DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 10.67.2 Run by Henk at 23:24:34 on 2014-08-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.1527 [GMT 2:00] . AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\svchost.exe -k netsvcs C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\SysWOW64\PnkBstrB.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\UI0Detect.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Glary Utilities 5\Integrator.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\explorer.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mDefault_Page_URL = hxxp://www.google.com uProxyOverride = dURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [Wisdom-soft ScreenHunter 5.1 Free] C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun mRun: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui mRun: [StartCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" msrun mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:221 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_65-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_65-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_65-windows-i586.cab TCP: NameServer = 212.54.44.54 212.54.40.25 TCP: Interfaces\{82D4E555-44D8-4A0C-9B3C-C667CFBEEBC2} : DHCPNameServer = 212.54.44.54 212.54.40.25 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = hxxp://www.google.com x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - x64-Run: [RunDLLEntry] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\AmbRunE.dll,RunDLLEntry x64-Run: [IntelliPoint] c:\program files\microsoft intellipoint\ipoint.exe x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - . ================= FIREFOX =================== . FF - ProfilePath - D:\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\94okqsys.default\ FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxps://www.google.com/search FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll FF - plugin: D:\Henk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: D:\Henk\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll FF - plugin: D:\Henk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: D:\Henk\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: D:\Henk\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: D:\Henk\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: D:\Henk\AppData\Roaming\Mozilla\plugins\npoctoshape.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-19 65776] R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-19 224896] R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-8-17 17600] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-3-20 56208] R0 TfFsMon;TfFsMon;C:\Windows\System32\drivers\TfFsMon.sys [2012-4-27 65072] R0 TfSysMon;TfSysMon;C:\Windows\System32\drivers\TfSysMon.sys [2012-4-27 74824] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2011-4-10 1041168] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2010-10-16 427360] R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-8-17 20672] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-23 172344] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-7 239616] R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 29208] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-10-16 79184] R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2013-12-28 92008] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-7-30 50344] R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe [2014-7-7 72992] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-8-16 1809720] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-8-16 860472] R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968] R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-6-5 93040] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-8-16 25816] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-8-16 122584] R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-8-16 63704] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2014-2-15 690864] R3 VMUVC;Vimicro Camera Service VMUVC;C:\Windows\System32\drivers\vmuvc.sys [2012-5-23 198784] R3 vvftUVC;Vimicro Camera Filter Service VMUVC;C:\Windows\System32\drivers\vvftUVC.sys [2012-5-23 303616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 WiseBootAssistant;Wise Boot Assistant;C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2014-8-1 580232] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-10-16 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-10-16 79360] S3 FLASHSYS;FLASHSYS;C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys [2010-10-16 15192] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-1-15 57856] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-15 111616] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456] S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2014-8-1 31800] S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2010-10-16 79360] S3 TfNetMon;TfNetMon;C:\Windows\System32\drivers\TfNetMon.sys [2012-4-27 41888] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-15 56832] S3 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2014-1-15 27768] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-18 1255736] S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2013-12-18 2103096] . =============== Created Last 30 ================ . 2014-08-22 11:53:56 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3BA72719-D01B-4F7C-8CAB-9B5B08017F97}\mpengine.dll 2014-08-21 21:25:38 -------- d-----w- D:\Henk\AppData\Roaming\Floria 2014-08-21 21:06:35 -------- d-----w- D:\Henk\AppData\Roaming\Jewel Match 4 2014-08-17 12:57:55 -------- d-----w- C:\ProgramData\GlarySoft 2014-08-17 12:54:16 46704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2014-08-17 12:39:35 -------- d-----w- C:\ProgramData\HitmanPro 2014-08-17 12:38:21 -------- d-----w- C:\Program Files\Defraggler 2014-08-17 12:34:05 20672 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys 2014-08-17 12:34:04 17600 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys 2014-08-17 12:34:04 118048 ----a-w- C:\Windows\System32\BootDefrag.exe 2014-08-17 12:34:04 -------- d-----w- D:\Henk\AppData\Roaming\DiskDefrag 2014-08-17 12:33:51 -------- d-----w- C:\Program Files (x86)\Glary Utilities 5 2014-08-17 11:58:07 -------- d-----w- D:\Henk\AppData\Roaming\SUPERAntiSpyware.com 2014-08-16 12:51:04 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-08-16 12:50:53 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-08-16 12:50:53 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-08-16 12:50:53 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-08-16 12:50:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-15 20:39:29 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll 2014-08-15 20:39:29 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe 2014-08-15 20:39:29 171160 ----a-w- C:\Windows\System32\infocardapi.dll 2014-08-15 20:39:29 1389208 ----a-w- C:\Windows\System32\icardagt.exe 2014-08-15 20:39:27 8856 ----a-w- C:\Windows\SysWow64\icardres.dll 2014-08-15 20:39:27 8856 ----a-w- C:\Windows\System32\icardres.dll 2014-08-15 20:39:04 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe 2014-08-15 20:39:04 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2014-08-15 20:38:04 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2014-08-15 20:38:04 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-08-15 20:35:59 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll 2014-08-15 20:35:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll 2014-08-15 18:12:38 -------- d-----w- C:\Windows\ERUNT 2014-08-14 19:14:28 -------- d-----w- C:\Program Files (x86)\The Cleaner 2014-08-10 20:59:41 -------- d-----w- D:\Henk\AppData\Roaming\Agics 2014-08-10 20:07:04 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-08-10 19:53:00 -------- d-----w- C:\ProgramData\HP Photo Creations 2014-08-10 19:53:00 -------- d-----w- C:\Program Files (x86)\HP Photo Creations 2014-08-09 22:01:53 -------- d-----w- C:\ProgramData\SecTaskMan 2014-08-05 17:20:22 227728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll 2014-08-04 20:43:38 -------- d-----w- C:\Windows\PCHEALTH 2014-08-04 20:41:17 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8 2014-08-03 19:33:12 -------- d-----w- D:\Henk\AbiSuite 2014-08-03 19:32:59 -------- d-----w- C:\Program Files (x86)\AbiWord 2014-08-02 21:51:00 -------- d-----w- D:\Henk\AppData\Roaming\northerntale4 2014-08-02 21:51:00 -------- d-----w- D:\Henk\AppData\Local\northerntale4 2014-08-01 21:49:48 -------- d-----w- D:\Henk\AppData\Roaming\Wise Care 365 2014-08-01 21:44:07 -------- d-----w- D:\Henk\AppData\Roaming\Wise PC 1stAid 2014-08-01 21:43:11 -------- d-----w- C:\Program Files (x86)\Wise 2014-08-01 20:38:22 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll 2014-07-31 22:27:16 -------- d-----w- D:\Henk\AppData\Local\VS Revo Group 2014-07-31 22:27:10 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys 2014-07-31 22:27:10 -------- d-----w- C:\ProgramData\VS Revo Group 2014-07-31 22:27:08 -------- d-----w- C:\Program Files\VS Revo Group 2014-07-31 18:08:45 -------- d-----w- D:\Henk\AppData\Roaming\OpenOffice 2014-07-31 18:06:57 -------- d-----w- C:\Program Files (x86)\OpenOffice 4 2014-07-31 17:14:28 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2014-07-31 17:14:28 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2014-07-31 17:14:23 1460736 ----a-w- C:\Windows\System32\lsasrv.dll 2014-07-30 20:48:08 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2014-07-30 20:48:08 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2014-07-30 20:48:08 1380864 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2014-07-30 20:48:08 1354240 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2014-07-30 20:48:07 1389568 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2014-07-30 20:48:03 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2014-07-30 20:48:02 624128 ----a-w- C:\Windows\System32\qedit.dll 2014-07-30 20:35:54 43152 ----a-w- C:\Windows\avastSS.scr 2014-07-29 20:21:40 -------- d-----w- C:\ProgramData\Oracle 2014-07-28 20:51:51 -------- d-----w- C:\zoek 2014-07-27 20:00:33 -------- d-----w- C:\ProgramData\Cateia Games 2014-07-26 15:45:25 -------- d-----w- D:\Henk\AppData\Local\Hewlett-Packard 2014-07-26 15:42:40 -------- d-----w- C:\System.sav 2014-07-26 15:40:47 -------- d-----w- D:\Henk\AppData\Roaming\hpqLog 2014-07-26 15:39:52 -------- d-----w- C:\swsetup . ==================== Find3M ==================== . 2014-08-05 07:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe 2014-07-31 11:36:21 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-07-31 11:36:21 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-07-30 20:36:11 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys 2014-07-30 20:36:11 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-07-30 20:36:10 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-07-30 20:36:10 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-07-30 20:36:10 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-07-30 20:36:10 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys 2014-07-30 20:36:09 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll 2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll 2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll 2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll 2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll 2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-07-16 03:25:04 404480 ----a-w- C:\Windows\System32\gdi32.dll 2014-07-16 02:46:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll 2014-07-16 02:12:11 3163648 ----a-w- C:\Windows\System32\win32k.sys 2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL 2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL 2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL 2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL 2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe 2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe 2014-06-17 16:45:54 141312 ----a-w- C:\Windows\DreamAquarium.scr 2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe 2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll 2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll 2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll 2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll 2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll 2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll 2014-05-30 09:45:58 2768384 ----a-w- C:\Windows\System32\iertutil(180).dll 2014-05-30 08:38:34 2179072 ----a-w- C:\Windows\SysWow64\iertutil(199).dll 2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll 2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll 2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll 2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll 2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll 2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll 2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet(196).dll 2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll 2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll 2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll 2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll 2014-05-30 07:30:50 1398272 ----a-w- C:\Windows\System32\urlmon(192).dll 2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet(203).dll 2014-05-30 07:15:41 1143296 ----a-w- C:\Windows\SysWow64\urlmon(202).dll 2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys . ============= FINISH: 23:25:38,84 ===============