Chrome.exe is trying to access harmful sites...
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18315 BrowserJavaVersion: 11.77.2
Run by user at 15:51:57 on 2016-05-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3966.1130 [GMT -4:00]
.
AV: Kaspersky Total Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Total Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\AMT\atchksrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Intel\AMT\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Intel\AMT\UNS.exe
C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Intel\AMT\atchk.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Classic Start Menu\ClassicStartMenu.exe
C:\Program Files (x86)\Pamela\Pamela.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Antification\Ant Rapunzel\AntRapunzel.exe
C:\Program Files (x86)\Classic Start Menu\VistaHookApp.exe
C:\Program Files (x86)\MediatekWiFi\Common\ApUI.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
C:\Windows\V0690Mon.exe
C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files (x86)\Logitech\H760\H760.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\splwow64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\EditPlus 3\editplus.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mstart.exe
C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mcomm.exe
C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mlauncher.exe
C:\Program Files (x86)\linkalchemist\LinkAlchemist.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon-x64.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Kaspersky Protection plugin: {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: Kaspersky Protection toolbar: {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll
uRun: [GoToMeeting] "C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mstart.exe" "/Trigger RunAtLogon"
uRun: [ClassicStartMenu] "C:\Program Files (x86)\Classic Start Menu\ClassicStartMenu.exe"
uRun: [pamela.exe] "C:\Program Files (x86)\Pamela\Pamela.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [BingSvc] C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [Live! Central 3] "C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" /mode2
mRun: [V0690Mon.exe] C:\Windows\V0690Mon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Logitech H760] C:\Program Files (x86)\Logitech\H760\H760.exe
StartupFolder: C:\Users\user\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTRAP~1.LNK - C:\Program Files (x86)\Antification\Ant Rapunzel\AntRapunzel.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MEDIAT~1.LNK - C:\Program Files (x86)\MediatekWiFi\Common\ApUI.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Customize Menu - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: Fill Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Save Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Show RoboForm Toolbar - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Trusted Zone: localhost
Trusted Zone: webcompanion.com
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8F5475E8-F566-41D2-8C5B-4FA095ACFC01} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Kaspersky Protection plugin: {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-TB: Kaspersky Protection toolbar: {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll
x64-Run: [atchk] "C:\Program Files (x86)\Intel\AMT\atchk.exe"
x64-Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mz4cbpw5.default-1446683940283\
FF - prefs.js: browser.startup.homepage - hxxp://www.outcall.net/toplist/
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Stamps.com Web Postage Plug-in\npsdcwc.dll
FF - plugin: C:\Users\user\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);C:\Windows\System32\drivers\cm_km.sys [2015-7-6 389816]
R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\Windows\System32\drivers\klbackupdisk.sys [2015-6-6 53432]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2015-11-23 55280]
R1 klbackupflt;Kaspersky Lab klbackupflt;C:\Windows\System32\drivers\klbackupflt.sys [2015-6-27 70000]
R1 klhk;Kaspersky Lab service driver;C:\Windows\System32\drivers\klhk.sys [2015-7-4 227000]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2015-6-11 39096]
R1 klpd;Kaspersky Lab format recognizer driver;C:\Windows\System32\drivers\klpd.sys [2015-6-8 41352]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2015-6-11 65208]
R1 Klwtp;Klwtp;C:\Windows\System32\drivers\klwtp.sys [2015-6-16 103096]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2015-6-23 187056]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [2015-7-9 194000]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 kldisk;kldisk;C:\Windows\System32\drivers\kldisk.sys [2015-6-6 77728]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-11-9 1514464]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-11-9 1136608]
R2 MediatekRegistryWriter;MediatekRegistryWriter;C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [2015-9-18 405136]
R2 MediatekRegistryWriter64;MediatekRegistryWriter64;C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [2015-9-18 454288]
R3 busenum;Synology Virtual USB Hub;C:\Windows\System32\drivers\busenum.sys [2012-8-3 55776]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-2-8 176000]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-8-1 70424]
R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2015-8-19 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2015-6-6 41144]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2015-6-7 41648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-11-9 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-11-9 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-11-9 64896]
R3 V0690Vid;Creative Live! Cam Socialize HD AF / ZiiCam Driver;C:\Windows\System32\drivers\V0690Vid.sys [2013-2-8 393952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S3 Brpu3sapw;Brpu3sapw;C:\Windows\System32\drivers\wimmount.sys [2009-7-13 22096]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-5-19 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-5 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-11 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-5 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
.
=============== Created Last 30 ================
.
2016-05-19 19:27:56 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{21D52005-5752-44B8-AA65-C1B100DD6179}\offreg.2416.dll
2016-05-19 12:19:36 11695896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{21D52005-5752-44B8-AA65-C1B100DD6179}\mpengine.dll
2016-05-19 11:27:28 30720 ----a-w- C:\Windows\System32\seclogon.dll
2016-05-19 11:26:59 8192 ----a-w- C:\Windows\System32\drivers\en-US\tpm.sys.mui
2016-05-19 11:25:55 511488 ----a-w- C:\Windows\System32\rpcss.dll
2016-05-19 11:18:50 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2016-05-19 11:18:49 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2016-05-17 20:50:11 -------- d-----w- C:\Program Files (x86)\RssAuthoritySniper2
2016-05-16 16:38:25 -------- d-----w- C:\searchplugins
2016-05-16 16:38:25 -------- d-----w- C:\extensions
2016-05-14 14:37:44 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160514_103744
2016-05-07 17:12:59 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160507_131259
2016-05-03 18:13:50 192216 ----a-w- C:\Windows\System32\drivers\10551806.sys
2016-05-03 14:41:20 225976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2016-05-03 14:41:20 225976 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2016-05-01 18:12:40 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160501_141240
2016-05-01 18:12:39 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160501_141239
2016-04-25 18:06:05 192216 ----a-w- C:\Windows\System32\drivers\339E2107.sys
2016-04-24 10:41:59 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064159
2016-04-24 10:41:58 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064158
2016-04-24 10:41:57 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064157
2016-04-24 10:41:56 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064156
2016-04-24 10:41:55 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064155
2016-04-24 10:40:53 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064053
2016-04-24 10:40:52 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064052
2016-04-24 10:40:51 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064051
2016-04-24 10:40:50 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064050
2016-04-22 18:12:06 192216 ----a-w- C:\Windows\System32\drivers\1F153B3C.sys
2016-04-22 16:37:28 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_123728
2016-04-22 15:56:05 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115605
2016-04-22 15:56:04 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115604
2016-04-22 15:56:03 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115603
2016-04-22 15:56:02 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115602
2016-04-22 15:56:01 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115601
2016-04-22 15:56:00 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115600
2016-04-22 15:55:59 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115559
2016-04-22 15:55:58 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115558
2016-04-22 15:55:57 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115557
2016-04-22 15:55:56 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115556
2016-04-22 15:55:55 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115555
2016-04-22 15:55:54 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115554
2016-04-22 15:55:53 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115553
2016-04-22 15:55:52 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115552
2016-04-22 15:55:51 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115551
2016-04-22 15:55:50 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115550
2016-04-22 15:55:49 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115549
2016-04-22 15:55:48 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115548
.
==================== Find3M ====================
.
2016-05-20 18:15:33 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-05-13 16:07:18 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-05-13 16:07:18 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-04-23 05:16:10 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-04-23 05:16:00 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-04-23 05:01:23 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-04-23 05:00:39 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-04-23 05:00:32 417792 ----a-w- C:\Windows\System32\html.iec
2016-04-23 05:00:10 571904 ----a-w- C:\Windows\System32\vbscript.dll
2016-04-23 05:00:01 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-04-23 04:47:35 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-04-23 04:47:34 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-04-23 04:47:20 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-04-23 04:46:47 6052352 ----a-w- C:\Windows\System32\jscript9.dll
2016-04-23 04:40:13 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-04-23 04:29:15 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-04-23 04:20:51 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-04-23 04:08:47 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-04-23 04:08:47 497152 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-04-23 04:08:09 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-04-23 04:07:58 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-04-23 04:07:05 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-04-23 04:06:09 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-04-23 04:05:05 2131968 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-04-23 03:58:33 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-04-23 03:58:14 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-04-23 03:51:54 2596864 ----a-w- C:\Windows\System32\wininet.dll
2016-04-23 03:45:54 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-04-23 03:36:58 4611072 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-04-23 03:30:55 2056192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-04-23 03:30:34 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-04-23 03:12:38 2121216 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-04-21 19:05:02 453288 ------w- C:\Windows\System32\MpSigStub.exe
2016-04-20 18:08:40 192216 ----a-w- C:\Windows\System32\drivers\4FA91C57.sys
2016-04-19 18:16:03 192216 ----a-w- C:\Windows\System32\drivers\344953DC.sys
2016-04-19 18:13:07 192216 ----a-w- C:\Windows\System32\drivers\56C2519D.sys
2016-04-18 18:11:23 192216 ----a-w- C:\Windows\System32\drivers\05100228.sys
2016-04-15 18:10:16 192216 ----a-w- C:\Windows\System32\drivers\3E8916E7.sys
2016-04-14 13:49:13 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2016-04-14 13:21:17 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2016-04-11 18:09:05 192216 ----a-w- C:\Windows\System32\drivers\0CE95D77.sys
2016-04-09 07:02:34 631176 ----a-w- C:\Windows\System32\winresume.efi
2016-04-09 07:01:44 706280 ----a-w- C:\Windows\System32\winload.efi
2016-04-09 07:01:43 5546216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-04-09 07:01:42 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-04-09 07:01:42 154344 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-04-09 07:01:41 986344 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-04-09 07:01:41 264936 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2016-04-09 06:59:48 3998952 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-04-09 06:59:48 3943144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-04-09 06:59:27 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2016-04-09 06:57:59 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-04-09 06:54:54 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-04-09 05:52:09 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2016-04-09 05:52:04 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2016-04-09 05:52:04 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2016-04-09 05:51:21 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-04-09 05:49:33 3217408 ----a-w- C:\Windows\System32\win32k.sys
2016-04-09 05:48:16 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-04-09 05:47:23 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-04-09 05:44:39 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-04-09 05:44:06 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-04-09 05:44:03 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-04-09 05:43:20 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-04-09 05:43:17 112640 ----a-w- C:\Windows\System32\smss.exe
2016-04-09 05:42:19 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-04-09 05:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-04-09 05:38:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-04-09 05:38:24 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-04-09 05:38:24 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-04-09 05:37:37 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-04-09 05:37:29 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-04-09 05:37:29 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-09 05:37:29 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-09 05:37:29 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-04-06 17:48:37 192216 ----a-w- C:\Windows\System32\drivers\565E4722.sys
2016-04-06 15:27:53 24576 ----a-w- C:\Windows\System32\jnwmon.dll
2016-04-05 18:17:24 192216 ----a-w- C:\Windows\System32\drivers\50F80F08.sys
2016-04-04 18:14:42 192216 ----a-w- C:\Windows\System32\drivers\7C173ED5.sys
2016-04-04 18:14:06 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-04-04 18:02:17 1169408 ----a-w- C:\Windows\System32\aeinv.dll
2016-04-02 13:08:13 1386496 ----a-w- C:\Windows\System32\appraiser.dll
2016-04-01 18:12:46 192216 ----a-w- C:\Windows\System32\drivers\2C4052F4.sys
2016-03-29 20:54:51 97856 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2016-03-23 14:02:01 215040 ----a-w- C:\Windows\System32\aepic.dll
2016-03-20 14:51:46 192216 ----a-w- C:\Windows\System32\drivers\17AC0F84.sys
2016-03-17 22:56:24 2084864 ----a-w- C:\Windows\System32\ole32.dll
2016-03-17 22:28:21 1414144 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-03-17 18:04:39 698368 ----a-w- C:\Windows\System32\generaltel.dll
2016-03-17 18:04:39 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-03-17 18:04:39 279040 ----a-w- C:\Windows\System32\invagent.dll
2016-03-17 18:04:38 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-03-16 18:50:06 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2016-03-16 18:28:15 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2016-03-16 18:28:12 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2016-03-16 00:16:10 760320 ----a-w- C:\Windows\System32\samsrv.dll
2016-03-16 00:16:10 106496 ----a-w- C:\Windows\System32\samlib.dll
2016-03-15 23:53:30 60416 ----a-w- C:\Windows\SysWow64\samlib.dll
2016-03-14 15:00:05 192216 ----a-w- C:\Windows\System32\drivers\5BBC4116.sys
2016-03-10 18:09:06 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
.
============= FINISH: 15:53:33.90 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18315 BrowserJavaVersion: 11.77.2
Run by user at 15:51:57 on 2016-05-20
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3966.1130 [GMT -4:00]
.
AV: Kaspersky Total Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Total Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\AMT\atchksrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Intel\AMT\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Intel\AMT\UNS.exe
C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Intel\AMT\atchk.exe
C:\Program Files\Everything\Everything.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Classic Start Menu\ClassicStartMenu.exe
C:\Program Files (x86)\Pamela\Pamela.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Antification\Ant Rapunzel\AntRapunzel.exe
C:\Program Files (x86)\Classic Start Menu\VistaHookApp.exe
C:\Program Files (x86)\MediatekWiFi\Common\ApUI.exe
C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
C:\Windows\V0690Mon.exe
C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files (x86)\Logitech\H760\H760.exe
C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\splwow64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\EditPlus 3\editplus.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe
C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mstart.exe
C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mcomm.exe
C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mlauncher.exe
C:\Program Files (x86)\linkalchemist\LinkAlchemist.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon-x64.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Kaspersky Protection plugin: {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: Kaspersky Protection toolbar: {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll
uRun: [GoToMeeting] "C:\Program Files (x86)\Citrix\GoToMeeting\4911\g2mstart.exe" "/Trigger RunAtLogon"
uRun: [ClassicStartMenu] "C:\Program Files (x86)\Classic Start Menu\ClassicStartMenu.exe"
uRun: [pamela.exe] "C:\Program Files (x86)\Pamela\Pamela.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [BingSvc] C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [Live! Central 3] "C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" /mode2
mRun: [V0690Mon.exe] C:\Windows\V0690Mon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Logitech H760] C:\Program Files (x86)\Logitech\H760\H760.exe
StartupFolder: C:\Users\user\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ANTRAP~1.LNK - C:\Program Files (x86)\Antification\Ant Rapunzel\AntRapunzel.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MEDIAT~1.LNK - C:\Program Files (x86)\MediatekWiFi\Common\ApUI.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Customize Menu - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: Fill Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Save Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Show RoboForm Toolbar - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Trusted Zone: localhost
Trusted Zone: webcompanion.com
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8F5475E8-F566-41D2-8C5B-4FA095ACFC01} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Kaspersky Protection plugin: {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-TB: Kaspersky Protection toolbar: {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll
x64-Run: [atchk] "C:\Program Files (x86)\Intel\AMT\atchk.exe"
x64-Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\mz4cbpw5.default-1446683940283\
FF - prefs.js: browser.startup.homepage - hxxp://www.outcall.net/toplist/
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Stamps.com Web Postage Plug-in\npsdcwc.dll
FF - plugin: C:\Users\user\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);C:\Windows\System32\drivers\cm_km.sys [2015-7-6 389816]
R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\Windows\System32\drivers\klbackupdisk.sys [2015-6-6 53432]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2015-11-23 55280]
R1 klbackupflt;Kaspersky Lab klbackupflt;C:\Windows\System32\drivers\klbackupflt.sys [2015-6-27 70000]
R1 klhk;Kaspersky Lab service driver;C:\Windows\System32\drivers\klhk.sys [2015-7-4 227000]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2015-6-11 39096]
R1 klpd;Kaspersky Lab format recognizer driver;C:\Windows\System32\drivers\klpd.sys [2015-6-8 41352]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2015-6-11 65208]
R1 Klwtp;Klwtp;C:\Windows\System32\drivers\klwtp.sys [2015-6-16 103096]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2015-6-23 187056]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [2015-7-9 194000]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 kldisk;kldisk;C:\Windows\System32\drivers\kldisk.sys [2015-6-6 77728]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-11-9 1514464]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-11-9 1136608]
R2 MediatekRegistryWriter;MediatekRegistryWriter;C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [2015-9-18 405136]
R2 MediatekRegistryWriter64;MediatekRegistryWriter64;C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [2015-9-18 454288]
R3 busenum;Synology Virtual USB Hub;C:\Windows\System32\drivers\busenum.sys [2012-8-3 55776]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-2-8 176000]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-8-1 70424]
R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2015-8-19 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2015-6-6 41144]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2015-6-7 41648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-11-9 27008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-11-9 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-11-9 64896]
R3 V0690Vid;Creative Live! Cam Socialize HD AF / ZiiCam Driver;C:\Windows\System32\drivers\V0690Vid.sys [2013-2-8 393952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S3 Brpu3sapw;Brpu3sapw;C:\Windows\System32\drivers\wimmount.sys [2009-7-13 22096]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-5-19 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-5 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-11 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-5 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
.
=============== Created Last 30 ================
.
2016-05-19 19:27:56 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{21D52005-5752-44B8-AA65-C1B100DD6179}\offreg.2416.dll
2016-05-19 12:19:36 11695896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{21D52005-5752-44B8-AA65-C1B100DD6179}\mpengine.dll
2016-05-19 11:27:28 30720 ----a-w- C:\Windows\System32\seclogon.dll
2016-05-19 11:26:59 8192 ----a-w- C:\Windows\System32\drivers\en-US\tpm.sys.mui
2016-05-19 11:25:55 511488 ----a-w- C:\Windows\System32\rpcss.dll
2016-05-19 11:18:50 1424896 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2016-05-19 11:18:49 1230848 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2016-05-17 20:50:11 -------- d-----w- C:\Program Files (x86)\RssAuthoritySniper2
2016-05-16 16:38:25 -------- d-----w- C:\searchplugins
2016-05-16 16:38:25 -------- d-----w- C:\extensions
2016-05-14 14:37:44 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160514_103744
2016-05-07 17:12:59 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160507_131259
2016-05-03 18:13:50 192216 ----a-w- C:\Windows\System32\drivers\10551806.sys
2016-05-03 14:41:20 225976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2016-05-03 14:41:20 225976 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2016-05-01 18:12:40 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160501_141240
2016-05-01 18:12:39 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160501_141239
2016-04-25 18:06:05 192216 ----a-w- C:\Windows\System32\drivers\339E2107.sys
2016-04-24 10:41:59 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064159
2016-04-24 10:41:58 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064158
2016-04-24 10:41:57 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064157
2016-04-24 10:41:56 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064156
2016-04-24 10:41:55 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064155
2016-04-24 10:40:53 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064053
2016-04-24 10:40:52 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064052
2016-04-24 10:40:51 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064051
2016-04-24 10:40:50 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160424_064050
2016-04-22 18:12:06 192216 ----a-w- C:\Windows\System32\drivers\1F153B3C.sys
2016-04-22 16:37:28 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_123728
2016-04-22 15:56:05 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115605
2016-04-22 15:56:04 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115604
2016-04-22 15:56:03 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115603
2016-04-22 15:56:02 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115602
2016-04-22 15:56:01 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115601
2016-04-22 15:56:00 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115600
2016-04-22 15:55:59 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115559
2016-04-22 15:55:58 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115558
2016-04-22 15:55:57 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115557
2016-04-22 15:55:56 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115556
2016-04-22 15:55:55 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115555
2016-04-22 15:55:54 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115554
2016-04-22 15:55:53 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115553
2016-04-22 15:55:52 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115552
2016-04-22 15:55:51 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115551
2016-04-22 15:55:50 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115550
2016-04-22 15:55:49 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115549
2016-04-22 15:55:48 -------- d-----w- C:\Users\user\AppData\Roaming\ebook_convert_20160422_115548
.
==================== Find3M ====================
.
2016-05-20 18:15:33 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-05-13 16:07:18 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-05-13 16:07:18 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-04-23 05:16:10 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-04-23 05:16:00 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-04-23 05:01:23 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-04-23 05:00:39 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-04-23 05:00:32 417792 ----a-w- C:\Windows\System32\html.iec
2016-04-23 05:00:10 571904 ----a-w- C:\Windows\System32\vbscript.dll
2016-04-23 05:00:01 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-04-23 04:47:35 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-04-23 04:47:34 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-04-23 04:47:20 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-04-23 04:46:47 6052352 ----a-w- C:\Windows\System32\jscript9.dll
2016-04-23 04:40:13 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-04-23 04:29:15 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-04-23 04:20:51 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-04-23 04:08:47 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-04-23 04:08:47 497152 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-04-23 04:08:09 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-04-23 04:07:58 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-04-23 04:07:05 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-04-23 04:06:09 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-04-23 04:05:05 2131968 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-04-23 03:58:33 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-04-23 03:58:14 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-04-23 03:51:54 2596864 ----a-w- C:\Windows\System32\wininet.dll
2016-04-23 03:45:54 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-04-23 03:36:58 4611072 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-04-23 03:30:55 2056192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-04-23 03:30:34 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-04-23 03:12:38 2121216 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-04-21 19:05:02 453288 ------w- C:\Windows\System32\MpSigStub.exe
2016-04-20 18:08:40 192216 ----a-w- C:\Windows\System32\drivers\4FA91C57.sys
2016-04-19 18:16:03 192216 ----a-w- C:\Windows\System32\drivers\344953DC.sys
2016-04-19 18:13:07 192216 ----a-w- C:\Windows\System32\drivers\56C2519D.sys
2016-04-18 18:11:23 192216 ----a-w- C:\Windows\System32\drivers\05100228.sys
2016-04-15 18:10:16 192216 ----a-w- C:\Windows\System32\drivers\3E8916E7.sys
2016-04-14 13:49:13 603648 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2016-04-14 13:21:17 647680 ----a-w- C:\Windows\System32\d3d10level9.dll
2016-04-11 18:09:05 192216 ----a-w- C:\Windows\System32\drivers\0CE95D77.sys
2016-04-09 07:02:34 631176 ----a-w- C:\Windows\System32\winresume.efi
2016-04-09 07:01:44 706280 ----a-w- C:\Windows\System32\winload.efi
2016-04-09 07:01:43 5546216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-04-09 07:01:42 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-04-09 07:01:42 154344 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-04-09 07:01:41 986344 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-04-09 07:01:41 264936 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2016-04-09 06:59:48 3998952 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-04-09 06:59:48 3943144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-04-09 06:59:27 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2016-04-09 06:57:59 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-04-09 06:54:54 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-04-09 05:52:09 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2016-04-09 05:52:04 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2016-04-09 05:52:04 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2016-04-09 05:51:21 64000 ----a-w- C:\Windows\System32\auditpol.exe
2016-04-09 05:49:33 3217408 ----a-w- C:\Windows\System32\win32k.sys
2016-04-09 05:48:16 338432 ----a-w- C:\Windows\System32\conhost.exe
2016-04-09 05:47:23 296960 ----a-w- C:\Windows\System32\rstrui.exe
2016-04-09 05:44:39 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2016-04-09 05:44:06 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2016-04-09 05:44:03 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2016-04-09 05:43:20 30720 ----a-w- C:\Windows\System32\lsass.exe
2016-04-09 05:43:17 112640 ----a-w- C:\Windows\System32\smss.exe
2016-04-09 05:42:19 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2016-04-09 05:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2016-04-09 05:38:24 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2016-04-09 05:38:24 2048 ----a-w- C:\Windows\SysWow64\user.exe
2016-04-09 05:38:24 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2016-04-09 05:37:37 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-04-09 05:37:29 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2016-04-09 05:37:29 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-09 05:37:29 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-09 05:37:29 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2016-04-06 17:48:37 192216 ----a-w- C:\Windows\System32\drivers\565E4722.sys
2016-04-06 15:27:53 24576 ----a-w- C:\Windows\System32\jnwmon.dll
2016-04-05 18:17:24 192216 ----a-w- C:\Windows\System32\drivers\50F80F08.sys
2016-04-04 18:14:42 192216 ----a-w- C:\Windows\System32\drivers\7C173ED5.sys
2016-04-04 18:14:06 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-04-04 18:02:17 1169408 ----a-w- C:\Windows\System32\aeinv.dll
2016-04-02 13:08:13 1386496 ----a-w- C:\Windows\System32\appraiser.dll
2016-04-01 18:12:46 192216 ----a-w- C:\Windows\System32\drivers\2C4052F4.sys
2016-03-29 20:54:51 97856 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2016-03-23 14:02:01 215040 ----a-w- C:\Windows\System32\aepic.dll
2016-03-20 14:51:46 192216 ----a-w- C:\Windows\System32\drivers\17AC0F84.sys
2016-03-17 22:56:24 2084864 ----a-w- C:\Windows\System32\ole32.dll
2016-03-17 22:28:21 1414144 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-03-17 18:04:39 698368 ----a-w- C:\Windows\System32\generaltel.dll
2016-03-17 18:04:39 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-03-17 18:04:39 279040 ----a-w- C:\Windows\System32\invagent.dll
2016-03-17 18:04:38 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-03-16 18:50:06 156672 ----a-w- C:\Windows\System32\mtxoci.dll
2016-03-16 18:28:15 111616 ----a-w- C:\Windows\SysWow64\mtxoci.dll
2016-03-16 18:28:12 176128 ----a-w- C:\Windows\SysWow64\msorcl32.dll
2016-03-16 00:16:10 760320 ----a-w- C:\Windows\System32\samsrv.dll
2016-03-16 00:16:10 106496 ----a-w- C:\Windows\System32\samlib.dll
2016-03-15 23:53:30 60416 ----a-w- C:\Windows\SysWow64\samlib.dll
2016-03-14 15:00:05 192216 ----a-w- C:\Windows\System32\drivers\5BBC4116.sys
2016-03-10 18:09:06 64896 ----a-w- C:\Windows\System32\drivers\mwac.sys
.
============= FINISH: 15:53:33.90 ===============