Jump to content

gcswann

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. About a month ago, my computer began having issues with a persistent malware which was mining bitcoins through svchost.exe. The tell-tale signs such as CPU overheating and high idling power draw were there. After downloading your program and scanning a few times, the malware was gone and did not show up on further scans. Now, the problems seem to have resurfaced and, while Malware Bytes notices the malware and "removes" it, it is right back after a reboot and subsequent scans find it and "remove" it again. This has happened 4 times and the program can't seem to remove it. Here is my FRST log, addition.txt attached since it was too long for the post. Thank you very much for your help. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015Ran by karam_000 (administrator) on GEOFFPC on 26-05-2015 05:54:59Running from F:\Dowloads\ChromeLoaded Profiles: karam_000 (Available Profiles: karam_000)Platform: Windows 8.1 Pro (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe() C:\Windows\SysWOW64\PnkBstrA.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe(IvoSoft) F:\Dowloads\ClassicStartMenu.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe(Microsoft Corporation) C:\Windows\System32\schtasks.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Google Inc.) C:\Users\karam_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe() C:\Users\karam_000\AppData\Roaming\Update Manager\UM.exe(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe(Elaborate Bytes AG) F:\Program Files\VirtualCloneDrive\VCDDaemon.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe() C:\Program Files\Core Temp\Core Temp.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Windows\Temp\lsass.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Windows\Temp\svchost.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-04] (Raptr, Inc)HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [VirtualCloneDrive] => F:\Program Files\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\steam.exe [2891968 2015-05-20] (Valve Corporation)HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [GoogleChromeAutoLaunch_D1C31AF139FC739F5AD7FD2BDFB731F2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exeHKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [Google Update] => C:\Users\karam_000\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-01-16] (Google Inc.)HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [MusicManager] => C:\Users\karam_000\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [uM] => C:\Users\karam_000\AppData\Roaming\Update Manager\UM.EXE [642224 2015-05-05] ()HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [7435320 2015-05-25] (GOG.com)ShellIconOverlayIdentifiers: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => F:\Dowloads\ClassicExplorer64.dll [2014-12-13] (IvoSoft)ShellIconOverlayIdentifiers-x32: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => F:\Dowloads\ClassicExplorer32.dll [2014-12-13] (IvoSoft)GroupPolicy: Group Policy on Chrome detected <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1612506446-2023614625-2544168993-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpSearchScopes: HKU\S-1-5-21-1612506446-2023614625-2544168993-1001 -> DefaultScope {AB36D7BF-47DA-4B41-A21C-0A3050F20D2C} URL = SearchScopes: HKU\S-1-5-21-1612506446-2023614625-2544168993-1001 -> {AB36D7BF-47DA-4B41-A21C-0A3050F20D2C} URL = SearchScopes: HKU\S-1-5-21-1612506446-2023614625-2544168993-1001 -> {EC1959BB-1ED0-41D3-8D13-581A8F118707} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> F:\Dowloads\ClassicExplorer64.dll [2014-12-13] (IvoSoft)BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> F:\Dowloads\ClassicIEDLL_64.dll [2014-12-13] (IvoSoft)BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> F:\Dowloads\ClassicExplorer32.dll [2014-12-13] (IvoSoft)BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> F:\Dowloads\ClassicIEDLL_32.dll [2014-12-13] (IvoSoft)Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - F:\Dowloads\ClassicExplorer64.dll [2014-12-13] (IvoSoft)Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - F:\Dowloads\ClassicExplorer32.dll [2014-12-13] (IvoSoft)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-19] (Microsoft Corporation)Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox:========FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-19] (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-1612506446-2023614625-2544168993-1001: @tools.google.com/Google Update;version=3 -> C:\Users\karam_000\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-1612506446-2023614625-2544168993-1001: @tools.google.com/Google Update;version=9 -> C:\Users\karam_000\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)FF Plugin HKU\S-1-5-21-1612506446-2023614625-2544168993-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File Chrome: =======CHR Profile: C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-06]CHR Extension: (Entanglement Web App) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-01-06]CHR Extension: (Dictionary of Numbers) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhgdmkmcgahbkcbmlkpmmamemlkajaf [2015-01-06]CHR Extension: (Angry Birds) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-06]CHR Extension: (Google Docs) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-06]CHR Extension: (Google Drive) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-06]CHR Extension: (Visible Alts) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjodnjdnjiblmdknhnokibkoamlfmpm [2015-01-06]CHR Extension: (YouTube) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-06]CHR Extension: (Google Search) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-06]CHR Extension: (Google Play Music) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-03-25]CHR Extension: (Google Sheets) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-06]CHR Extension: (AdBlock) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-06]CHR Extension: (Bookmark Manager) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]CHR Extension: (TinEye Reverse Image Search) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-01-06]CHR Extension: (Google Play Music) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-01-06]CHR Extension: (PlayTo for Chromecast™) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2015-01-06]CHR Extension: (StumbleUpon) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2015-01-06]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]CHR Extension: (Webcam Toy) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2015-01-06]CHR Extension: (Poppit!) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2015-01-06]CHR Extension: (Ghostery) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-01-13]CHR Extension: (Google Wallet) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-06]CHR Extension: (Hover Zoom) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-01-06]CHR Extension: (Currently) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh [2015-01-06]CHR Extension: (Gmail) - C:\Users\karam_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-06] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1743928 2015-05-25] (GOG.com)S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516792 2015-05-25] (GOG.com)R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-16] ()S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () []R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-26] (Malwarebytes Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)R3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-06] (Basil Projects)R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)R3 ALSysIO; \??\C:\Users\KARAM_~1\AppData\Local\Temp\ALSysIO64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-26 05:54 - 2015-05-26 05:55 - 00000000 ____D () C:\FRST2015-05-26 05:21 - 2015-05-26 05:48 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-05-26 05:21 - 2015-05-26 05:21 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-05-26 05:21 - 2015-05-26 05:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-05-26 05:21 - 2015-05-26 05:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-05-26 05:21 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2015-05-26 05:21 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-05-26 05:21 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2015-05-26 01:10 - 2015-05-26 01:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]2015-05-25 21:49 - 2015-05-26 01:10 - 00000000 ____D () C:\GOG Games2015-05-25 21:47 - 2015-05-25 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com2015-05-25 21:47 - 2015-05-25 21:47 - 00000000 ____D () C:\ProgramData\GOG.com2015-05-25 21:47 - 2015-05-25 21:47 - 00000000 ____D () C:\Program Files (x86)\GalaxyClient2015-05-25 21:42 - 2015-05-25 21:42 - 00012800 ___SH () C:\Users\karam_000\Desktop\Thumbs.db2015-05-24 02:28 - 2015-05-24 02:28 - 00003695 _____ () C:\Users\karam_000\AppData\Local\recently-used.xbel2015-05-23 18:27 - 2015-05-23 18:39 - 284879688 _____ ( ) C:\Users\karam_000\Desktop\patch_witcher3_1.01-1.03_2.0.0.29.exe2015-05-18 21:50 - 2015-05-18 21:50 - 00000000 ____D () C:\Users\karam_000\AppData\Local\The Witcher 22015-05-18 21:19 - 2015-05-18 21:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf2015-05-14 14:02 - 2015-05-14 14:02 - 00281128 _____ () C:\Windows\Minidump\051415-3843-01.dmp2015-05-13 22:49 - 2015-05-13 22:49 - 00281128 _____ () C:\Windows\Minidump\051315-4140-01.dmp2015-05-13 18:18 - 2015-05-13 18:18 - 00000000 ____D () C:\ProgramData\Malwarebytes2015-05-13 17:15 - 2015-05-13 17:15 - 00007605 _____ () C:\Users\karam_000\AppData\Local\Resmon.ResmonCfg2015-05-13 11:26 - 2015-05-13 11:26 - 00000000 ____D () C:\Program Files\TAP-Windows2015-05-12 22:12 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2015-05-12 22:12 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2015-05-12 20:36 - 2015-05-12 20:36 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\WinRAR2015-05-12 20:36 - 2015-05-12 20:36 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2015-05-12 20:36 - 2015-05-12 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR2015-05-12 20:35 - 2015-05-12 20:36 - 00000000 ____D () C:\Program Files\WinRAR2015-05-12 19:23 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2015-05-12 19:23 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2015-05-12 19:23 - 2015-04-24 17:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll2015-05-12 19:23 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-05-12 19:23 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-05-12 19:23 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2015-05-12 19:23 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-05-12 19:23 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2015-05-12 19:23 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-05-12 19:23 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-05-12 19:23 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-05-12 19:23 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2015-05-12 19:23 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-05-12 19:23 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec2015-05-12 19:23 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2015-05-12 19:23 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll2015-05-12 19:23 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2015-05-12 19:23 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-05-12 19:23 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll2015-05-12 19:23 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-05-12 19:23 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2015-05-12 19:23 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-05-12 19:23 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-05-12 19:23 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-05-12 19:23 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-05-12 19:23 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-05-12 19:23 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2015-05-12 19:23 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll2015-05-12 19:23 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2015-05-12 19:23 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll2015-05-12 19:23 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-05-12 19:23 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2015-05-12 19:23 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-05-12 19:23 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-05-12 19:23 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-05-12 19:23 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-05-12 19:23 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-05-12 19:23 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-05-12 19:23 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-05-12 19:23 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-05-12 19:23 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-05-12 19:23 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-05-12 19:23 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-05-12 19:23 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2015-05-12 19:23 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2015-05-12 19:23 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll2015-05-12 19:23 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll2015-05-12 19:23 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll2015-05-12 19:23 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe2015-05-12 19:23 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll2015-05-12 19:23 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll2015-05-12 19:23 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll2015-05-12 19:23 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll2015-05-12 19:23 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll2015-05-12 19:23 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll2015-05-12 19:23 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2015-05-12 19:23 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll2015-05-12 19:23 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll2015-05-12 19:23 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2015-05-12 19:23 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys2015-05-12 19:23 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS2015-05-12 19:23 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys2015-05-12 19:23 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys2015-05-12 19:23 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys2015-05-12 19:23 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll2015-05-12 19:23 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll2015-05-12 19:23 - 2015-03-12 20:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml2015-05-12 19:23 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe2015-05-12 19:23 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe2015-05-12 19:23 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys2015-05-12 19:23 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll2015-05-12 19:23 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll2015-05-12 19:23 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll2015-05-12 19:23 - 2015-03-04 19:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll2015-05-12 19:23 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll2015-05-12 19:23 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll2015-05-12 19:23 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll2015-05-12 19:23 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll2015-05-12 19:23 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll2015-05-10 11:05 - 2015-05-10 11:05 - 00317984 _____ () C:\Windows\Minidump\051015-5187-01.dmp2015-05-07 19:00 - 2015-05-13 18:37 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\Settings Manager2015-05-07 19:00 - 2015-05-07 19:00 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\Update Manager2015-05-06 10:56 - 2015-05-06 10:56 - 00000000 __RHD () C:\MSOCache ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-26 05:54 - 2015-01-06 20:39 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-05-26 05:50 - 2015-01-06 20:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1612506446-2023614625-2544168993-10012015-05-26 05:50 - 2015-01-06 20:09 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI2015-05-26 05:49 - 2015-01-16 23:34 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1612506446-2023614625-2544168993-1001UA.job2015-05-26 05:49 - 2015-01-16 23:34 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1612506446-2023614625-2544168993-1001Core.job2015-05-26 05:47 - 2015-01-06 21:09 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\Raptr2015-05-26 05:46 - 2015-01-16 21:24 - 00000000 ____D () C:\Users\karam_000\AppData\Local\ClassicShell2015-05-26 05:46 - 2015-01-06 20:31 - 00000000 ____D () C:\Program Files (x86)\Steam2015-05-26 05:46 - 2015-01-06 20:07 - 01173226 _____ () C:\Windows\WindowsUpdate.log2015-05-26 05:45 - 2015-03-19 11:53 - 00004986 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for GEOFFPC-karam_000 GeoffPC2015-05-26 05:45 - 2015-01-07 11:54 - 00055696 _____ () C:\Windows\PFRO.log2015-05-26 05:45 - 2015-01-06 20:39 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-05-26 05:45 - 2015-01-06 20:14 - 00000000 __RDO () C:\Users\karam_000\SkyDrive2015-05-26 05:45 - 2013-08-22 10:46 - 00019611 _____ () C:\Windows\setupact.log2015-05-26 05:45 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-05-26 05:38 - 2015-01-06 20:11 - 00000000 ____D () C:\Users\karam_0002015-05-26 05:38 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI2015-05-26 05:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru2015-05-26 02:54 - 2015-01-06 20:31 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7CA01E39-4A43-433C-B984-2FAD28D7E5E4}2015-05-26 01:10 - 2015-01-06 22:05 - 00246277 _____ () C:\Windows\DirectX.log2015-05-25 20:55 - 2015-01-06 20:40 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-05-24 14:28 - 2015-01-07 11:08 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\deluge2015-05-23 17:01 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness2015-05-22 00:54 - 2015-03-19 11:53 - 00003102 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1612506446-2023614625-2544168993-10012015-05-22 00:54 - 2015-03-19 11:53 - 00000000 ___RD () C:\Users\karam_000\OneDrive2015-05-21 09:20 - 2015-01-16 23:38 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr2015-05-21 09:20 - 2015-01-12 06:17 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe2015-05-21 08:44 - 2015-01-06 23:44 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\vlc2015-05-19 22:06 - 2015-04-07 18:54 - 00000000 ___SD () C:\Windows\SysWOW64\GWX2015-05-19 22:06 - 2015-04-07 18:54 - 00000000 ___SD () C:\Windows\system32\GWX2015-05-19 22:06 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp2015-05-19 21:57 - 2015-03-19 11:45 - 00000000 ____D () C:\Program Files\Microsoft Office 152015-05-17 01:49 - 2015-01-06 20:39 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-05-17 01:49 - 2015-01-06 20:39 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-05-16 05:44 - 2015-01-16 23:34 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1612506446-2023614625-2544168993-1001UA2015-05-16 05:44 - 2015-01-16 23:34 - 00003514 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1612506446-2023614625-2544168993-1001Core2015-05-15 21:30 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache2015-05-14 14:02 - 2015-01-16 20:58 - 533193062 _____ () C:\Windows\MEMORY.DMP2015-05-14 14:02 - 2015-01-16 20:58 - 00000000 ____D () C:\Windows\Minidump2015-05-13 22:49 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\security2015-05-13 18:50 - 2015-03-19 09:11 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2015-05-13 18:36 - 2015-01-07 11:13 - 00000000 ____D () C:\Users\karam_000\AppData\Roaming\Rainmaker Software Group LLC.​2015-05-13 16:44 - 2015-04-14 11:00 - 00000080 _____ () C:\Users\karam_000\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦2015-05-13 11:27 - 2013-08-22 10:44 - 00481880 _____ () C:\Windows\system32\FNTCACHE.DAT2015-05-13 11:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel2015-05-13 11:26 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers2015-05-13 10:59 - 2015-03-11 23:05 - 00000000 ____D () C:\Users\karam_000\AppData\Local\Ori and the Blind Forest2015-05-12 22:12 - 2015-01-06 20:31 - 00000000 ____D () C:\Windows\system32\MRT2015-05-12 22:09 - 2015-02-23 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight2015-05-12 22:09 - 2015-01-06 20:31 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2015-05-12 22:08 - 2015-02-23 00:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2015-05-12 22:08 - 2015-02-23 00:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2015-05-12 22:08 - 2013-08-22 15:11 - 00000000 ____D () C:\Program Files\Windows Journal2015-05-10 11:11 - 2015-01-06 21:09 - 00000000 ____D () C:\Program Files (x86)\Raptr2015-05-06 22:32 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF2015-05-05 13:59 - 2013-08-22 11:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-05-05 13:59 - 2013-08-22 11:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2015-05-24 02:28 - 2015-05-24 02:28 - 0003695 _____ () C:\Users\karam_000\AppData\Local\recently-used.xbel2015-05-13 17:15 - 2015-05-13 17:15 - 0007605 _____ () C:\Users\karam_000\AppData\Local\Resmon.ResmonCfg Some files in TEMP:====================C:\Users\karam_000\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win8.1-64bit.exeC:\Users\karam_000\AppData\Local\Temp\AutoDetectUtilApp.exeC:\Users\karam_000\AppData\Local\Temp\Gw2.exeC:\Users\karam_000\AppData\Local\Temp\Itibiti_Knctr_B.exeC:\Users\karam_000\AppData\Local\Temp\raptrpatch.exeC:\Users\karam_000\AppData\Local\Temp\raptr_stub.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-18 06:04 ==================== End of log ============================ Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.