Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10 odd network issue - Linux dual boot works fine


  • This topic is locked This topic is locked
2 replies to this topic

#1 charlievarley

charlievarley

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands UK
  • Local time:10:02 AM

Posted 09 September 2015 - 09:48 AM

So for some time now I have had intermittent network issue while booted into Windows 10, ping my gateway (router) fine, ping dns names like www.google.co.uk, www.unixmen.com and www.microsoft.com all work fine. Ping my ISP DNS servers fine however if I attempt web browsing or application updates all fail with no internet access.

 

I have tried ethernet and wireless both results are the same across two ISP providers Virgin and BT.

 

If I reboot to Linux and attempt all above I have no issues at all so this is a Windows issue for sure.

 

*HISTORY*

 

I have attempted to investigate this myself and had limited success with Dr Web Cureit! which reported probably DFH.HOST.corrupted but I believed this to be a false positive due to my modification of my host file to limit Windows call home etc.

 

Note: All has been working fine regardless of host mods

 

Anyway I allowed Dr Web Cureit! to fix , rebooted and low and behold all worked ok (this is no longer the case).

 

So I am struggling to identify the cause of this issue and would very much appreciate your help here please. 

 

(All efforts to correct this myself are now stopped)

 

Regards

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
Ran by Charlie (administrator) on CHARLIE-PC (09-09-2015 14:24:53)
Running from N:\
Loaded Profiles: Charlie (Available Profiles: Charlie & DefaultAppPool)
Platform: Windows 10 Pro (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Sphinx Software) C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe
(CSIS Security Group) C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe
(Microsoft) C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DNSService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.VEEAMSQL2012\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsEngineSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Flux Software LLC) C:\Users\Charlie\AppData\Local\FluxSoftware\Flux\flux.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsUI.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [300152 2015-09-06] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [f.lux] => C:\Users\Charlie\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [OneDrive] => C:\Users\Charlie\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-20] (Microsoft Corporation)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [12783648 2015-07-31] (SecureMix LLC)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [Google Update] => C:\Users\Charlie\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-22] (Google Inc.)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [Snip] => C:\Users\Charlie\AppData\Local\Snip\Snip.exe [1302072 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1618472016-857492644-2001240701-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1163264 2015-03-30] (Ruiware LLC)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{03d94501-5c7d-4cae-8107-18a79e56c0fd}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a23cae7c-d40a-4e9a-8a8c-31c5b4bb795b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{a23cae7c-d40a-4e9a-8a8c-31c5b4bb795b}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1618472016-857492644-2001240701-1000 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1618472016-857492644-2001240701-1000 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-06] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-06] (Qihu 360 Software Co., Ltd.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-06] (Oracle Corporation)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://gso.hds.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-18] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll [2014-06-12] (VMware, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1618472016-857492644-2001240701-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Charlie\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1618472016-857492644-2001240701-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Charlie\AppData\Local\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-29] (Google Inc.)
FF Extension: Speed Dial [FVD] - New Tab Page, Sync... - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\pavel.sherbakov@gmail.com [2015-08-16]
FF Extension: Facebook Toolbar Button - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\{72c9fdff-bccd-4fac-a08e-857103c6e721} [2015-08-12]
FF Extension: Gmail Notifier (restartless) - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2015-08-12]
FF Extension: Notifier for Twitter™ - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\jid1-qabDKwVsr2BZyp@jetpack.xpi [2015-08-12]
FF Extension: Clearly - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\readable@evernote.com.xpi [2015-08-12]
FF Extension: Grab and Drag - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\{477c4c36-24eb-11da-94d4-00e08161165f}.xpi [2015-08-12]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-08-12]
FF Extension: Evernote Web Clipper - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2015-08-12]
FF Extension: QuickJava - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2015-08-12]
FF Extension: ProfileSwitcher - C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\akrstsbz.default\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2015-08-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-09-04]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
 
Opera: 
=======
OPR Extension: (360 Internet Protection) - C:\Users\Charlie\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2015-08-02]
OPR Extension: (WOT) - C:\Users\Charlie\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-06-16]
OPR Extension: (Adblock Plus) - C:\Users\Charlie\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-06-16]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-02-15] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-10] (Dropbox, Inc.)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [7445536 2015-07-31] (SecureMix LLC)
R2 HeimdalSecureDNS; C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe [93776 2015-08-14] (Microsoft)
R2 HeimdalService; C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe [132688 2015-08-14] (CSIS Security Group)
S3 ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation)
R2 MSSQL$VEEAMSQL2012; C:\Program Files\Microsoft SQL Server\MSSQL11.VEEAMSQL2012\MSSQL\Binn\sqlservr.exe [194240 2015-05-05] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-06] (QIHU 360 SOFTWARE CO. LIMITED)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 rscp; C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe [163576 2015-09-09] ()
R2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [80144 2015-08-13] (Reason Software Company Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S4 SQLAgent$VEEAMSQL2012; C:\Program Files\Microsoft SQL Server\MSSQL11.VEEAMSQL2012\MSSQL\Binn\SQLAGENT.EXE [613056 2015-05-05] (Microsoft Corporation)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 Windows10FirewallService; C:\Program Files\Windows10FirewallControl\Windows10FirewallService.exe [4445752 2015-05-29] (Sphinx Software)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-07-31] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-06] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-06] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-07-31] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-07-31] (360.cn)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-07-31] (360.cn)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-06-16] ()
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [32792 2015-06-30] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [42672 2015-09-04] (SteelSeries ApS)
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [117248 2010-11-21] (Microsoft Corporation) [File not signed]
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [130848 2015-07-31] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [107872 2015-09-06] (Zemana Ltd.)
U3 idsvc; no ImagePath
S3 MFE_RR; \??\C:\Users\Charlie\AppData\Local\Temp\mfe_rr.sys [X]
U4 nxfs; no ImagePath
U4 nxpcap; no ImagePath
U4 nxsshd; no ImagePath
U4 nxusbd; no ImagePath
U4 nxusbh; no ImagePath
U4 nxusbs; no ImagePath
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\NZXT\CAM\CAM_Client_V2.sys [X]
U3 wpcsvc; no ImagePath
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-09 14:24 - 2015-09-09 14:24 - 00000000 ____D C:\FRST
2015-09-09 13:46 - 2015-09-09 13:46 - 00000000 ____D C:\Users\Charlie\Documents\ProcAlyzer Dumps
2015-09-09 13:43 - 2015-09-09 13:43 - 00016148 _____ C:\WINDOWS\system32\CHARLIE-PC_Charlie_HistoryPrediction.bin
2015-09-09 13:21 - 2015-09-09 13:21 - 00165652 _____ C:\WINDOWS\PFRO.log
2015-09-09 13:14 - 2015-09-09 13:14 - 00000000 ____D C:\Program Files\LockHunter
2015-09-09 12:47 - 2015-09-09 12:47 - 00000000 ____D C:\Device
2015-09-09 11:23 - 2015-09-09 13:39 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-09 10:56 - 2015-09-09 10:56 - 00007246 _____ C:\Users\Charlie\Documents\cc_20150909_105651.reg
2015-09-09 10:52 - 2015-09-09 10:54 - 00010349 _____ C:\AdwCleaner[S14].txt
2015-09-09 10:42 - 2015-09-09 10:42 - 00189464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 08:52 - 2015-09-02 02:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-09 08:52 - 2015-09-02 01:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-09 08:52 - 2015-09-02 01:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-09 08:52 - 2015-08-27 07:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 08:52 - 2015-08-27 07:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 08:52 - 2015-08-27 07:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-09 08:52 - 2015-08-27 06:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 08:52 - 2015-08-27 06:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 08:52 - 2015-08-27 06:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 08:52 - 2015-08-27 06:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 08:52 - 2015-08-27 06:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 08:52 - 2015-08-27 06:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 08:52 - 2015-08-27 06:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 08:52 - 2015-08-27 06:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 08:52 - 2015-08-27 06:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 08:52 - 2015-08-27 06:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 08:52 - 2015-08-27 06:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 08:52 - 2015-08-27 06:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-09 08:52 - 2015-08-27 06:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 08:52 - 2015-08-27 06:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 08:52 - 2015-08-27 06:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 08:52 - 2015-08-27 06:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 08:52 - 2015-08-27 06:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 08:52 - 2015-08-27 06:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-09 08:52 - 2015-08-27 06:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 08:52 - 2015-08-27 06:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 08:52 - 2015-08-27 06:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 08:52 - 2015-08-27 06:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 08:52 - 2015-08-27 06:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 08:52 - 2015-08-27 06:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 08:52 - 2015-08-27 06:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 08:52 - 2015-08-27 06:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-09 07:19 - 2015-09-09 07:19 - 00001222 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2015-09-09 07:17 - 2015-09-09 07:17 - 00000000 ____D C:\ProgramData\Reason
2015-09-09 07:14 - 2015-09-09 10:47 - 00012294 _____ C:\Users\Charlie\AppData\Local\SnipUsages.txt
2015-09-08 19:53 - 2015-09-08 19:53 - 00000222 _____ C:\Users\Charlie\Desktop\Pillars of Eternity.url
2015-09-08 08:55 - 2015-09-08 10:42 - 00000000 ____D C:\Users\Charlie\Downloads\Udemy - Introduction to Computer Networks for Non-Techies
2015-09-07 19:49 - 2015-09-07 19:49 - 00067793 _____ C:\Users\Charlie\Downloads\EICARgen_V2_1.zip
2015-09-07 19:44 - 2015-09-07 19:44 - 00000000 ____D C:\Users\Charlie\Downloads\pdf-doc-vba-eicar-dropper
2015-09-06 16:32 - 2015-09-06 18:32 - 00000000 ____D C:\Users\Charlie\Downloads\Survival For Those Left-Behind - 18 - 717 Encyclopedia's of Everthing - Mega Pack 2
2015-09-06 10:22 - 2015-09-06 10:22 - 00841376 _____ C:\Users\Charlie\Documents\cc_20150906_102204.reg
2015-09-06 09:42 - 2015-09-06 09:44 - 00000000 ____D C:\Users\Charlie\Desktop\Virus
2015-09-06 08:52 - 2015-09-06 09:11 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\WinPatrol
2015-09-06 08:51 - 2015-09-06 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-09-06 08:51 - 2015-09-06 08:51 - 00000000 ____D C:\ProgramData\InstallMate
2015-09-06 08:51 - 2015-09-06 08:51 - 00000000 ____D C:\Program Files (x86)\Ruiware
2015-09-06 08:46 - 2015-09-09 12:42 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2015-09-06 08:46 - 2015-09-06 08:46 - 00107872 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2015-09-06 08:46 - 2015-09-06 08:46 - 00000000 ____D C:\Users\Charlie\AppData\Local\Zemana
2015-09-06 08:18 - 2015-09-06 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-09-06 08:18 - 2015-09-06 08:18 - 00000000 ____D C:\Program Files (x86)\WinPcap
2015-09-06 08:17 - 2015-09-06 08:17 - 01806490 _____ (arcai.com ) C:\Users\Charlie\Downloads\netcutdefender.exe
2015-09-06 08:16 - 2015-09-06 08:17 - 01748153 _____ (arcai.com ) C:\Users\Charlie\Downloads\netcut.exe
2015-09-06 00:00 - 2015-09-06 00:00 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-05 23:57 - 2015-09-05 23:57 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2015-09-05 23:57 - 2015-09-05 23:57 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2015-09-05 23:56 - 2015-09-05 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSIS Heimdal
2015-09-05 22:40 - 2015-09-05 22:40 - 00003632 _____ C:\WINDOWS\System32\Tasks\ReasonSecurityScheduledScan
2015-09-05 22:40 - 2015-09-05 22:40 - 00003488 _____ C:\WINDOWS\System32\Tasks\ReasonSecurityStart
2015-09-05 22:39 - 2015-09-05 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2015-09-05 22:39 - 2015-09-05 22:39 - 00000000 ____D C:\Program Files\Reason
2015-09-05 22:36 - 2015-09-05 23:56 - 00000000 ____D C:\Program Files (x86)\Heimdal
2015-09-05 22:36 - 2015-09-05 22:36 - 00000000 ____D C:\ProgramData\CSIS
2015-09-05 22:21 - 2015-09-09 09:29 - 00001514 __RSH C:\ProgramData\ntuser.pol
2015-09-05 20:48 - 2015-09-05 20:48 - 00011900 _____ C:\Users\Charlie\Documents\cc_20150905_204831.reg
2015-09-05 17:56 - 2015-09-05 17:56 - 00000000 ____D C:\ProgramData\HitmanPro
2015-09-04 18:03 - 2015-09-09 09:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-04 03:20 - 2015-09-04 03:20 - 00042672 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2015-09-03 22:31 - 2015-09-03 22:31 - 00000000 ____D C:\Users\Charlie\Downloads\Muscle & Performance – September 2015
2015-09-03 21:45 - 2015-09-03 21:45 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip
2015-09-03 21:45 - 2015-09-03 21:45 - 00000000 ____D C:\Users\Charlie\AppData\Local\Snip
2015-09-03 20:34 - 2015-09-03 20:42 - 00000000 ____D C:\Users\Charlie\Downloads\Assorted Magazines Bundle - September 3 2015 (True PDF)
2015-09-03 20:31 - 2015-09-03 20:31 - 00000222 _____ C:\Users\Charlie\Desktop\Act of Aggression.url
2015-09-01 16:48 - 2015-09-01 16:48 - 00002206 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-09-01 16:48 - 2015-08-25 15:18 - 00574072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-09-01 16:46 - 2015-08-25 19:38 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 16646624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 15630616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 15334976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 14945552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 13667032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 12192048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 01178576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 01064752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00986232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00785152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00631312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00408368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00387536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00339576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-09-01 16:46 - 2015-08-25 19:38 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-09-01 14:19 - 2015-09-01 14:22 - 00000000 ____D C:\Users\Charlie\Downloads\Sometimes four eyes are better than two (50 Photos)
2015-09-01 09:44 - 2015-09-01 09:44 - 00000000 ____D C:\Users\Charlie\Downloads\Wayne Dyer - How To Be A No Limit Person
2015-09-01 09:43 - 2015-09-01 09:44 - 00000000 ____D C:\Users\Charlie\Downloads\The Essential Wayne Dyer Collection [Epub & PDF] [StormRG]
2015-08-31 21:42 - 2015-08-31 21:42 - 00000000 ____D C:\Users\Charlie\Downloads\depends22_x64
2015-08-30 14:46 - 2015-08-30 14:46 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\dvdcss
2015-08-30 14:36 - 2015-08-30 14:37 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\DVDVideoSoft
2015-08-30 14:36 - 2015-08-30 14:37 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-30 14:36 - 2015-08-30 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-30 09:45 - 2015-08-30 09:45 - 00000000 ____D C:\Tools
2015-08-30 09:42 - 2015-08-30 09:42 - 00000000 ____D C:\Users\Charlie\Downloads\wft_v3.0.08_nc
2015-08-30 09:24 - 2015-08-30 13:44 - 699668480 _____ C:\Users\Charlie\Downloads\deftv5.iso
2015-08-29 22:43 - 2015-08-11 05:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-08-29 22:43 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-29 22:43 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-08-29 22:42 - 2015-09-09 10:47 - 00160974 _____ C:\Users\Charlie\AppData\Local\Snip.txt
2015-08-29 22:42 - 2015-09-03 21:45 - 00002047 _____ C:\Users\Charlie\Desktop\Snip.lnk
2015-08-29 22:42 - 2015-09-01 12:25 - 00000000 ____D C:\Users\Charlie\Documents\My Snips
2015-08-29 22:41 - 2015-09-03 21:45 - 00000000 ____D C:\Users\Charlie\AppData\Local\Package Cache
2015-08-28 21:39 - 2015-08-28 21:39 - 00002521 _____ C:\Users\Public\Desktop\DeepSound.lnk
2015-08-28 21:39 - 2015-08-28 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeepSound 1.6
2015-08-28 21:39 - 2015-08-28 21:39 - 00000000 ____D C:\Program Files (x86)\DeepSound 1.6
2015-08-28 21:38 - 2015-08-28 21:38 - 02702426 _____ C:\Users\Charlie\Downloads\DeepSoundSetup.msi
2015-08-28 21:30 - 2015-09-06 10:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-08-28 21:30 - 2015-09-05 13:08 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-08-28 19:42 - 2015-08-28 19:42 - 00000000 ____D C:\Users\Charlie\Documents\Larian Studios
2015-08-28 19:41 - 2015-08-28 19:41 - 00000000 ____D C:\ProgramData\Steam
2015-08-28 09:24 - 2015-08-28 09:25 - 00003656 _____ C:\Users\Charlie\Documents\cc_20150828_092453.reg
2015-08-27 22:59 - 2015-08-28 21:16 - 00000000 ____D C:\Users\Charlie\Downloads\Computer & Gamer Magazines - August 24 2015
2015-08-27 18:25 - 2015-08-20 07:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-27 18:25 - 2015-08-20 07:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-27 18:25 - 2015-08-20 06:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-27 18:25 - 2015-08-20 06:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-27 18:25 - 2015-08-18 08:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-27 18:25 - 2015-08-18 08:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-27 18:25 - 2015-08-18 08:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-27 18:25 - 2015-08-18 07:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-27 18:24 - 2015-08-20 07:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-27 18:24 - 2015-08-20 06:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-27 18:24 - 2015-08-20 06:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-27 18:24 - 2015-08-18 08:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-27 18:24 - 2015-08-18 08:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-27 18:24 - 2015-08-18 08:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-27 18:24 - 2015-08-18 08:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-27 18:24 - 2015-08-18 08:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-27 18:24 - 2015-08-18 08:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-27 18:24 - 2015-08-18 08:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-27 18:24 - 2015-08-18 08:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-27 18:24 - 2015-08-18 07:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-27 18:24 - 2015-08-18 07:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-27 18:24 - 2015-08-18 07:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-27 18:24 - 2015-08-18 07:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-27 18:24 - 2015-08-18 07:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-27 18:24 - 2015-08-18 07:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-27 18:24 - 2015-08-18 07:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-27 18:24 - 2015-08-18 07:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-27 18:24 - 2015-08-18 07:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-27 18:24 - 2015-08-18 07:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-27 18:24 - 2015-08-18 07:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-27 18:24 - 2015-08-18 07:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-27 18:24 - 2015-08-18 07:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-27 18:24 - 2015-08-18 07:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-27 18:24 - 2015-08-18 07:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-27 18:24 - 2015-08-18 07:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-27 18:24 - 2015-08-18 07:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-27 18:24 - 2015-08-18 07:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-27 18:24 - 2015-08-18 07:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-27 18:24 - 2015-08-18 07:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-27 18:24 - 2015-08-18 07:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-27 18:24 - 2015-08-18 05:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-26 20:45 - 2015-08-26 20:49 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\KeePass
2015-08-26 20:42 - 2015-08-26 20:49 - 00006958 _____ C:\Users\Charlie\Documents\CVDatabase.kdbx
2015-08-26 20:38 - 2015-08-26 20:38 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2015-08-26 20:38 - 2015-08-26 20:38 - 00001174 _____ C:\Users\Charlie\Desktop\KeePass 2.lnk
2015-08-26 20:38 - 2015-08-26 20:38 - 00000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
2015-08-25 20:32 - 2015-08-25 20:32 - 00073262 _____ C:\Users\Charlie\Documents\cc_20150825_203158.reg
2015-08-25 20:32 - 2015-08-25 20:32 - 00008554 _____ C:\Users\Charlie\Documents\cc_20150825_203221.reg
2015-08-25 20:21 - 2015-08-25 20:27 - 00000000 ____D C:\Program Files\Windows10FirewallControl
2015-08-25 20:04 - 2015-08-25 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-25 08:12 - 2015-08-25 08:12 - 00331776 _____ C:\Users\Charlie\Documents\FREEHDI-RS-FreeNAS-9.3-STABLE-201508250051-20150825081237.db
2015-08-22 10:30 - 2015-08-22 10:30 - 00000000 ____D C:\Users\Charlie\AppData\Local\NetworkTiles
2015-08-22 10:28 - 2015-09-06 08:20 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1618472016-857492644-2001240701-1000UA.job
2015-08-22 10:28 - 2015-09-06 08:20 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1618472016-857492644-2001240701-1000Core.job
2015-08-22 10:28 - 2015-09-06 00:20 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1618472016-857492644-2001240701-1000UA
2015-08-22 10:28 - 2015-09-06 00:20 - 00003684 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1618472016-857492644-2001240701-1000Core
2015-08-22 10:28 - 2015-08-22 10:28 - 00001329 _____ C:\Users\Charlie\Desktop\Chromecast.lnk
2015-08-22 10:28 - 2015-08-22 10:28 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2015-08-22 09:47 - 2015-08-22 09:47 - 00000000 ____D C:\Users\Charlie\Downloads\Linux Voice – August 2015
2015-08-22 09:44 - 2015-08-22 09:44 - 00000000 ____D C:\Users\Charlie\Downloads\Linux Voice – September 2015
2015-08-22 09:30 - 2015-08-22 09:34 - 00000000 ____D C:\Users\Charlie\Downloads\CyberTrend - (September 2015)[GLODLS]
2015-08-21 20:44 - 2015-08-21 20:48 - 00001972 _____ C:\Users\Public\Desktop\SilentEye.lnk
2015-08-21 20:44 - 2015-08-21 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SilentEye
2015-08-21 20:44 - 2015-08-21 20:44 - 00000000 ____D C:\Program Files (x86)\silenteye
2015-08-21 18:40 - 2015-08-21 18:40 - 00000000 ____D C:\Users\Charlie\Downloads\Easy2Boot_v1.71DPMS
2015-08-21 15:15 - 2015-08-21 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rawrite32
2015-08-21 15:15 - 2015-08-21 15:15 - 00000000 ____D C:\Program Files (x86)\Rawrite32
2015-08-20 20:12 - 2015-09-05 22:22 - 00003346 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1432752443
2015-08-20 18:17 - 2015-08-13 05:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-20 18:17 - 2015-08-13 05:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-20 18:17 - 2015-08-13 04:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-20 18:17 - 2015-08-11 11:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-20 18:17 - 2015-08-11 11:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-20 18:17 - 2015-08-11 11:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-20 18:17 - 2015-08-11 11:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-20 18:17 - 2015-08-11 11:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-20 18:17 - 2015-08-11 11:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-20 18:17 - 2015-08-11 11:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-20 18:17 - 2015-08-11 10:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-20 18:17 - 2015-08-11 10:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-20 18:17 - 2015-08-11 10:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-20 18:17 - 2015-08-11 10:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-20 18:17 - 2015-08-11 10:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-20 18:17 - 2015-08-11 10:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-20 18:17 - 2015-08-11 10:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-20 18:17 - 2015-08-11 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-20 18:17 - 2015-08-11 10:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-20 18:17 - 2015-08-11 10:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-20 18:17 - 2015-08-11 10:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-20 18:17 - 2015-08-11 10:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-20 18:17 - 2015-08-11 10:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-20 18:17 - 2015-08-11 10:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-20 18:17 - 2015-08-11 10:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-20 18:17 - 2015-08-11 10:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-20 18:17 - 2015-08-11 10:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-20 18:17 - 2015-08-11 10:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-20 18:17 - 2015-08-11 10:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-20 18:17 - 2015-08-11 10:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-20 18:17 - 2015-08-11 10:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 18:17 - 2015-08-11 10:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-20 18:17 - 2015-08-11 10:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-20 18:17 - 2015-08-11 10:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-20 18:17 - 2015-08-11 10:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-20 18:17 - 2015-08-11 10:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-20 18:17 - 2015-08-11 10:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-20 18:17 - 2015-08-11 10:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-20 18:17 - 2015-08-11 10:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-20 18:17 - 2015-08-11 10:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-20 18:17 - 2015-08-11 10:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-20 18:17 - 2015-08-11 10:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-20 18:17 - 2015-08-11 10:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-20 18:17 - 2015-08-11 10:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-20 18:17 - 2015-08-11 10:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-20 18:17 - 2015-08-11 10:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-20 18:17 - 2015-08-11 10:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-20 18:17 - 2015-08-11 10:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-20 18:17 - 2015-08-11 10:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-20 18:17 - 2015-08-11 10:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-20 18:17 - 2015-08-11 10:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-20 18:17 - 2015-08-11 10:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-20 18:17 - 2015-08-11 09:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-20 18:17 - 2015-08-11 09:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-20 18:17 - 2015-08-11 09:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-20 18:17 - 2015-08-11 09:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-20 18:17 - 2015-08-11 09:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-20 18:17 - 2015-08-11 09:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-20 18:17 - 2015-08-11 09:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-20 18:17 - 2015-08-11 09:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-20 18:17 - 2015-08-11 09:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-20 18:17 - 2015-08-11 09:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-20 18:17 - 2015-08-11 09:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-20 18:17 - 2015-08-11 09:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-20 18:17 - 2015-08-11 09:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-20 18:17 - 2015-08-11 09:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-20 18:17 - 2015-08-11 09:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-20 18:17 - 2015-08-11 09:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-20 18:17 - 2015-08-11 09:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-20 18:17 - 2015-08-11 09:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-20 18:17 - 2015-08-11 09:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-20 18:17 - 2015-08-11 09:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-20 18:17 - 2015-08-11 09:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-20 18:17 - 2015-08-11 09:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-20 18:17 - 2015-08-11 09:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 20:15 - 2015-08-18 20:15 - 00000000 ____D C:\Users\Charlie\Tracing
2015-08-18 20:08 - 2015-09-05 22:22 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Skype
2015-08-18 20:08 - 2015-08-18 20:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-18 20:08 - 2015-08-18 20:08 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-18 20:08 - 2015-08-18 20:08 - 00000000 ____D C:\Users\Charlie\AppData\Local\Skype
2015-08-18 20:08 - 2015-08-18 20:08 - 00000000 ____D C:\ProgramData\Skype
2015-08-18 20:08 - 2015-08-18 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-17 18:38 - 2015-08-17 18:48 - 00000000 ____D C:\Users\Charlie\AppData\Local\ShamurShamur
2015-08-17 08:10 - 2015-08-17 14:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-08-16 09:44 - 2015-08-16 09:44 - 00312320 _____ C:\Users\Charlie\Documents\FREEHDI-RS-FreeNAS-9.3-STABLE-201506292130-20150816094440.db
2015-08-16 09:37 - 2015-08-16 09:37 - 00000000 ____D C:\Users\Charlie\Downloads\EasyNetMonitor
2015-08-16 09:36 - 2015-08-16 09:36 - 00000000 ____D C:\Users\Charlie\Documents\EasyNetMonitor
2015-08-14 22:35 - 2015-08-14 22:35 - 00000000 ____D C:\Users\Charlie\Downloads\DriveInfo
2015-08-14 11:12 - 2015-08-14 11:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-08-14 11:12 - 2015-08-14 11:12 - 00000000 ____D C:\Users\DefaultAppPool
2015-08-14 11:12 - 2015-08-13 07:28 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 11:12 - 2015-07-30 22:42 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-08-14 11:12 - 2015-07-10 12:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-14 11:12 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 11:12 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-14 11:12 - 2015-07-10 12:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-14 10:19 - 2015-08-07 12:07 - 00040280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-08-14 10:18 - 2015-08-25 19:38 - 03074776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-14 10:18 - 2015-08-07 12:07 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll
2015-08-14 10:18 - 2015-08-07 12:07 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll
2015-08-13 16:36 - 2015-08-13 16:36 - 01731848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2015-08-13 16:21 - 2015-08-13 16:21 - 00453277 _____ C:\Users\Charlie\Documents\hosts.txt
2015-08-13 16:14 - 2015-08-13 16:14 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-13 15:35 - 2015-08-14 19:55 - 00000000 ____D C:\Users\Charlie\Downloads\The Second Coming of Steve Jobs (2000)
2015-08-13 15:24 - 2015-08-13 15:25 - 05239221 _____ C:\Users\Charlie\Downloads\Revolution in the Valley - Andy Hertzfeld.epub
2015-08-12 09:29 - 2015-08-08 08:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 09:29 - 2015-08-08 08:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 09:29 - 2015-08-08 07:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 09:29 - 2015-08-08 07:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 09:29 - 2015-08-08 07:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 09:29 - 2015-08-06 04:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-12 09:29 - 2015-08-06 04:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-12 09:29 - 2015-08-06 03:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-12 09:29 - 2015-08-05 05:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-12 09:29 - 2015-08-05 05:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 09:29 - 2015-08-05 05:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-12 09:29 - 2015-08-05 04:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-12 09:29 - 2015-08-05 04:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 09:29 - 2015-08-04 05:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 09:29 - 2015-08-04 05:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-12 09:29 - 2015-08-04 05:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-12 09:29 - 2015-08-04 04:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-12 09:29 - 2015-08-04 03:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-12 09:29 - 2015-08-04 03:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 09:29 - 2015-08-03 03:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-12 09:29 - 2015-08-03 03:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 09:29 - 2015-08-03 03:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-12 09:29 - 2015-08-03 03:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-12 09:29 - 2015-08-03 03:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-12 09:29 - 2015-08-03 03:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-12 09:29 - 2015-08-03 03:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-12 09:29 - 2015-08-03 03:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-12 09:29 - 2015-08-03 03:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-12 09:29 - 2015-08-03 03:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-12 09:29 - 2015-08-03 02:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 09:29 - 2015-08-03 02:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 09:29 - 2015-08-03 02:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-12 09:29 - 2015-08-03 02:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-12 09:29 - 2015-08-03 02:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-12 09:29 - 2015-08-03 02:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 09:29 - 2015-08-03 02:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 09:29 - 2015-08-03 02:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-12 09:29 - 2015-08-03 02:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-12 09:29 - 2015-08-03 02:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-12 09:29 - 2015-08-03 02:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-12 09:29 - 2015-08-03 02:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-12 09:29 - 2015-08-03 02:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-12 09:29 - 2015-08-03 02:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-12 09:29 - 2015-08-03 02:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-12 09:29 - 2015-08-03 02:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 09:29 - 2015-08-03 02:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 09:29 - 2015-08-03 02:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 09:29 - 2015-08-03 02:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 09:29 - 2015-08-03 01:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-12 09:28 - 2015-08-03 03:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-12 09:28 - 2015-08-03 02:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-12 09:28 - 2015-08-03 02:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-12 09:28 - 2015-08-03 02:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-12 09:28 - 2015-08-03 02:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-12 09:28 - 2015-08-03 02:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-12 09:28 - 2015-08-03 02:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-12 09:28 - 2015-08-03 02:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-12 09:28 - 2015-08-03 02:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-12 09:28 - 2015-08-03 02:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 09:28 - 2015-08-03 02:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-12 09:28 - 2015-08-03 02:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 12:08 - 2015-08-11 12:08 - 01197568 _____ (Razer Inc) C:\WINDOWS\SysWOW64\rzdevicedll.dll
2015-08-11 12:08 - 2015-08-11 12:08 - 00421888 _____ (Razer Inc) C:\WINDOWS\SysWOW64\rzaudiodll.dll
2015-08-11 12:08 - 2015-08-11 12:08 - 00155648 _____ (Razer Inc) C:\WINDOWS\SysWOW64\rztouchdll.dll
2015-08-11 12:08 - 2015-08-11 12:08 - 00117248 _____ (Razer Inc) C:\WINDOWS\SysWOW64\rzdisplaydll.dll
2015-08-11 12:08 - 2015-08-11 12:08 - 00090112 _____ (Razer Inc) C:\WINDOWS\SysWOW64\rzdevinfo.dll
2015-08-10 15:07 - 2015-08-10 15:07 - 00000000 ____D C:\Users\Charlie\Downloads\Practical Linux Infrastructure [2015]
2015-08-10 08:56 - 2015-08-25 20:04 - 00000000 ___RD C:\Users\Charlie\Dropbox
2015-08-10 08:56 - 2015-08-10 08:56 - 00001299 _____ C:\Users\Charlie\Desktop\Dropbox.lnk
2015-08-10 08:52 - 2015-09-06 08:20 - 00000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-08-10 08:52 - 2015-09-06 07:57 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-08-10 08:52 - 2015-08-25 20:04 - 00000000 ____D C:\Users\Charlie\AppData\Local\Dropbox
2015-08-10 08:52 - 2015-08-25 20:04 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-10 08:52 - 2015-08-10 08:52 - 00003992 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-08-10 08:52 - 2015-08-10 08:52 - 00003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-08-10 08:52 - 2015-08-10 08:52 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Dropbox
2015-08-10 08:52 - 2015-08-10 08:52 - 00000000 ____D C:\ProgramData\Dropbox
2015-08-10 07:24 - 2015-08-10 07:24 - 00000565 _____ C:\Users\Public\Desktop\Cygwin64 Terminal.lnk
2015-08-10 07:24 - 2015-08-10 07:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cygwin
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-09-09 14:21 - 2015-05-27 19:34 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{031082C7-2697-4586-A6DF-65725A5F5915}
2015-09-09 13:46 - 2015-07-30 22:38 - 01130054 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-09 13:45 - 2015-05-27 19:52 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-09 13:43 - 2015-06-10 17:17 - 00003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2015-09-09 13:43 - 2015-05-27 20:12 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 13:39 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-09 13:36 - 2015-07-30 22:39 - 00000000 ____D C:\Users\Charlie
2015-09-09 13:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-09 13:36 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-09-09 13:08 - 2015-07-30 22:49 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-09-09 12:53 - 2015-07-25 11:33 - 00000000 ____D C:\Users\Charlie\Downloads\Virus
2015-09-09 12:49 - 2015-07-05 10:10 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Notepad++
2015-09-09 11:14 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-09 10:45 - 2015-07-16 15:28 - 00000000 ____D C:\AdwCleaner
2015-09-09 09:32 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-09 09:31 - 2015-07-05 12:17 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\uTorrent
2015-09-09 09:31 - 2015-05-27 19:49 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-09 09:03 - 2015-05-27 19:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-09 09:01 - 2015-07-10 17:29 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 09:01 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-09 08:57 - 2015-05-27 21:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-09 07:19 - 2015-08-01 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-09-08 15:54 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-08 12:53 - 2015-07-02 21:49 - 00000000 ____D C:\Users\Charlie\AppData\Local\PornTime
2015-09-07 20:03 - 2015-08-01 23:04 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\360Safe
2015-09-07 19:46 - 2015-07-22 16:27 - 00000000 ____D C:\Users\Charlie\Documents\Calibre Library
2015-09-06 22:10 - 2015-06-18 22:04 - 00000000 ____D C:\Users\Charlie\Downloads\PopcornTime
2015-09-06 10:23 - 2015-05-27 22:45 - 00000000 ____D C:\Users\Charlie\AppData\Local\Battle.net
2015-09-06 10:09 - 2015-08-01 23:02 - 00000000 _RSHD C:\360SANDBOX
2015-09-06 09:59 - 2015-07-19 11:15 - 00007653 _____ C:\Users\Charlie\AppData\Local\Resmon.ResmonCfg
2015-09-06 09:30 - 2015-07-25 11:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-06 09:22 - 2015-08-04 15:02 - 00000000 ____D C:\Users\Charlie\.nx
2015-09-06 09:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-06 09:11 - 2015-07-25 10:25 - 00000000 ____D C:\Users\Charlie\Doctor Web
2015-09-06 07:43 - 2015-08-01 23:02 - 00319568 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2015-09-06 07:43 - 2015-08-01 23:02 - 00077904 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2015-09-06 00:26 - 2015-05-28 10:04 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-09-06 00:13 - 2015-07-30 18:11 - 00000000 ____D C:\Program Files\KMSpico
2015-09-06 00:06 - 2015-07-17 15:14 - 00000000 ____D C:\Program Files\Windows KMS Activator Ultimate 2015 v2.5
2015-09-06 00:06 - 2015-07-17 12:50 - 00000000 ____D C:\Program Files\Windows Vista - 7 - 8 - 8.1 KMS Activator Ultimate 2014 v1.8
2015-09-06 00:00 - 2015-05-27 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-06 00:00 - 2015-05-27 19:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-05 23:59 - 2015-05-27 19:49 - 00000000 ____D C:\Program Files\Java
2015-09-05 22:22 - 2015-07-30 23:33 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-05 22:22 - 2015-05-27 20:59 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\vlc
2015-09-05 22:21 - 2015-05-27 19:47 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-05 20:48 - 2015-05-28 11:31 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\MPC-HC
2015-09-05 20:47 - 2015-07-31 21:56 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-05 17:28 - 2015-05-27 22:23 - 00000000 ____D C:\Users\Charlie\AppData\Local\SteelSeries Engine 3 Client
2015-09-04 19:00 - 2015-07-22 16:27 - 00001029 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-09-04 19:00 - 2015-07-22 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-09-04 19:00 - 2015-07-22 16:27 - 00000000 ____D C:\Program Files (x86)\Calibre2
2015-09-01 16:48 - 2015-07-30 22:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 16:48 - 2015-07-17 18:14 - 00000000 ____D C:\temp
2015-09-01 16:48 - 2015-07-17 10:57 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-01 16:48 - 2015-05-27 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-31 11:59 - 2015-08-01 23:08 - 00000000 __SHD C:\$360Section
2015-08-31 11:59 - 2015-08-01 23:07 - 00000000 ____D C:\ProgramData\360Quarant
2015-08-30 23:47 - 2015-07-23 04:02 - 11188880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-30 14:37 - 2015-05-27 19:17 - 00000000 ____D C:\Users\Charlie\AppData\Local\VirtualStore
2015-08-30 09:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-29 22:43 - 2015-05-27 22:19 - 00001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-08-28 08:30 - 2015-08-09 20:59 - 00000000 ____D C:\Users\Charlie\Downloads\Windows Powershell -  Best Practices
2015-08-27 19:07 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-27 13:47 - 2015-05-27 22:27 - 00000000 ____D C:\Users\Charlie\Desktop\Tor Browser
2015-08-27 01:37 - 2015-05-27 22:19 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-27 01:37 - 2015-05-27 22:19 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-27 01:36 - 2015-05-27 22:19 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-27 01:36 - 2015-05-27 22:19 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-25 19:38 - 2015-07-23 04:02 - 18569336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-25 19:38 - 2015-07-23 04:02 - 17932648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-25 19:38 - 2015-07-23 04:02 - 12611824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-25 19:38 - 2015-07-23 04:02 - 03480792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-25 19:38 - 2015-07-23 04:02 - 00034044 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-25 19:38 - 2015-05-27 21:51 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-25 19:38 - 2015-05-27 21:51 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-25 18:20 - 2015-06-25 21:55 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-25 18:20 - 2015-05-28 08:38 - 00000000 ____D C:\Program Files\CCleaner
2015-08-25 16:57 - 2015-07-17 10:57 - 06884984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-25 16:57 - 2015-07-17 10:57 - 03496752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-25 16:57 - 2015-07-17 10:57 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-25 16:57 - 2015-07-17 10:57 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-25 16:57 - 2015-07-17 10:57 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-25 16:57 - 2015-07-17 10:57 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-25 14:02 - 2015-07-17 10:57 - 05165808 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-22 19:27 - 2015-07-04 12:13 - 00015344 _____ C:\WINDOWS\system32\Svc.CatalogSvc.GuestDataBrowser.log
2015-08-22 19:27 - 2015-07-04 11:43 - 00000000 ____D C:\ProgramData\Veeam
2015-08-22 10:28 - 2015-05-27 19:20 - 00000000 ____D C:\Users\Charlie\AppData\Local\Google
2015-08-21 03:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-20 20:12 - 2015-05-27 19:47 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-20 18:13 - 2015-07-30 22:48 - 00002380 _____ C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-20 18:13 - 2015-07-30 22:48 - 00000000 ___RD C:\Users\Charlie\OneDrive
2015-08-18 09:27 - 2015-05-27 19:48 - 00000000 ____D C:\Users\Charlie\AppData\Local\Adobe
2015-08-17 08:16 - 2015-07-29 15:54 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\CDisplayEx
2015-08-16 14:29 - 2015-05-28 10:04 - 00004018 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-08-14 11:05 - 2015-07-09 23:18 - 00000000 ____D C:\Users\Charlie\Downloads\networklatencyview-x64
2015-08-13 16:36 - 2015-07-13 09:34 - 00202952 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzudd.sys
2015-08-13 16:36 - 2014-12-30 10:35 - 00050392 _____ (Razer Inc) C:\WINDOWS\system32\Drivers\rzendpt.sys
2015-08-13 16:14 - 2015-07-05 10:10 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-08-13 13:24 - 2015-07-25 13:30 - 00000000 ____D C:\Users\Charlie\AppData\Roaming\Guild Wars 2
2015-08-13 07:30 - 2015-05-27 19:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 07:30 - 2015-05-27 19:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-13 07:28 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 07:28 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 07:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-13 07:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-12 09:51 - 2015-05-27 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 07:23 - 2015-08-05 07:46 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-08-10 07:24 - 2015-08-09 20:37 - 00000000 ____D C:\cygwin64
 
==================== Files in the root of some directories =======
 
2015-07-24 22:18 - 2015-08-01 20:35 - 1065984 _____ () C:\Users\Charlie\AppData\Local\file__0.localstorage
2015-07-19 11:15 - 2015-09-06 09:59 - 0007653 _____ () C:\Users\Charlie\AppData\Local\Resmon.ResmonCfg
2015-08-29 22:42 - 2015-09-09 10:47 - 0160974 _____ () C:\Users\Charlie\AppData\Local\Snip.txt
2015-09-09 07:14 - 2015-09-09 10:47 - 0012294 _____ () C:\Users\Charlie\AppData\Local\SnipUsages.txt
 
Some files in TEMP:
====================
C:\Users\Charlie\AppData\Local\Temp\rscp_setup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-09-01 07:30
 
==================== End of FRST.txt ============================

Attached Files


Edited by charlievarley, 09 September 2015 - 02:01 PM.


BC AdBot (Login to Remove)

 


#2 charlievarley

charlievarley
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands UK
  • Local time:10:02 AM

Posted 10 September 2015 - 07:46 AM

Dear All,

 

Please do not look into this suspected infection it turned out to be a corrupt .ddl file for my firewall Glasswire that was causing what looked like an infection.

 

Thanks to FRST tool and viewing the Additional.txt it was starring me right in the eye.

 

Mods please close

 

Regards

Kevin


Edited by charlievarley, 10 September 2015 - 07:46 AM.


#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,182 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:02 AM

Posted 10 September 2015 - 12:50 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users