Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio ads playing in the background - malware?


  • This topic is locked This topic is locked
11 replies to this topic

#1 JamarDracken

JamarDracken

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 14 September 2016 - 09:23 PM

Hey,

 

For last couple of days (5-7) I'm experiencing some kind of a virus. It's playing audio ads on various websites (for example it can play an ad in listenonrepeat but it has never happened on facebook). There is no apparent schedule to this, it can be silent for 4 hours and then play the ad or play ads one by one after closing the page. Also, when I'm trying to close the page ad is playing on I get the message "Do you really want to close this tab?". I haven't downloaded anything fishy lately nor have been on fishy websites so I don't know where it came from. The only explanation is a pendrive I connected to my PC from a video guy that is going to film my wedding. I tried scanning my PC with various apps recommended and supposed-to-be-good in fighting malware and nothing. I'm not an IT guy so I don't know what to do next and need help. I need to format my system yesterday due to my mistake so I'm on fresh Windows 7 installation.

 

I know that there are sentences not in English but FRST chose my native language as default and I have no idea how to change it to English. If this scan is not good, just let me know.

 

@edit I found out how to change language so here is the new log.

 

 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
Ran by admin (administrator) on ADMIN-KOMPUTER (15-09-2016 11:54:00)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 7 Home Premium (X64) Language: Polski (Polska)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Farbar) C:\Users\admin\Downloads\EnglishFRST64.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11340752 2016-07-19] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-1797493665-689152161-215716262-1001\...\Run: [CTRegRun] => C:\Windows\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd )
HKU\S-1-5-21-1797493665-689152161-215716262-1001\...\Run: [Spotify Web Helper] => C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-14] (Spotify Ltd)
HKU\S-1-5-21-1797493665-689152161-215716262-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-1797493665-689152161-215716262-1001\...\MountPoints2: {bec0e881-7a7e-11e6-a53d-806e6f6e6963} - F:\CTRun\Start.EXE
HKU\S-1-5-21-1797493665-689152161-215716262-1001\...\MountPoints2: {bec0e88d-7a7e-11e6-a53d-806e6f6e6963} - G:\SISetup.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 46.28.68.226 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{F94FAAEE-53AC-49C4-A031-2F8FF33C2939}: [DhcpNameServer] 46.28.68.226 8.8.8.8 192.168.1.1
 
Internet Explorer:
==================
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://files.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ezesb2d9.default
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> google.pl_
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (QR kod) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2016-09-15]
CHR Extension: (Prezentacje Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-14]
CHR Extension: (Dokumenty Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-14]
CHR Extension: (Dysk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-14]
CHR Extension: (Bloker reklam Adguard) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-09-15]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-14]
CHR Extension: (Mój adres IP) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2016-09-15]
CHR Extension: (Kalendarz Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-09-14]
CHR Extension: (Mariah Carey) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodbbhbmhfemocgkhhihfjnkifmcjmoi [2016-09-14]
CHR Extension: (PanicButton) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2016-09-14]
CHR Extension: (Arkusze Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-14]
CHR Extension: (Creatures & Castles) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpeacgpdnhofhebmincihdelcemhagd [2016-09-15]
CHR Extension: (Zoho Mail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjemfhbmnkbapnnmiadkbiaokccjnhge [2016-09-15]
CHR Extension: (Adres IP) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2016-09-14]
CHR Extension: (WordPress.com) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2016-09-15]
CHR Extension: (Mapy Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-14]
CHR Extension: (Flashcontrol) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2016-09-15]
CHR Extension: (Lektz) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmjpdilgfjabginnfehcjicdhomciidm [2016-09-15]
CHR Extension: (Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfakdllpdfjjbfommlcnfkedmbigkfdo [2016-09-14]
CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-14]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-15]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-09-14] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-07-19] (Micro-Star INT'L CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [54736 2016-09-15] ()
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-15 11:35 - 2016-09-15 11:35 - 00000000 ____D C:\Users\admin\AppData\Roaming\NVIDIA
2016-09-15 11:34 - 2016-09-15 11:34 - 05243128 _____ C:\Users\admin\Downloads\Tibia_Setup.exe
2016-09-15 11:34 - 2016-09-15 11:34 - 00001014 _____ C:\Users\admin\Desktop\Tibia.lnk
2016-09-15 11:34 - 2016-09-15 11:34 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tibia
2016-09-15 11:34 - 2016-09-15 11:34 - 00000000 ____D C:\Users\admin\AppData\Local\Tibia
2016-09-15 04:28 - 2009-09-10 08:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-15 04:28 - 2009-09-10 07:52 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-15 04:05 - 2016-09-15 04:06 - 00024983 _____ C:\Users\admin\Downloads\Addition.txt
2016-09-15 04:04 - 2016-09-15 11:54 - 00013642 _____ C:\Users\admin\Downloads\FRST.txt
2016-09-15 04:02 - 2016-09-15 11:53 - 00000000 ____D C:\FRST
2016-09-15 04:02 - 2016-09-15 04:02 - 02398720 _____ (Farbar) C:\Users\admin\Downloads\EnglishFRST64.exe
2016-09-15 03:53 - 2009-12-19 11:50 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2016-09-15 03:53 - 2009-12-19 11:49 - 01572352 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-09-15 03:53 - 2009-12-19 11:47 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2016-09-15 03:53 - 2009-12-19 11:47 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2016-09-15 03:53 - 2009-12-19 11:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2016-09-15 03:53 - 2009-12-19 11:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2016-09-15 03:53 - 2009-12-19 11:02 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2016-09-15 03:53 - 2009-10-19 16:46 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2016-09-15 03:53 - 2009-10-19 16:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-09-15 03:53 - 2009-10-19 16:10 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2016-09-15 03:53 - 2009-10-19 16:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-09-15 03:53 - 2009-09-03 09:36 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-09-15 03:53 - 2009-09-03 09:04 - 01320960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-09-15 03:53 - 2009-08-29 09:53 - 14629376 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-09-15 03:53 - 2009-08-29 09:50 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2016-09-15 03:53 - 2009-08-29 09:45 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-09-15 03:53 - 2009-08-29 08:59 - 11406336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-09-15 03:53 - 2009-08-29 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2016-09-15 03:53 - 2009-08-29 08:54 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-09-15 03:53 - 2009-07-30 07:07 - 00366080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-09-15 03:53 - 2009-07-30 06:44 - 00293888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-09-15 03:52 - 2016-09-15 03:52 - 16563352 _____ (Malwarebytes Corp.) C:\Users\admin\Downloads\mbar-1.09.3.1001.exe
2016-09-15 03:49 - 2016-09-15 11:03 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-09-15 03:49 - 2016-09-15 04:28 - 00020867 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-09-15 03:49 - 2016-09-15 04:03 - 00058686 _____ C:\Windows\ZAM.krnl.trace
2016-09-15 03:49 - 2016-09-15 03:49 - 05292304 _____ ( ) C:\Users\admin\Downloads\Zemana.AntiMalware.Setup (1).exe
2016-09-15 03:46 - 2016-09-15 03:46 - 05292304 _____ ( ) C:\Users\admin\Downloads\Zemana.AntiMalware.Setup.exe
2016-09-15 03:46 - 2016-09-15 03:46 - 00000000 ____D C:\Users\admin\AppData\Local\Zemana
2016-09-15 03:43 - 2016-09-15 03:45 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-15 03:43 - 2016-09-15 03:43 - 11572656 _____ (SurfRight B.V.) C:\Users\admin\Downloads\hitmanpro_x64.exe
2016-09-15 03:43 - 2016-09-15 03:43 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-09-15 03:39 - 2016-09-15 03:39 - 03861056 _____ C:\Users\admin\Downloads\AdwCleaner.exe
2016-09-15 03:36 - 2016-09-15 03:36 - 22851472 _____ (Malwarebytes ) C:\Users\admin\Downloads\mbam-setup-2-2-1-1043.exe
2016-09-15 03:36 - 2016-09-15 03:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-15 03:34 - 2016-09-15 03:43 - 00064528 _____ C:\Windows\ntbtlog.txt
2016-09-15 01:01 - 2016-09-15 01:01 - 00191622 _____ C:\Users\admin\Downloads\OTL (1).Txt
2016-09-15 00:51 - 2016-09-15 00:51 - 00191622 _____ C:\Users\admin\Downloads\OTL.Txt
2016-09-15 00:51 - 2016-09-15 00:51 - 00052440 _____ C:\Users\admin\Downloads\Extras.Txt
2016-09-15 00:47 - 2016-09-15 00:48 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\OTL.exe
2016-09-15 00:46 - 2016-09-15 00:46 - 00000000 ____D C:\Users\admin\AppData\Roaming\Mozilla
2016-09-15 00:46 - 2016-09-15 00:46 - 00000000 ____D C:\Users\admin\AppData\Local\Mozilla
2016-09-15 00:45 - 2016-09-15 00:45 - 00242240 _____ C:\Users\admin\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-15 00:45 - 2016-09-15 00:45 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-15 00:45 - 2016-09-15 00:45 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-15 00:45 - 2016-09-15 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-15 00:45 - 2016-09-15 00:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-15 00:36 - 2016-09-15 00:36 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-15 00:36 - 2016-09-15 00:36 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-15 00:36 - 2016-09-15 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-15 00:36 - 2016-09-15 00:36 - 00000000 ____D C:\Program Files\CCleaner
2016-09-15 00:35 - 2016-09-15 00:35 - 08243736 _____ (Piriform Ltd) C:\Users\admin\Downloads\ccsetup522pro.exe
2016-09-15 00:16 - 2016-09-15 00:16 - 00602112 _____ (OldTimer Tools) C:\Users\admin\Downloads\Niepotwierdzony 53656.crdownload
2016-09-14 23:47 - 2016-09-15 03:46 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2016-09-14 23:37 - 2016-09-14 23:37 - 00000000 ____D C:\Users\admin\AppData\Local\TeamViewer
2016-09-14 23:35 - 2016-09-14 23:47 - 00000000 ____D C:\Users\admin\AppData\Roaming\TeamViewer
2016-09-14 23:35 - 2016-09-14 23:35 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-14 23:35 - 2016-09-14 23:35 - 00001031 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-14 23:35 - 2016-09-14 23:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-14 23:32 - 2016-09-14 23:34 - 10885792 _____ (TeamViewer GmbH) C:\Users\admin\Downloads\TeamViewer_Setup_pl.exe
2016-09-14 22:22 - 2016-09-15 02:44 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-1797493665-689152161-215716262-1001.job
2016-09-14 22:22 - 2016-09-14 22:22 - 00003262 _____ C:\Windows\System32\Tasks\update-S-1-5-21-1797493665-689152161-215716262-1001
2016-09-14 22:22 - 2016-09-14 22:22 - 00000424 _____ C:\Users\admin\AppData\Local\UserProducts.xml
2016-09-14 22:21 - 2016-09-15 11:04 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2016-09-14 22:21 - 2016-09-14 22:21 - 00003284 _____ C:\Windows\System32\Tasks\update-sys
2016-09-14 22:21 - 2016-09-14 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2016-09-14 22:21 - 2016-09-14 22:21 - 00000000 ____D C:\Program Files (x86)\Skillbrains
2016-09-14 22:19 - 2016-09-14 22:20 - 02575272 _____ (Skillbrains ) C:\Users\admin\Downloads\setup-lightshot.exe
2016-09-14 20:06 - 2016-09-14 20:06 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-09-14 20:04 - 2016-09-14 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2016-09-14 20:04 - 2016-09-14 20:04 - 00000000 ____D C:\ProgramData\AMD
2016-09-14 20:04 - 2016-09-14 20:04 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-14 20:04 - 2016-09-14 20:04 - 00000000 ____D C:\Program Files\ATI
2016-09-14 20:04 - 2016-09-14 20:04 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-14 20:04 - 2016-09-14 20:04 - 00000000 ____D C:\Program Files (x86)\AMD APP
2016-09-14 20:04 - 2010-11-29 04:50 - 00044672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2016-09-14 20:04 - 2010-02-18 09:18 - 00046136 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdiox64.sys
2016-09-14 20:03 - 2010-06-17 17:15 - 00016440 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie64.sys
2016-09-14 19:39 - 2016-09-14 19:39 - 00002031 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2016-09-14 19:39 - 2016-09-14 19:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-09-14 19:39 - 2016-09-14 19:39 - 00000000 ____D C:\Program Files (x86)\MSI
2016-09-14 19:39 - 2016-09-14 19:39 - 00000000 ____D C:\MSI
2016-09-14 19:39 - 2014-04-30 16:23 - 00011248 _____ (Windows ® Win 7 DDK provider) C:\Windows\acpimof.dll
2016-09-14 19:37 - 2016-09-14 19:37 - 00000000 __SHD C:\Windows\ftpcache
2016-09-14 19:37 - 2016-09-14 19:37 - 00000000 ____D C:\Users\admin\AppData\Roaming\Macromedia
2016-09-14 19:36 - 2010-04-07 15:04 - 00127800 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2016-09-14 19:33 - 2016-09-14 19:33 - 06642618 _____ C:\Users\admin\Downloads\LiveUpdate.zip
2016-09-14 19:33 - 2016-09-14 19:33 - 00000000 ____D C:\Users\admin\Downloads\LiveUpdate
2016-09-14 19:32 - 2016-09-14 19:33 - 00000000 ____D C:\Users\admin\Downloads\chipset-win7
2016-09-14 19:32 - 2016-09-14 19:32 - 00000000 ____D C:\Program Files (x86)\Etron Technology
2016-09-14 19:29 - 2016-09-14 19:30 - 244216881 _____ C:\Users\admin\Downloads\motherboard_driver_amd_chipset_win7.exe
2016-09-14 19:29 - 2016-09-14 19:29 - 11858573 _____ (Igor Pavlov) C:\Users\admin\Downloads\motherboard_driver_etron_usb3.exe
2016-09-14 19:29 - 2014-01-09 08:12 - 00000000 ____D C:\Users\admin\Downloads\Etron
2016-09-14 19:15 - 2016-09-14 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-09-14 19:15 - 2016-09-14 19:15 - 00002099 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2016-09-14 19:15 - 2016-09-14 19:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf
2016-09-14 19:15 - 2016-09-14 19:15 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2016-09-14 19:15 - 2012-08-31 15:03 - 01696256 _____ C:\Windows\system32\HP1100SM.EXE
2016-09-14 19:15 - 2012-08-31 15:03 - 00288768 _____ C:\Windows\system32\HP1100LM.DLL
2016-09-14 19:14 - 2016-09-14 19:15 - 00000000 ____D C:\Program Files (x86)\HP
2016-09-14 19:14 - 2016-09-14 19:14 - 00000000 ____D C:\Program Files\HP
2016-09-14 19:14 - 2012-08-31 09:10 - 00350720 _____ C:\Windows\system32\mvhlewsi.dll
2016-09-14 19:13 - 2016-09-14 19:13 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2016-09-14 19:13 - 2016-09-14 19:13 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2016-09-14 19:13 - 2012-09-26 07:45 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-09-14 19:13 - 2012-09-26 07:45 - 00082944 _____ C:\Windows\system32\mvusbews.dll
2016-09-14 19:13 - 2012-09-26 07:45 - 00052224 _____ C:\Windows\system32\HP1100SMs.dll
2016-09-14 19:13 - 2012-09-26 07:45 - 00020480 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys
2016-09-14 19:11 - 2016-09-14 19:12 - 150179344 _____ C:\Users\admin\Downloads\hp_LJP1100_P1560_P1600_Full_Solution-v20120831-50157036_SMO.exe
2016-09-14 18:56 - 2016-09-14 18:57 - 00184656 _____ C:\TDSSKiller.3.1.0.11_14.09.2016_18.56.53_log.txt
2016-09-14 18:45 - 2016-09-15 03:43 - 00000000 ____D C:\AdwCleaner
2016-09-14 18:45 - 2016-09-14 18:52 - 03826240 _____ C:\Users\admin\Downloads\adwcleaner_6.010.exe
2016-09-14 18:42 - 2016-09-14 18:43 - 00362522 _____ C:\TDSSKiller.3.1.0.11_14.09.2016_18.42.37_log.txt
2016-09-14 18:42 - 2016-09-14 18:42 - 04747704 _____ (AO Kaspersky Lab) C:\Users\admin\Downloads\tdsskiller.exe
2016-09-14 17:35 - 2016-09-14 17:35 - 00002673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Otwórz dokument pakietu Microsoft Office.lnk
2016-09-14 17:35 - 2016-09-14 17:35 - 00002647 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Nowy dokument pakietu Microsoft Office.lnk
2016-09-14 17:35 - 2016-09-14 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-14 17:34 - 2016-09-14 17:34 - 00000000 ____D C:\Windows\PCHEALTH
2016-09-14 17:34 - 2016-09-14 17:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-14 17:34 - 2016-09-14 17:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-09-14 17:33 - 2016-09-14 17:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-14 17:33 - 2016-09-14 17:33 - 00000000 __RHD C:\MSOCache
2016-09-14 17:33 - 2016-09-14 17:33 - 00000000 ____D C:\Users\admin\AppData\Local\Microsoft Help
2016-09-14 17:30 - 2016-09-14 17:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-09-14 17:29 - 2016-09-14 17:30 - 313766816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\Office_HS_2007_Polish_x32.exe
2016-09-14 17:06 - 2016-09-14 17:06 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-09-14 17:06 - 2016-09-14 17:06 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-09-14 17:06 - 2016-09-14 17:06 - 00000000 ____D C:\Windows\system32\DAX2
2016-09-14 17:06 - 2016-09-14 17:06 - 00000000 ____D C:\Program Files\Realtek
2016-09-14 17:06 - 2016-09-14 17:06 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-09-14 17:06 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-09-14 17:06 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-09-14 17:06 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-09-14 17:06 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-09-14 17:06 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-09-14 17:06 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-09-14 17:06 - 2015-06-11 19:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-09-14 17:06 - 2015-06-10 13:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-09-14 17:06 - 2015-06-10 13:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-09-14 17:06 - 2015-06-09 11:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-09-14 17:06 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-09-14 17:06 - 2015-05-27 18:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-09-14 17:06 - 2015-05-27 18:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-09-14 17:06 - 2015-05-27 18:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-09-14 17:06 - 2015-05-27 18:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-09-14 17:06 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-09-14 17:06 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-09-14 17:06 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-09-14 17:06 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-09-14 17:06 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-09-14 17:06 - 2015-05-11 18:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-09-14 17:06 - 2015-05-11 13:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-09-14 17:06 - 2015-05-11 13:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-09-14 17:06 - 2015-05-11 13:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-09-14 17:06 - 2015-05-11 13:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-09-14 17:06 - 2015-04-27 16:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-09-14 17:06 - 2015-04-24 05:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-09-14 17:06 - 2015-04-24 05:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-09-14 17:06 - 2015-04-24 05:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-09-14 17:06 - 2015-04-24 05:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-09-14 17:06 - 2015-04-13 16:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-09-14 17:06 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-09-14 17:06 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-09-14 17:06 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-09-14 17:06 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-09-14 17:06 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-09-14 17:06 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-09-14 17:06 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-09-14 17:06 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2016-09-14 17:06 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-09-14 17:06 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2016-09-14 17:06 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-09-14 17:06 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-09-14 17:06 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-09-14 17:06 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-09-14 17:06 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-09-14 17:06 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-09-14 17:06 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-09-14 17:06 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-09-14 17:06 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-09-14 17:06 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-09-14 17:06 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-09-14 17:06 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-09-14 17:06 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-09-14 17:06 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-09-14 17:06 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-09-14 17:06 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-09-14 17:06 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-09-14 17:06 - 2014-05-22 16:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2016-09-14 17:06 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-09-14 17:06 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-09-14 17:06 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-09-14 17:06 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-09-14 17:06 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-09-14 17:06 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-09-14 17:06 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-09-14 17:06 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-09-14 17:06 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-09-14 17:06 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-09-14 17:06 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-09-14 17:06 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-09-14 17:06 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-09-14 17:06 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-09-14 17:06 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-09-14 17:06 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-09-14 17:06 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-09-14 17:06 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-09-14 17:06 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-09-14 17:06 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-09-14 17:06 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-09-14 17:06 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-09-14 17:06 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-09-14 17:06 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-09-14 17:06 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-09-14 17:06 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-09-14 17:06 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-09-14 17:06 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-09-14 17:06 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-09-14 17:06 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-09-14 17:06 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-09-14 17:06 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-09-14 17:06 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-09-14 17:06 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-09-14 17:06 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-09-14 17:06 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-09-14 17:06 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-09-14 17:06 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-09-14 17:06 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-09-14 17:06 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-09-14 17:06 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-09-14 17:06 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-09-14 17:06 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-09-14 17:06 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-09-14 17:06 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-09-14 17:06 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-09-14 17:05 - 2015-05-27 17:38 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-09-14 17:04 - 2016-09-14 17:05 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\admin\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe
2016-09-14 17:03 - 2016-09-14 17:39 - 00000000 ____D C:\Users\admin\AppData\Local\Spotify
2016-09-14 17:03 - 2016-09-14 17:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\Spotify
2016-09-14 17:03 - 2016-09-14 17:03 - 00356056 _____ (Spotify Ltd) C:\Users\admin\Downloads\SpotifySetup.exe
2016-09-14 17:03 - 2016-09-14 17:03 - 00001811 _____ C:\Users\admin\Desktop\Spotify.lnk
2016-09-14 17:03 - 2016-09-14 17:03 - 00001797 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-09-14 17:03 - 2016-09-14 17:03 - 00000000 ____D C:\Users\admin\AppData\Local\CEF
2016-09-14 16:53 - 2016-09-15 02:19 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc
2016-09-14 16:53 - 2016-09-14 16:53 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-14 16:53 - 2016-09-14 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-14 16:53 - 2016-09-14 16:53 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-09-14 16:48 - 2016-09-14 17:07 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-09-14 16:36 - 2016-09-14 16:36 - 00002321 _____ C:\Users\Public\Desktop\Creative Product Registration.lnk
2016-09-14 16:36 - 2006-10-06 08:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2016-09-14 16:36 - 2000-05-22 10:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2016-09-14 16:35 - 2016-09-14 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-09-14 16:35 - 2016-09-14 16:35 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2016-09-14 16:35 - 2016-09-14 16:35 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2016-09-14 16:35 - 2016-09-14 16:35 - 00133632 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2016-09-14 16:35 - 2016-09-14 16:35 - 00110592 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2016-09-14 16:35 - 2016-09-14 16:35 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2016-09-14 16:35 - 2009-04-02 11:38 - 01908736 ____N (Creative) C:\Windows\system32\Sens_oal.dll
2016-09-14 16:35 - 2009-04-02 11:33 - 02873820 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2016-09-14 16:35 - 2003-06-12 23:25 - 00007062 _____ C:\Windows\SysWOW64\audiopid.vxd
2016-09-14 16:35 - 2000-05-11 01:00 - 00090112 ____N (Creative Technology Ltd.) C:\Windows\Updreg.EXE
2016-09-14 16:34 - 2016-09-14 17:14 - 00000000 ____D C:\ProgramData\Creative
2016-09-14 16:34 - 2016-09-14 16:36 - 00000000 ____D C:\Program Files (x86)\Creative
2016-09-14 16:34 - 2016-09-14 16:35 - 00000000 ____D C:\Program Files\Creative
2016-09-14 16:34 - 2016-09-14 16:34 - 00000159 ___RH C:\Windows\ctfile.rfc
2016-09-14 16:34 - 2009-04-21 12:37 - 32177128 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\AppSetup.exe
2016-09-14 16:34 - 2009-04-21 08:12 - 01288192 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\P17.sys
2016-09-14 16:34 - 2009-04-21 05:09 - 00003930 _____ C:\Windows\system32\ludap17.ini
2016-09-14 16:34 - 2009-04-21 04:40 - 00581120 _____ (Creative Technology Ltd.) C:\Windows\system32\P17APO64.dll
2016-09-14 16:34 - 2009-04-21 04:40 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\P17pld64.dll
2016-09-14 16:34 - 2009-04-21 04:40 - 00008491 _____ C:\Windows\SysWOW64\P17APO64.p17
2016-09-14 16:34 - 2009-04-21 04:38 - 00506368 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\P17APO32.dll
2016-09-14 16:34 - 2009-03-27 04:30 - 00600211 _____ (Creative Technology Ltd) C:\Windows\SysWOW64\APOIM64.exe
2016-09-14 16:34 - 2009-03-26 14:48 - 00190976 _____ C:\Windows\system32\APOMgr64.DLL
2016-09-14 16:34 - 2009-03-26 14:46 - 00148480 _____ C:\Windows\SysWOW64\APOMngr.DLL
2016-09-14 16:34 - 2009-02-26 03:36 - 00140800 _____ (Creative Technology Ltd.) C:\Windows\system32\P17res.dll
2016-09-14 16:34 - 2009-02-06 18:53 - 00089088 _____ C:\Windows\system32\CmdRtr64.DLL
2016-09-14 16:34 - 2009-02-06 18:52 - 00073728 _____ C:\Windows\SysWOW64\CmdRtr.DLL
2016-09-14 16:34 - 2008-11-13 08:07 - 00002177 _____ C:\Windows\P17EP.ini
2016-09-14 16:34 - 2008-11-07 11:35 - 00143872 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\OemSpiE.dll
2016-09-14 16:34 - 2008-03-28 09:57 - 00014848 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\P17RunE.dll
2016-09-14 16:34 - 2007-12-04 07:20 - 00001489 _____ C:\Windows\P17EP51.ini
2016-09-14 16:34 - 2007-11-26 10:22 - 00203776 _____ (Creative Technology Limited) C:\Windows\system32\ctdvins1.dll
2016-09-14 16:34 - 2007-11-26 10:22 - 00073728 _____ (Creative Technology Limited) C:\Windows\system32\ctcoins1.dll
2016-09-14 16:34 - 2007-06-07 07:25 - 00001578 _____ C:\Windows\P17EPLS.ini
2016-09-14 16:34 - 2006-12-04 15:56 - 00042496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\AddCat.exe
2016-09-14 16:34 - 2005-03-08 08:17 - 00000054 _____ C:\Windows\system32\ctzapxx.ini
2016-09-14 16:33 - 2016-09-14 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-14 16:33 - 2008-08-26 10:30 - 00008704 _____ (Creative Technology Ltd.) C:\Windows\ResDefE.exe
2016-09-14 16:33 - 2005-06-15 05:07 - 00011264 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRES.DLL
2016-09-14 16:31 - 2016-09-14 16:31 - 00000000 ____D C:\Users\admin\AppData\Local\Nvidia Corporation
2016-09-14 16:27 - 2016-09-14 16:31 - 00000000 ____D C:\Users\admin\AppData\Local\NVIDIA
2016-09-14 16:26 - 2016-09-14 16:26 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-09-14 16:25 - 2016-09-14 15:34 - 00000000 ____D C:\Windows\Panther
2016-09-14 16:14 - 2016-09-15 11:03 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-14 16:14 - 2016-09-14 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-09-14 16:13 - 2016-09-14 16:13 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-14 16:13 - 2016-08-25 22:50 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-09-14 16:13 - 2016-05-04 04:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-09-14 16:13 - 2016-05-04 04:22 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-09-14 16:13 - 2016-05-04 04:22 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-09-14 16:13 - 2016-05-04 04:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-09-14 16:12 - 2016-09-14 16:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-14 16:12 - 2016-09-14 16:14 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-14 16:12 - 2016-09-14 16:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-14 16:12 - 2016-08-26 01:28 - 00213952 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-09-14 16:12 - 2016-08-26 01:28 - 00203320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 06385720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 02475064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 01764408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 01362368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-09-14 16:12 - 2016-08-25 23:10 - 00548408 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-09-14 16:12 - 2016-08-25 23:10 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-09-14 16:12 - 2016-08-22 17:18 - 07320235 _____ C:\Windows\system32\nvcoproc.bin
2016-09-14 16:11 - 2016-08-26 01:28 - 40070200 _____ C:\Windows\system32\nvcompiler.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 35182648 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 34801088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 28207672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 19848080 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 17463088 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 17263792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 14352816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 14093368 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-09-14 16:11 - 2016-08-26 01:28 - 10865704 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 10737632 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 10278080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 09086856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 08875408 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 08680696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 03917512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 03594808 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 03456888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 03160512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 01920960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437270.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 01588688 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437270.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 01019960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00956352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00941504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00892864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00686896 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00575984 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00493608 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00408784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00223304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-09-14 16:11 - 2016-08-26 01:28 - 00181488 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00159352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00153368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00113208 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00102968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00056376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-14 16:11 - 2016-08-26 01:28 - 00054728 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-09-14 16:11 - 2016-08-26 01:28 - 00039731 _____ C:\Windows\system32\nvinfo.pb
2016-09-14 16:11 - 2016-08-26 01:28 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-09-14 16:11 - 2016-08-26 01:28 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2016-09-14 16:09 - 2016-09-14 16:14 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-14 16:07 - 2016-09-14 16:08 - 01640128 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-09-14 16:06 - 2016-09-14 16:06 - 01005568 _____ (Microsoft Corporation) C:\Users\admin\Downloads\dotNetFx45_Full_setup.exe
2016-09-14 16:06 - 2009-11-25 11:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-09-14 16:06 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-09-14 16:06 - 2009-11-25 11:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-09-14 16:06 - 2009-11-25 11:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-09-14 16:04 - 2016-09-14 16:04 - 00000000 ____D C:\NVIDIA
2016-09-14 15:45 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2016-09-14 15:45 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2016-09-14 15:44 - 2016-07-26 14:24 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-09-14 15:43 - 2009-10-10 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2016-09-14 15:41 - 2016-09-14 15:42 - 00000000 ____D C:\Windows\system32\MRT
2016-09-14 15:41 - 2016-09-14 15:41 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-14 15:41 - 2015-03-19 05:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 15:41 - 2015-03-19 04:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-14 15:41 - 2015-03-19 04:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-14 15:41 - 2014-09-15 02:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 15:41 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 15:41 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-14 15:41 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-14 15:41 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-09-14 15:41 - 2011-08-30 07:21 - 14164480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-09-14 15:41 - 2011-08-30 06:28 - 12868096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-09-14 15:41 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-09-14 15:41 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-09-14 15:41 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-09-14 15:41 - 2010-12-21 08:16 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 15:41 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-09-14 15:41 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-09-14 15:41 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-09-14 15:41 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-09-14 15:41 - 2010-12-21 08:15 - 01498112 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 15:41 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2016-09-14 15:41 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2016-09-14 15:41 - 2010-12-21 08:13 - 02003968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-09-14 15:41 - 2010-12-21 08:13 - 01880576 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-09-14 15:41 - 2010-12-21 08:11 - 12369408 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 15:41 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-09-14 15:41 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2016-09-14 15:41 - 2010-12-21 07:36 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-09-14 15:41 - 2010-12-21 07:36 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-09-14 15:41 - 2010-12-21 07:35 - 10989056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 15:41 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-09-14 15:41 - 2010-11-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-14 15:41 - 2010-11-04 08:31 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-14 15:41 - 2010-11-04 07:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-14 15:41 - 2010-11-04 07:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-14 15:41 - 2010-11-02 07:18 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-09-14 15:41 - 2010-11-02 07:18 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-09-14 15:41 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2016-09-14 15:41 - 2010-11-02 07:12 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-09-14 15:41 - 2010-11-02 07:12 - 01540608 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-09-14 15:41 - 2010-11-02 07:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-09-14 15:41 - 2010-11-02 07:12 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-09-14 15:41 - 2010-11-02 07:12 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-09-14 15:41 - 2010-11-02 07:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-09-14 15:41 - 2010-11-02 06:41 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-09-14 15:41 - 2010-11-02 06:41 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-09-14 15:41 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2016-09-14 15:41 - 2010-11-02 06:35 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-09-14 15:41 - 2010-11-02 06:35 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-09-14 15:41 - 2010-11-02 06:35 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-09-14 15:41 - 2010-11-02 06:35 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-09-14 15:41 - 2010-11-02 06:35 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-09-14 15:41 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-09-14 15:41 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-09-14 15:41 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-09-14 15:41 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-09-14 15:41 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2016-09-14 15:41 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-09-14 15:41 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-09-14 15:41 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2016-09-14 15:41 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-09-14 15:41 - 2010-03-24 08:59 - 01736608 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 15:41 - 2010-03-24 08:37 - 01289528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-14 15:41 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2016-09-14 15:41 - 2010-01-19 11:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-09-14 15:41 - 2010-01-19 11:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-09-14 15:41 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-09-14 15:41 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-09-14 15:41 - 2010-01-19 11:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-09-14 15:41 - 2010-01-19 11:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-09-14 15:41 - 2010-01-19 11:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-09-14 15:41 - 2010-01-19 11:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-09-14 15:41 - 2010-01-19 01:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-09-14 15:41 - 2010-01-19 01:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-09-14 15:41 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-09-14 15:41 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-09-14 15:41 - 2010-01-19 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-09-14 15:41 - 2010-01-19 01:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-09-14 15:41 - 2010-01-19 01:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-09-14 15:41 - 2010-01-19 01:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-09-14 15:41 - 2009-12-11 12:29 - 00153160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-14 15:41 - 2009-12-11 11:24 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 15:41 - 2009-12-11 09:39 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-14 15:41 - 2009-12-11 09:36 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 15:41 - 2009-10-31 08:34 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-09-14 15:41 - 2009-10-31 07:45 - 02614272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-09-14 15:41 - 2009-10-28 08:24 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-09-14 15:40 - 2016-09-14 15:42 - 363556792 _____ (NVIDIA Corporation) C:\Users\admin\Downloads\372.70-desktop-win8-win7-64bit-international-whql.exe
2016-09-14 15:40 - 2016-06-25 18:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-09-14 15:39 - 2016-09-14 15:39 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-14 15:39 - 2016-09-14 15:39 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-14 15:39 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-09-14 15:39 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-09-14 15:38 - 2016-09-15 11:43 - 00001046 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-14 15:38 - 2016-09-15 11:03 - 00001042 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-14 15:38 - 2016-09-15 01:08 - 00067872 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-14 15:38 - 2016-09-14 19:34 - 00000000 ____D C:\Users\admin\AppData\Local\Google
2016-09-14 15:38 - 2016-09-14 15:39 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-14 15:38 - 2016-09-14 15:38 - 00004042 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-14 15:38 - 2016-09-14 15:38 - 00003790 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-14 15:38 - 2016-09-14 15:38 - 00000000 ____D C:\Users\admin\AppData\Local\Deployment
2016-09-14 15:38 - 2016-09-14 15:38 - 00000000 ____D C:\Users\admin\AppData\Local\Apps\2.0
2016-09-14 15:38 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-09-14 15:38 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-14 15:38 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-09-14 15:38 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-09-14 15:37 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-09-14 15:37 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-09-14 15:37 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-09-14 15:37 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-09-14 15:37 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-09-14 15:34 - 2016-09-15 03:56 - 00000000 ____D C:\Users\admin
2016-09-14 15:34 - 2016-09-14 15:34 - 00001451 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-14 15:34 - 2016-09-14 15:34 - 00001417 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-09-14 15:34 - 2016-09-14 15:34 - 00000020 ___SH C:\Users\admin\ntuser.ini
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Public\Documents\Moje wideo
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Public\Documents\Moje obrazy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Public\Documents\Moja muzyka
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Szablony
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Moje dokumenty
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Menu Start
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\Dane aplikacji
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Ustawienia lokalne
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Szablony
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Moje dokumenty
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Menu Start
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Documents\Moje wideo
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Documents\Moje obrazy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Documents\Moja muzyka
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\Dane aplikacji
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\AppData\Local\Historia
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\Users\admin\AppData\Local\Dane aplikacji
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Ulubione
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Szablony
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Pulpit
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Menu Start
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Dokumenty
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 _SHDL C:\ProgramData\Dane aplikacji
2016-09-14 15:34 - 2016-09-14 15:34 - 00000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2016-09-14 15:34 - 2009-07-14 20:09 - 00000000 ____D C:\Users\admin\AppData\Roaming\Media Center Programs
2016-09-14 15:28 - 2016-09-14 15:28 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-09-14 15:28 - 2016-09-14 15:28 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-15 11:09 - 2009-07-14 19:55 - 00739694 _____ C:\Windows\system32\perfh015.dat
2016-09-15 11:09 - 2009-07-14 19:55 - 00155268 _____ C:\Windows\system32\perfc015.dat
2016-09-15 11:09 - 2009-07-14 07:13 - 01668226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-15 11:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-15 11:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-15 11:03 - 2009-07-14 06:45 - 00301600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-15 11:03 - 2009-07-14 06:45 - 00013600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-15 11:03 - 2009-07-14 06:45 - 00013600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-15 01:44 - 2011-08-01 20:33 - 00000000 ____D C:\Friends
2016-09-14 21:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-09-14 19:31 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-09-14 17:33 - 2009-07-14 20:09 - 00000000 ____D C:\Windows\ShellNew
2016-09-14 16:45 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-09-14 16:24 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-09-14 16:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-09-14 15:34 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-14 15:34 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2016-09-14 15:28 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-14 15:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
 
==================== Files in the root of some directories =======
 
2016-09-14 22:21 - 2016-09-14 22:21 - 0000003 _____ () C:\Users\admin\AppData\Local\updater.log
2016-09-14 22:22 - 2016-09-14 22:22 - 0000424 _____ () C:\Users\admin\AppData\Local\UserProducts.xml
2016-09-14 17:06 - 2016-09-14 17:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\CTPBSeq.exe
C:\Users\admin\AppData\Local\Temp\siinst.exe
C:\Users\admin\AppData\Local\Temp\strings.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-09-14 20:35
 
==================== End of FRST.txt ============================

 

Attached Files


Edited by JamarDracken, 15 September 2016 - 04:58 AM.


BC AdBot (Login to Remove)

 


#2 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:14 PM

Posted 17 September 2016 - 09:11 AM

Hi JamarDracken & Welcome to the forums ^_^,


I would be helping you with your computer problems. Right now, I am a trainee at the Bleeping Computer Malware Removal Study Hall.
I am Pranav and now that we are friends, I would like to call you by your first name if that is fine with you   :hug:

All of my proposed fixes and suggestions must be approved by a fully-qualified Malware Removal Instructor. This will delay response times somewhat, but I will endeavor to respond within a reasonable time, normally 48 hours after your last post.

I will need some time to review your FRST logs and consult with the Malware Response Instructor (MRI) who will be assigned to supervise this topic. That could take a few days. Once I have reviewed my proposed response with the assigned MRI, I will reply to you with initial instructions.

While you wait for further instructions, kindly do not run any additional tools as that might complicate the process of fixing your computer and cause delays.

Have a nice day!

Regards,
Pranav 


Edited by blueelvis, 17 September 2016 - 09:11 AM.

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#3 JamarDracken

JamarDracken
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 17 September 2016 - 11:13 AM

Thanks for a rather fast respond :)

 

Since my post I haven't run any additional tools. I have only removed most of chrome's additions since I don't need them. I have left only Youtube app and Flashcontrol + Adguard extensions. 

 

Today I haven't heard any ads yet but they are not playing on all websites so I'm pretty sure the problem still exists unless it disappeared by itself.

 

Looking forward to your response,

Kamil



#4 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:14 PM

Posted 17 September 2016 - 03:32 PM

Greetings JamarDracken,

 

 

Since the scan is quite old and you have made some changes to the system, I think it would be best if you follow the below procedure again and reply back with the fresh logs -

 

Kindly delete Addition.txt before proceeding ahead.

Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

  • Press Scan button.

  • It will produce a log called FRST.txt in the same directory the tool is run from.

  • Please copy and paste log back here.

  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 
Let me know how it goes and incase of any problem, please let me know.
 
 
Have a nice day!
 
Regards,
Pranav

Edited by blueelvis, 17 September 2016 - 03:33 PM.

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#5 JamarDracken

JamarDracken
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 17 September 2016 - 04:10 PM

I can't put FRST log into my post because it got extremely large with those new created files after format. I attached it to the post in a file. If you want me to post it in another way, let me know.

Attached Files



#6 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:14 PM

Posted 21 September 2016 - 12:54 PM

Hey Kamil ^_^,

 

Before we start dealing with the problems you are experiencing, I would ask that you to take note of the following points:

  • I am a Bleeping Computer volunteer, so I ask you to be patient. I know it is frustrating when your computer is not working properly, but malware removal takes time.
  • Please also remember that I only dedicate a limited number of hours a day to helping people. We may live in different time zones, which may cause delays in responding.
  • If I have not responded to you within 48 hours, please send me a personal message. Likewise, I expect you to respond within 48 hours, and sooner is better because we can fix your computer faster.
  • If I have not heard from you in three days, I will "bump" your post. After five days of no response, I will consider that you no longer need my assistance and this thread will be closed.
  • Logs can take a while to research, so please be patient.
  • Some issues just cannot be solved so you must be prepared for this.
  • Please read and follow the instructions in the exact sequence that they are posted to avoid making a bad situation worse.
  • Please print or copy and save the instructions.
  • Back up all your data and important files on another (external) drive before starting to run malware removal tools.
  • You should try to limit your browsing with this computer until you are given the "All Clear." Some malware applications steal passwords.
  • Please do not install or uninstall any applications, unless directed. Don't run any scripts or tools on your own because unsupervised usage may cause more harm than good.
  • Please use only that tools you have been instructed to use.
  • If you are using CD/DVD emulation software, this should be uninstalled or disabled as it can interfere with the removal of some malware. It can be turned off with Defogger and then turned back on when you get the "All Clear."
  • Please copy and paste the requested log files inside your post, unless otherwise instructed.
  • There are no silly questions. Ask for clarification, if you have any questions or concerns.
  • Bleeping Computer does not support any piracy. Evidence of illegal OS, software, cracks/keygens, etc., will be revealed by scan logs, and if found, further assistance may be suspended. Uninstall such software before proceeding!
  • Any P2P software such as uTorrent, BitTorrent, Kazaa, etc. must be uninstalled or completely disabled. P2P software is a major security risk to your computer and that may have been the route the malware used to infect your computer. Do not use any P2P software until we conclude your topic.
  • Failure to follow these guidelines may result in assistance being withdrawn and your thread being closed.
  • I am volunteering my time to help you, and I will need you to help me. Together, we can, hopefully, disinfect your computer and get if functioning properly again. That is my only aim.

 

Before we proceed further, I would need answers to the following questions to help you out better -

  1. I see a user created on the system from the following entry where the first word is of the username -
    Gość (S-1-5-21-1797493665-689152161-215716262-501 - Limited - Disabled)
  2. Did you set these DNS servers yourself? DNS Servers:
    46.28.68.226 - 8.8.8.8

 

 

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Have a nice day!

 

Let me know in case of any problem ^_^

 

 

-Pranav

Attached Files


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#7 JamarDracken

JamarDracken
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 21 September 2016 - 01:58 PM

1. It's a profile created by Windows by default. It means 'guest' in english

2. Not really sure about those DNS, it seems I have auto dns set up but maybe it's a dns from my internet provider.

 

Log:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-09-2016
Ran by admin (21-09-2016 20:55:36) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
dbx => service removed successfully
MBAMSwissArmy => service removed successfully
ZAM => service removed successfully
ZAM_Guard => service removed successfully
 
==== End of Fixlog 20:55:36 ====


#8 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:14 PM

Posted 25 September 2016 - 05:54 AM

Hey Kamil ^_^,


Sorry for the delay :(

Thanks for clearing the doubts. I would like you to set your DNS settings as per the below guide -

https://support.opendns.com/entries/95614747-Windows-10-Configuration-Instructions

Once you have changed the settings, please reboot the system and then proceed ahead.

 
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • To open a Cleaning log, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  •  

    Please download Farbar Recovery Scan Tool and save it to your Desktop. Also, please make sure that you have deleted Addition.txt before proceeding ahead.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     


    Let me know in case of any problems ^_^,


    Regards,
    Pranav

Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#9 JamarDracken

JamarDracken
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 25 September 2016 - 12:49 PM

# AdwCleaner v6.020 - Logfile created 25/09/2016 at 19:28:22
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-25.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : admin - ADMIN-KOMPUTER
# Running from : C:\Users\admin\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [1414 Bytes] - [14/09/2016 18:46:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [1779 Bytes] - [14/09/2016 18:46:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [1925 Bytes] - [14/09/2016 18:53:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [1529 Bytes] - [15/09/2016 03:43:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [1614 Bytes] - [25/09/2016 19:27:20]
C:\AdwCleaner\AdwCleaner[S4].txt - [1362 Bytes] - [25/09/2016 19:28:22]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1435 Bytes] ##########
 
 
 
 
 

Attached Files



#10 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:14 PM

Posted 27 September 2016 - 05:18 PM

Hey Kamil ^_^,

 

Your machine appears clean!

Are you having any additional problems at this point? If so, please let me know. Otherwise feel free to enjoy use of your repaired machine :thumbup2:

bwebb7v.jpgDownload Delfix from here and save it to your desktop.

  • Ensure Remove disinfection tools is checked.
  • Also place a checkmark next to:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click the Run button.

When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.

The most common cause of an infected machine is the Trojan Horse, or programs which appear to be legitimate but which contain malicious payloads, or which are simply malicious in and of themselves. No antivirus, firewall, host-based intrusion prevention system (HIPS), or other security software can fully protect you against this kind of attack. The best way to project yourself is not to run email attachments from untrusted sources, and avoid software downloaded from the internet wherever possible. Remember, when you run an application, you are giving that application permission to do to your machine anything you can do to the machine, including create, modify, or destroy files or other data. In the Windows (and most other systems' such as Unix) security model, applications don't have privileges, users do.

The second most common cause of infection is out of date software. Leaving your system unpatched leaves holes through which attackers can execute code on your behalf without your consent. This goes for far more than common targets such as Windows and Internet Explorer. Most recent threats target other third party software, such as Adobe's Adobe Reader, Shockwave Player, or Flash Player, or Oracle's Java browser plugins. You can check your system for out of date software manually, or by using automated tools such as Secunia's Personal Software Inspector. This goes doubly for security applications such as antivirus and other antimalware products based on definition lists, where out of date lists mean no detection of newer malware.

Finally, occasionally you will be forced to run some potentially infected binary, or attackers will use a hole which is unpatched by software vendors, so a last line of defense is needed. That means turning on a firewall (Windows Firewall included with Windows XP SP2 or later is fine) and leaving it on, and using and keeping up to date an antivirus solution such as Norton AntiVirus. Antiviral solutions don't even have to cost money; for instance Microsoft Secuity Essentials provides perfectly acceptable protection for free. If for some reason you don't like MSE, there are other free products available as well:

  • Avast (home use only)
  • Avira (shows nag screen to purchase full product when updating, home use only)
  • AVG (slightly poorer performance as of late)

That should be fine for the majority of users. However, if you absolutely want additional protection, consider one or more of the following products:

If you want more information on methods malware use to infect your computer, consider browsing our How did I get infected? topic.

 

Have a nice day!

 

 

Regards,

Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#11 JamarDracken

JamarDracken
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:44 AM

Posted 27 September 2016 - 05:25 PM

I think there are no problems so far. Thanks for the help :) 
 
# DelFix v1.013 - Logfile created 28/09/2016 at 00:22:35
# Updated 17/04/2016 by Xplode
# Username : admin - ADMIN-KOMPUTER
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\admin\Desktop\FRST-OlderVersion
Deleted : C:\TDSSKiller.3.1.0.11_14.09.2016_18.42.37_log.txt
Deleted : C:\TDSSKiller.3.1.0.11_14.09.2016_18.56.53_log.txt
Deleted : C:\Users\admin\Desktop\Addition.txt
Deleted : C:\Users\admin\Desktop\AdwCleaner.exe
Deleted : C:\Users\admin\Desktop\FRST.txt
Deleted : C:\Users\admin\Downloads\Addition (1).txt
Deleted : C:\Users\admin\Downloads\Addition.txt
Deleted : C:\Users\admin\Downloads\AdwCleaner (1).exe
Deleted : C:\Users\admin\Downloads\adwcleaner_6.010.exe
Deleted : C:\Users\admin\Downloads\FRST (1).txt
Deleted : C:\Users\admin\Downloads\FRST (2).txt
Deleted : C:\Users\admin\Downloads\FRST.txt
Deleted : C:\Users\admin\Downloads\OTL (1).Txt
Deleted : C:\Users\admin\Downloads\OTL.Txt
Deleted : C:\Users\admin\Downloads\OTL.exe
Deleted : C:\Users\admin\Downloads\tdsskiller.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #17 [Dodatek Windows 7 Service Pack 1 | 09/15/2016 10:03:09]
Deleted : RP #18 [Windows Update | 09/15/2016 10:13:58]
Deleted : RP #19 [Instalator modułów systemu Windows | 09/15/2016 10:46:24]
Deleted : RP #20 [Zainstalowane Realtek Ethernet Controller Driver | 09/18/2016 22:00:49]
Deleted : RP #21 [Installed OSCAR Editor | 09/18/2016 22:58:00]
 
New restore point created !
 
########## - EOF - ##########


#12 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:44 AM

Posted 27 September 2016 - 07:57 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users