07:00 - 2015-07-10 07:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-07-29 13:16 - 2015-07-29 13:16 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-02-26 17:31 - 2015-08-26 16:03 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-08-18 18:55 - 2015-08-11 05:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-08-26 16:04 - 2015-08-26 16:03 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
2015-08-28 09:44 - 2015-08-18 03:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 09:44 - 2015-08-18 03:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-07-10 20:31 - 2013-07-10 20:31 - 08865448 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 06:59 - 2015-07-10 06:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-02-04 18:42 - 2015-08-26 16:03 - 03175312 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-08-11 19:57 - 2015-08-02 21:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-18 18:55 - 2015-08-11 04:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 19:57 - 2015-08-02 21:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 07:00 - 2015-07-10 09:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-08 17:16 - 2015-08-08 17:18 - 00174592 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.3.8040.0_x64__8wekyb3d8bbwe\CellNativeClientUniversal.dll
2015-07-29 12:09 - 2015-07-29 12:14 - 04485808 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.3.8040.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2015-08-08 17:16 - 2015-08-08 17:18 - 07502848 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.3.8040.0_x64__8wekyb3d8bbwe\Microsoft.Xbox.Services.dll
2015-08-08 17:16 - 2015-08-08 17:18 - 01384960 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.3.8040.0_x64__8wekyb3d8bbwe\cpprest140_uwp_2_6.dll
2015-08-28 15:14 - 2015-08-28 15:15 - 08241152 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.25.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-28 15:14 - 2015-08-28 15:15 - 02238976 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.25.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-26 16:04 - 2015-08-26 16:03 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\log4cplusU.dll
2014-04-03 20:48 - 2014-04-03 20:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-04 18:42 - 2015-08-26 16:03 - 40638864 _____ () C:\Program Files (x86)\AVG Web TuneUp\libcef.dll
2013-10-31 11:05 - 2013-10-31 11:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2015-08-22 00:16 - 2015-08-18 01:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 00:16 - 2015-08-18 01:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\AntonioA\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\hola.org -> hxxp://hola.org


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 208.94.176.20 - 208.94.176.18
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\StartupFolder: => "TWRP2801-titan-motog-2014.img.lnk"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B73C4FD13B2FD0C914DC26AA5DDE69A0"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\Run: => "Pushbullet"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1309553870-1141191830-4033336980-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [UDP Query User{28B84525-88FF-47EB-9F11-1C28771945BD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1AD0C70A-0AD0-403A-A8F7-BBEAF495B042}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7430D350-2744-464D-B0FB-DCFDFF949CAE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B852BB5C-D585-4687-8F15-46489356DF02}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B4EDE5B7-A6A8-430B-AFCF-16B586951FF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FE58AC17-D8D4-473C-B85A-501625B99D34}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{261D5FBC-857E-413E-ACAD-711EF481F763}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A8D03A04-770A-40F8-B801-CB577B92D138}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{407964DC-7338-467D-AFDF-C710393DAAA9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{913B2216-1DD3-49A4-B305-574C2AE0DD20}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [UDP Query User{85659401-6627-4E17-94B1-7F671491B389}C:\users\antonioa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonioa\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{81B1F1F8-DF61-4CF3-8FBC-91AF52178530}C:\users\antonioa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonioa\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8DF22ABE-66CE-4EA1-B428-4FED83972A5B}C:\program files\hexchat\hexchat.exe] => (Block) C:\program files\hexchat\hexchat.exe
FirewallRules: [TCP Query User{D358CA4A-ECF3-4B38-B55F-E6F552681113}C:\program files\hexchat\hexchat.exe] => (Block) C:\program files\hexchat\hexchat.exe
FirewallRules: [{60077188-EBAB-4936-9B2E-3A4C2E8C0082}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3962649F-2673-49FA-910B-2CD2C49B6CF4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E11C1A4E-FCFF-4899-A9CD-C0FDDADFE7B5}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{A3B2E8C7-2299-4082-B5E6-C2BAA2E0241E}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [UDP Query User{3867C786-71F6-4C52-B987-E28CE2BC61D0}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{3D0C8116-E3D7-45DF-9DF1-D734604E5517}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{CF1D5230-D0EA-43EE-83A8-D38F33B50A99}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{F5C98020-E534-49E4-9A67-829A145301B7}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{9E3B2770-5698-4DF9-A180-9AFFD83FC7ED}] => (Allow) LPort=42908
FirewallRules: [{5A5A7F95-71B7-4B70-86A8-9D0F56CFC00C}] => (Allow) LPort=42908
FirewallRules: [{92FA760E-BD72-4966-8608-85AF26697CD9}] => (Allow) C:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{65EF8688-BABC-46AC-B75D-E986284AFA86}] => (Allow) C:\Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{CB00B5ED-5E44-4B6F-9462-EC7EC9FBBAC8}] => (Allow) LPort=1689
FirewallRules: [UDP Query User{153558B5-9FB2-48AF-A55C-F578AAAA2564}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [TCP Query User{CC358767-40E5-4D68-80D3-ABA6E1A26D5E}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{86A5850C-DC96-462D-8590-AF6DC7F8F13A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E9913F12-B6FE-4381-928F-9A033848E429}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5B8175B7-C7C9-44E9-BFE5-73BF001567A2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E0C441AC-B18F-4AB3-AE98-683DE2FC01ED}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1703A7A4-25D0-414A-B4F2-F71DFC23EE34}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{AD22ACD4-753D-4781-968E-7F36436DF143}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{37167339-812F-4AA8-AD7F-1420537379CF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{9EA0E127-80F5-4027-90B1-B56AA685C642}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [UDP Query User{05BD5049-440D-47DC-B823-AD401906D8A8}C:\users\antonioa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonioa\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8DDC5F92-DB3B-4AED-B95A-2C57F3DC893D}C:\users\antonioa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\antonioa\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BADEB34B-DBEC-4C8A-A170-DA7E3C3CB804}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{1BFE0981-DA42-4051-B146-175634E5592C}] => (Allow) C:\Users\AntonioA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5BA10860-6E5A-43F0-955E-27978F6A8C35}] => (Allow) C:\Users\AntonioA\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6FB1224E-02A1-4661-A355-FB14582D2130}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{5C68FE4E-F468-4C63-9EA3-98E9393B3A06}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{FAF14242-35FE-41E8-BE43-42301DFA7754}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{F4CAC106-F60B-4BC5-80D5-3D129894BDBA}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{EFB25951-E8EE-426F-AF35-15899DF81733}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{44722BFC-E1B4-4DBF-935A-7EC79EFDB659}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{8C107E0B-ED38-408D-A4D1-C3771CE9BEE0}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{49D7875D-30BF-4F6F-BC7A-244C98333911}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{580BAAE9-AFD9-4C70-A5C1-0C3F2E183C9F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A0CB7D15-E8EE-45F2-8BAC-4C4D94B4E0D0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E247DD4C-F705-4DFA-B091-C99757304072}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{B7D505F3-83BD-435B-9524-7884F23EDD03}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{E3F6117F-BE41-47F2-BC3B-45D14AC60179}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{0E494467-F023-46BE-B2B6-AF033E5429EA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{24AC411A-C707-46BC-9924-736741E60FEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{E0599D36-0A8C-42F8-99D8-9BCD9A727499}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4DFB5747-E97B-4B3B-B81D-53D3C1454D92}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CEE20CC7-C07D-49DA-8378-75304DE33E1F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F99F9B6D-FBBD-4157-8341-0FDB7503E73B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{88168F8B-D7C1-4D89-8B6A-AD34D404A567}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D3AE1C5F-131A-415C-92FF-3D81B59844BA}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{70363FEE-428B-4226-B43C-856E7142A976}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/31/2015 05:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoPico.exe, version: 12.1.0.0, time stamp: 0x5313ef46
Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f38c3
Exception code: 0xe0434352
Fault offset: 0x000000000002a1c8
Faulting process id: 0x40f8
Faulting application start time: 0xAutoPico.exe0
Faulting application path: AutoPico.exe1
Faulting module path: AutoPico.exe2
Report Id: AutoPico.exe3
Faulting package full name: AutoPico.exe4
Faulting package-relative application ID: AutoPico.exe5

Error: (08/31/2015 05:29:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
at System.IO.File.InternalReadAllBytes(System.String, Boolean)
at AutoPico.EmbeddedAssembly.Load(System.String ByRef, System.String ByRef, AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.SecohQad.CopiarSecoh(AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.Metodos.SetHost(AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.Metodos.IniciarProcesos(AutoPico.Activador.Variables ByRef)
at AutoPico.Principal.Main()

Error: (08/31/2015 01:14:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (08/31/2015 12:25:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/31/2015 12:25:23 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/31/2015 12:25:12 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/31/2015 12:25:12 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/31/2015 12:25:01 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (08/31/2015 12:25:01 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4708) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (08/31/2015 12:24:51 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4708) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.


System errors:
=============
Error: (08/30/2015 08:24:17 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x400000003deda. The name of the file is "<unable to determine file name>".

Error: (08/30/2015 06:51:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (08/30/2015 11:08:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (08/30/2015 10:55:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (08/30/2015 09:41:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Motorola Device Manager Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (08/29/2015 06:48:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (08/29/2015 06:45:23 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (08/29/2015 06:36:25 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (08/29/2015 06:36:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/29/2015 06:36:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


Microsoft Office:
=========================
Error: (08/31/2015 05:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoPico.exe12.1.0.05313ef46KERNELBASE.dll10.0.10240.16384559f38c3e0434352000000000002a1c840f801d0e4340d1aee58C:\Program Files\KMSpico\AutoPico.exeC:\WINDOWS\system32\KERNELBASE.dll5b53a663-e408-4a38-a0f0-a16fb99f5811

Error: (08/31/2015 05:29:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoPico.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
at System.IO.File.InternalReadAllBytes(System.String, Boolean)
at AutoPico.EmbeddedAssembly.Load(System.String ByRef, System.String ByRef, AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.SecohQad.CopiarSecoh(AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.Metodos.SetHost(AutoPico.Activador.Variables ByRef)
at AutoPico.Activador.Metodos.IniciarProcesos(AutoPico.Activador.Variables ByRef)
at AutoPico.Principal.Main()

Error: (08/31/2015 01:14:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (08/31/2015 12:25:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost4708-1032

Error: (08/31/2015 12:25:23 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost4708C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/31/2015 12:25:12 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost4708-1032

Error: (08/31/2015 12:25:12 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost4708C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/31/2015 12:25:01 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost4708-1032

Error: (08/31/2015 12:25:01 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost4708C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied.

Error: (08/31/2015 12:24:51 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost4708-1032


CodeIntegrity:
===================================
Date: 2015-07-31 11:03:52.190
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 6031.3 MB
Available physical RAM: 1908.33 MB
Total Virtual: 6991.3 MB
Available Virtual: 2780.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:46.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3E18D20D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
SECOH-QAD.exe is false positive.
It belongs to KMSpico which I can see being installed on your computer.
Since KMSpico is an Illegal Windows and MS Office activator I'm closing this topic.

If you have some other explanation please feel free to PM me.
 
Status
Not open for further replies.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
794
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back