Ga naar inhoud

Waarschuwing Wininit, nog een geval.

Con

Door Con
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

Con Groentje

Con

Geplaatst:
Geplaatst:

Ik heb met belangstelling het antwoord van "kape" gevolgd op het probleem van "Henry1960"

met betrekking tot de Wininit waarschuwing;

"Aangepaste DLL-bestanden worden voor elke toepassing geladen.

De systeembeheerder moet de lijst met DLL-bestanden controleren

en zorgen dat de bestanden gerelateerd zijn aan vertrouwde toepassingen."

Wellicht kan ik ook hulp krijgen in deze want heb dezelfde melding.

Stukje achtergrond, een pc van een collega vv van nieuwe HD, alles erop gezet

wat nodig en dan blijkt dat die foutmelding al even aanwezig was dus niet meer

traceerbaar wie de veroorzaker is. Het betreft W7, in de foutmelding komt

browser voor dus Google eraf gehaald inclusief registerwijzigingen echter zonder

resultaat.

Bij voorbaat dank voor de hulp.

Groeten, Con.

Link naar reactie
Delen op andere sites
Dasle Grootmeester

Dasle

Geplaatst:
Geplaatst:

We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites
Con Groentje

Con

Geplaatst:
  • Auteur
Geplaatst:

Bedankt voor je reactie, hier dan de file. (hoop niet dat ik hem 2x geupt heb.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:25:00, on 9-3-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16464)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user')

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Intel® AMT System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe

O23 - Service: Intel® Active Management Technology LMS Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--

End of file - 5378 bytes

Link naar reactie
Delen op andere sites
Maxstar Mentor

Maxstar

Geplaatst:
Geplaatst:

Hoi,

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht.

Link naar reactie
Delen op andere sites
Con Groentje

Con

Geplaatst:
  • Auteur
Geplaatst:

Malwarebytes meldt: De scan is voltooid. Er zijn geen kwaadaardige objecten gedetecteerd.

De logfile;

Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

Malwarebytes : Free anti-malware download

Databaseversie: v2013.03.09.08

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Wilco :: WILCO-PC [administrator]

Bescherming: Ingeschakeld

9-3-2013 16:46:11

mbam-log-2013-03-09 (16-46-11).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 215284

Verstreken tijd: 2 minuut/minuten, 58 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Link naar reactie
Delen op andere sites
Con Groentje

Con

Geplaatst:
  • Auteur
Geplaatst:

Even een aanvulling mijnerzijds.

De regel "c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll"

komt voor in mijn register als waarde.

En dit is de volledige log vanuit het W7 logboek;

Logboeknaam: System

Bron: Microsoft-Windows-Wininit

Datum: 9-3-2013 15:16:30

Gebeurtenis-id:11

Taakcategorie: Geen

Niveau: Waarschuwing

Trefwoorden:

Gebruiker: SYSTEM

Computer: Wilco-PC

Beschrijving:

Aangepaste DLL-bestanden worden voor elke toepassing geladen. De systeembeheerder moet de lijst met DLL-bestanden controleren en zorgen dat de bestanden gerelateerd zijn aan vertrouwde toepassingen.

Gebeurtenis-XML:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

<System>

<Provider Name="Microsoft-Windows-Wininit" Guid="{206F6DEA-D3C5-4D10-BC72-989F03C8B84B}" />

<EventID>11</EventID>

<Version>0</Version>

<Level>3</Level>

<Task>0</Task>

<Opcode>0</Opcode>

<Keywords>0x4000000000000000</Keywords>

<TimeCreated SystemTime="2013-03-09T14:16:30.320143600Z" />

<EventRecordID>7775</EventRecordID>

<Correlation />

<Execution ProcessID="700" ThreadID="728" />

<Channel>System</Channel>

<Computer>Wilco-PC</Computer>

<Security UserID="S-1-5-18" />

</System>

<EventData>

<Data Name="StringCount">1</Data>

<Data Name="String">c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll</Data>

</EventData>

</Event>

Link naar reactie
Delen op andere sites
Maxstar Mentor

Maxstar

Geplaatst:
Geplaatst:

Hoi,

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe

(hier of hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows];r
"AppInit_DLLs"=-;r
c:\progra~2\browse~1;fs
startupall;
filesrcm;


  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Link naar reactie
Delen op andere sites
Con Groentje

Con

Geplaatst:
  • Auteur
Geplaatst:

Hier het log(je) van Zoek.exe

Zoek.exe Version 4.0.0.2 Updated 08-March-2013

Tool run by Wilco on za 09-03-2013 at 17:31:27,34.

Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

"c:\progra~2\browse~1" not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-03-07 17:13:21 92BD32585D1445BD7E6943165DB170D5 36 ----a-w- C:\Windows\avgui.INI

2013-03-06 23:40:37 326A3081242E095A200210D9E3532130 1706640 ----a-w- C:\Windows\RtlExUpd.dll

====== C:\Users\Wilco\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-03-07 21:09:16 8B285BDAB7735FDFB18E6F7122923B77 187392 ----a-w- C:\Windows\System32\UIAnimation.dll

2013-03-07 21:09:10 545F1BAAADD0BF1F4FE4586293FCA07D 417792 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-03-07 21:09:08 6A13B4F3B3F575F1E24B877B9359AABA 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-03-07 21:09:08 6951562DC4625EEFC6EACD52AD165866 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-03-07 21:09:08 2E33DFD10F28F86C3FC40EE123CC3904 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-03-07 21:09:07 C7A730AFB80B11F93EFC81B1D6F920D7 364544 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2013-03-07 21:09:07 B3170CCC779B682C3341873EA60CF084 1988096 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-03-07 21:09:07 60F4AEFA103D421EA4A40E31409B4756 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-03-07 21:09:07 600A65F922CCDCBB2D11467914241556 2284544 ----a-w- C:\Windows\System32\msmpeg2vdec.dll

2013-03-07 21:09:07 589CBC4989F750E1DA35625AB481CF43 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-03-07 21:09:07 49ACA548B2423F1C67898E6AC719A9A6 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-03-07 21:09:07 3BE0D923AA45A4DBE091C2D84F0B4FE7 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-03-07 21:09:07 1C60E09CA1C3A045BC4D367F67C915B7 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-03-07 21:09:07 007863E45F25AA47A4C30D0930BBFD85 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-03-07 21:09:06 FB3F036EF6A467F7AF46C821FF5D198D 220160 ----a-w- C:\Windows\System32\d3d10core.dll

2013-03-07 21:09:06 E12C4928B32ACE04610259647F072635 906240 ----a-w- C:\Windows\System32\FntCache.dll

2013-03-07 21:09:06 D4F264FE23F8953D840904418220C15E 293376 ----a-w- C:\Windows\System32\dxgi.dll

2013-03-07 21:09:06 D4212AB475A3B25EC4DF574536C3EDC5 249856 ----a-w- C:\Windows\System32\d3d10_1core.dll

2013-03-07 21:09:06 8504944851DF6175CC489A8F3328459E 1080832 ----a-w- C:\Windows\System32\d3d10.dll

2013-03-07 21:09:06 7ACDFB4CC67F4993DF0E0731576309B2 1504768 ----a-w- C:\Windows\System32\d3d11.dll

2013-03-07 21:09:06 6A7B5A3EFCCDB53DA41CF6838056990F 1158144 ----a-w- C:\Windows\System32\XpsPrint.dll

2013-03-07 21:09:06 62A6EB5771580CAE445804389F3F7432 207872 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll

2013-03-07 21:09:06 4FF3EC04CD47DD62181894B71B004E40 604160 ----a-w- C:\Windows\System32\d3d10level9.dll

2013-03-07 21:09:06 4277F5164DE9B7C665BB928B9145BEE0 1247744 ----a-w- C:\Windows\System32\DWrite.dll

2013-03-07 21:09:06 3C1936A12C62254F914A01BBC6A8DC69 161792 ----a-w- C:\Windows\System32\d3d10_1.dll

2013-03-07 21:09:06 3BCECD87AB4E6743BFB45B352AD1A529 1230336 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-03-07 21:09:05 9FF8F684BACF326082E5562F7C104A79 3419136 ----a-w- C:\Windows\System32\d2d1.dll

2013-03-06 23:40:44 D9397A5E3929F61FFA83F07285C414C5 68960 ----a-w- C:\Windows\System32\SFAPO.dll

2013-03-06 23:40:44 D616E22F0B2AE86295467524A04C8E94 2486416 ----a-w- C:\Windows\System32\RtkPgExt.dll

2013-03-06 23:40:44 C90A1C6E94F4219DEF46482780ADC535 1501840 ----a-w- C:\Windows\System32\RTSndMgr.cpl

2013-03-06 23:40:44 9E59A53E958F9B41A55F900C27FCB94F 78672 ----a-w- C:\Windows\System32\SFFXComm.dll

2013-03-06 23:40:44 736B9CBB1AF8324171CFA3787A024588 74080 ----a-w- C:\Windows\System32\SFCOM.dll

2013-03-06 23:40:44 66DC7974FF24AF6977D74C28B0C55564 214352 ----a-w- C:\Windows\System32\SFFXProc.dll

2013-03-06 23:40:44 5FCAFCE060F6C6C87B2793DBC9A93696 74064 ----a-w- C:\Windows\System32\SFFXHAPO.dll

2013-03-06 23:40:44 4D7D49A61594B8A643EA8EAF74F2150C 214368 ----a-w- C:\Windows\System32\SFNHK.dll

2013-03-06 23:40:44 4B540CD34B883C174008F33F249D6773 13416 ----a-w- C:\Windows\System32\RtkCoLDR.dll

2013-03-06 23:40:44 3695DF92AB729169B079F1D7500B7A67 3196048 ----a-w- C:\Windows\System32\RtkAPO.dll

2013-03-06 23:40:44 28CDF89F64C91122F2B5514724973E40 74064 ----a-w- C:\Windows\System32\SFFXDAPO.dll

2013-03-06 23:40:44 19FE3D173B65D93F9C30D24808095571 658064 ----a-w- C:\Windows\System32\RtkApoApi.dll

2013-03-06 23:40:44 10112F07A48D8A4E532C74FD7B0ED838 74064 ----a-w- C:\Windows\System32\SFFXSAPO.dll

2013-03-06 23:40:44 08E08CD380CC507405311496EBEF2647 95376 ----a-w- C:\Windows\System32\RtkCoInstII.dll

2013-03-06 23:40:43 E232507C219A1957880D4EB6D022FAC7 170840 ----a-w- C:\Windows\System32\RTEED32A.dll

2013-03-06 23:40:43 C619CDFA5CDC5A346C89870010A2391C 295768 ----a-w- C:\Windows\System32\RP3DAA32.dll

2013-03-06 23:40:43 A6686775084244141483AEA0391508D2 359768 ----a-w- C:\Windows\System32\RTEEP32A.dll

2013-03-06 23:40:43 5B18398DEDE4A4A78651CD34F0A217A5 78680 ----a-w- C:\Windows\System32\RTEEL32A.dll

2013-03-06 23:40:43 4F92047498EFEA076E3745C291481975 295768 ----a-w- C:\Windows\System32\RP3DHT32.dll

2013-03-06 23:40:43 3DE99987154319C901A6537BA8777CB9 64856 ----a-w- C:\Windows\System32\RTEEG32A.dll

2013-03-06 23:40:43 3DB7D2253D042EA5F055E41D8B762834 6762496 ----a-w- C:\Windows\System32\RCoRes.dat

2013-03-06 23:40:42 65544C8B1E0D89A9E6C2BE66A0104B48 2195040 ----a-w- C:\Windows\System32\FMAPO.dll

2013-03-06 23:40:41 C86A0967E5C040AAB947F883F0B6D96F 95840 ----a-w- C:\Windows\System32\AERTARen.dll

2013-03-06 23:40:41 57F8D7F52371DAAC3F84815D8EF5805D 176736 ----a-w- C:\Windows\System32\AERTACap.dll

2013-03-06 23:40:41 254ACF29130F8143C88A54ED81738ACF 90624 ----a-w- C:\Windows\System32\CONEQMSAPOGUILibrary.dll

2013-03-06 22:56:48 33935488739DDD635FF8CF1A32A85025 372736 ----a-w- C:\Windows\System32\mesoludlg.exe

2013-03-06 21:17:03 8C3D0C73A0850A0EE62DF9EC36DBDE80 1904 ------w- C:\Windows\System32\SetupBD.din

2013-03-06 21:17:02 E7E495AE09D2C8D4FD690A202CCB4030 297344 ----a-w- C:\Windows\System32\PROUnstl.exe

2013-03-06 16:51:48 584EAF631D3A1D5AD9967F92F4E9E664 53248 ----a-w- C:\Windows\System32\CSVer.dll

2013-03-06 15:55:02 AFAC3B3B85C9A83582FDD017E9C4EEA1 121232 ----a-w- C:\Windows\System32\IScrNB.bmp

2013-03-06 15:55:02 0A4856A0CAAE5742954F497FBFE65EC4 364544 ----a-w- C:\Windows\System32\heciudlg.exe

2013-03-06 13:20:44 D329085A88A9019ED5700C0F04B3176E 137000 ----a-w- C:\Windows\System32\MSMAPI32.OCX

2013-03-06 13:20:43 E52859FCB7A827CACFCE7963184C7D24 1070152 ----a-w- C:\Windows\System32\MSCOMCTL.OCX

2013-03-06 13:20:43 DA32E0D240146EB2481B7D4C3C358C3E 88576 ----a-w- C:\Windows\System32\pdfcmon.dll

2013-03-06 13:20:43 AE47A8A5FE8193BB84FFCD338115D8EF 662288 ----a-w- C:\Windows\System32\MSCOMCT2.OCX

2013-03-06 13:20:42 6EC9A8DC8508D724E7456600B0CCB995 23552 ----a-w- C:\Windows\System32\MSMPIDE.DLL

2013-03-05 21:55:11 9D1864AE5F6FF8BBDE86A3F5A448110D 368912 ----a-w- C:\Windows\System32\VBAR332.DLL

2013-03-05 21:55:11 954CEB4D7C7DC5E94EA237CF96D387A3 252176 ----a-w- C:\Windows\System32\MSRD2X35.DLL

2013-03-05 21:55:11 81DD3BC1D7C5A309A40CBF532FD35259 1045776 ----a-w- C:\Windows\System32\MSJET35.DLL

2013-03-05 21:55:11 72F160302EE06A2CB12FA2FFA10BA3F0 24848 ----a-w- C:\Windows\System32\MSJTER35.DLL

2013-03-05 21:55:11 4FB4A9FBB17ED82EDC6AC5C3C6E71C6D 123664 ----a-w- C:\Windows\System32\MSJINT35.DLL

2013-03-05 20:47:53 350C713C2D9B9F5549C50A8D3924E789 94112 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll

2013-03-05 20:32:08 1B24EC543ADEA0AFB520B4F104134CBB 1002008 ----a-w- C:\Windows\System32\igxpun.exe

2013-03-05 20:31:16 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-03-05 20:31:16 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-03-05 20:31:15 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-03-05 20:31:15 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-03-05 20:31:15 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-03-05 20:31:14 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-03-05 20:31:14 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-03-05 20:31:13 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-03-05 20:31:13 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-03-05 20:31:12 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll

2013-03-05 20:31:12 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll

2013-03-05 20:31:11 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-03-05 20:31:10 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll

2013-03-05 20:31:09 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-03-05 20:31:07 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll

2013-03-05 20:31:03 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll

2013-03-05 20:28:34 D45B118114C9B18814CE18F72A34E934 2347008 ----a-w- C:\Windows\System32\win32k.sys

2013-03-05 20:28:31 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2013-03-05 20:28:30 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-05 20:28:12 1F5F07091D50244F17DD8D5147A628CC 169984 ----a-w- C:\Windows\System32\winsrv.dll

====== C:\Windows\system32\drivers =====

2013-03-09 15:44:41 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-06 23:40:44 29F8775BB2DEC2BB038FAB1A7AC05482 3302416 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys

2013-03-06 23:40:43 95433BCE535CBFF64EA06362F0CBAD3A 338881 ----a-w- C:\Windows\System32\drivers\RTAIODAT.DAT

2013-03-06 20:44:09 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

2013-03-05 20:28:28 AAB149EE616952BB84308C28E75ED20D 187752 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-03-05 20:28:28 7C0507D2391AF5933600CBCED799F277 1293672 ----a-w- C:\Windows\System32\drivers\tcpip.sys

====== C:\Windows\Tasks ======

2013-03-08 10:27:35 C8E9AFC73B3007AE0160FE94EA359DDC 1042 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-03-08 10:27:33 4458EC29D347E8A0A9B92B1F064CC946 1038 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-03-09 14:22:33 -------- d-----w- C:\Program Files\Trend Micro

2013-03-08 20:22:38 -------- d-----w- C:\Program Files\FileSeek

2013-03-08 10:27:27 -------- d-----w- C:\Program Files\Google

2013-03-07 16:55:23 -------- d-----w- C:\Program Files\Spybot - Search & Destroy

2013-03-06 23:40:41 -------- d-----w- C:\Program Files\Realtek

2013-03-06 23:40:38 -------- d--h--w- C:\Program Files\Temp

2013-03-06 23:40:33 -------- d-----w- C:\Program Files\Common Files\InstallShield

2013-03-06 21:06:21 -------- d--h--w- C:\Program Files\InstallShield Installation Information

2013-03-06 16:51:48 -------- d-----w- C:\Program Files\Intel

2013-03-06 14:56:47 -------- d-----w- C:\Program Files\Stardock

2013-03-06 14:33:38 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2013-03-06 14:33:37 -------- d-----w- C:\Program Files\Common Files\DESIGNER

2013-03-06 14:33:14 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2013-03-06 14:32:26 -------- d-----w- C:\Program Files\Microsoft Visual Studio 8

2013-03-06 14:31:48 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2013-03-06 14:31:33 -------- d-----w- C:\Program Files\Microsoft Office

2013-03-06 13:58:26 -------- d-----w- C:\Program Files\PhotoFiltre

2013-03-06 13:28:56 -------- d-----w- C:\Program Files\Gadwin Systems

2013-03-06 13:20:55 -------- d-----w- C:\Program Files\PDF Architect

2013-03-06 13:20:42 -------- d-----w- C:\Program Files\PDFCreator

2013-03-06 12:58:38 -------- d-----w- C:\Program Files\Foxit Software

2013-03-06 12:56:41 -------- d-----w- C:\Program Files\7-Zip

2013-03-05 21:45:54 -------- d-----w- C:\Program Files\Hewlett-Packard

2013-03-05 21:29:28 -------- d-----w- C:\Program Files\AVG

======= C: =====

2013-03-05 20:21:34 9970DAC7AD924326058D7DEF60EBAACB 397297 --sh--r- C:\CIVUF

2013-03-05 20:14:17 F21490AE333464BA72724360F7FCFFA3 8192 --sha-r- C:\BOOTSECT.BAK

2013-03-05 20:14:16 259525CFB422E6AC8E87BC9777B1DF73 383786 --sha-r- C:\bootmgr

====== C:\Users\Wilco\AppData\Roaming ======

2013-03-08 10:27:27 -------- d-----w- C:\users\Wilco\AppData\Local\Google

2013-03-07 16:25:12 -------- d-----w- C:\users\Wilco\AppData\Local\ElevatedDiagnostics

2013-03-07 15:28:43 -------- d-----w- C:\users\Administrator\AppData\Roaming\Disk Cleaner

2013-03-07 14:21:44 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\users\Wilco\AppData\Local\resmon.resmoncfg

2013-03-06 23:16:58 -------- d-----w- C:\users\Administrator\AppData\Local\Google

2013-03-06 22:10:00 -------- d-----w- C:\users\Administrator\AppData\Locallow\Sun

2013-03-06 22:05:08 C9B4FE62C2B45DC9E8C5DC5B302C9127 109280 ----a-w- C:\users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2013-03-06 22:05:07 -------- d-s---w- C:\users\Administrator\AppData\Locallow\Microsoft

2013-03-06 22:05:00 -------- d-----w- C:\users\Administrator\AppData\Roaming\AVG2013

2013-03-06 22:04:56 -------- d-----w- C:\users\Administrator\AppData\Local\Avg2013

2013-03-06 22:04:55 -------- d-----w- C:\users\Administrator\AppData\Roaming\Stardock

2013-03-06 14:56:50 -------- d-----w- C:\users\Wilco\AppData\Roaming\Stardock

2013-03-06 14:56:21 -------- d-----w- C:\users\Wilco\AppData\Local\PackageAware

2013-03-06 14:31:35 -------- d-----w- C:\users\Wilco\AppData\Local\Microsoft Help

2013-03-06 14:00:19 -------- d-----w- C:\users\Wilco\AppData\Roaming\PhotoFiltre

2013-03-06 13:20:46 -------- d-----w- C:\users\Wilco\AppData\Roaming\pdfforge

2013-03-06 13:15:03 -------- d-----w- C:\users\Wilco\AppData\Local\Programs

2013-03-05 21:31:06 -------- d-----w- C:\users\Wilco\AppData\Roaming\AVG2013

2013-03-05 21:30:11 -------- d-----w- C:\users\Wilco\AppData\Roaming\TuneUp Software

2013-03-05 21:25:56 -------- d-----w- C:\users\Wilco\AppData\Local\MFAData

2013-03-05 21:25:56 -------- d-----w- C:\users\Wilco\AppData\Local\Avg2013

2013-03-05 21:01:58 3EBDDDFB1AD19422F0E86DA53093CC45 109280 ----a-w- C:\users\Wilco\AppData\Local\GDIPFONTCACHEV1.DAT

2013-03-05 21:01:58 -------- d-----w- C:\users\Wilco\AppData\Local\Deployment

2013-03-05 21:01:58 -------- d-----w- C:\users\Wilco\AppData\Local\Apps

2013-03-05 21:01:26 -------- d-----w- C:\users\Wilco\AppData\Roaming\Adobe

2013-03-05 20:56:25 -------- d-----w- C:\users\Administrator\AppData\Roaming\Identities

2013-03-05 20:56:18 -------- d-sh--we C:\users\Administrator\AppData\Local\Temporary Internet Files

2013-03-05 20:56:18 -------- d-sh--we C:\users\Administrator\AppData\Local\Geschiedenis

2013-03-05 20:56:18 -------- d-sh--we C:\users\Administrator\AppData\Local\Application Data

2013-03-05 20:56:18 -------- d-s---w- C:\users\Administrator\AppData\Roaming\Microsoft

2013-03-05 20:56:18 -------- d-----w- C:\users\Administrator\AppData\Roaming\Media Center Programs

2013-03-05 20:56:18 -------- d-----w- C:\users\Administrator\AppData\Local\Temp

2013-03-05 20:56:18 -------- d-----w- C:\users\Administrator\AppData\Local\Microsoft

2013-03-05 20:41:04 -------- d-----w- C:\users\Wilco\AppData\Locallow\Sun

2013-03-05 20:28:51 -------- d-s---w- C:\users\Wilco\AppData\Locallow\Microsoft

2013-03-05 20:22:42 -------- d-----w- C:\users\Wilco\AppData\Roaming\Identities

2013-03-05 20:22:35 -------- d-sh--we C:\users\Wilco\AppData\Local\Temporary Internet Files

2013-03-05 20:22:35 -------- d-sh--we C:\users\Wilco\AppData\Local\Geschiedenis

2013-03-05 20:22:35 -------- d-sh--we C:\users\Wilco\AppData\Local\Application Data

2013-03-05 20:22:35 -------- d-s---w- C:\users\Wilco\AppData\Roaming\Microsoft

2013-03-05 20:22:35 -------- d-----w- C:\users\Wilco\AppData\Roaming\Media Center Programs

2013-03-05 20:22:35 -------- d-----w- C:\users\Wilco\AppData\Local\Temp

2013-03-05 20:22:35 -------- d-----w- C:\users\Wilco\AppData\Local\Microsoft

2013-03-05 20:20:45 -------- d-sh--we C:\users\Default\AppData\Local\Geschiedenis

2013-03-05 20:20:45 -------- d-sh--we C:\users\Default User\AppData\Local\Geschiedenis

====== C:\Users\Wilco ======

2013-03-07 16:55:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-03-06 20:49:25 -------- d---a-w- C:\ProgramData\TEMP

2013-03-06 14:56:49 -------- dc-h--w- C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}

2013-03-06 14:31:33 -------- d-----w- C:\ProgramData\Microsoft Help

2013-03-06 12:36:16 -------- d-----w- C:\ProgramData\createonepart

2013-03-06 12:34:59 -------- d-----w- C:\ProgramData\deletepart

2013-03-06 12:33:29 -------- d-----w- C:\ProgramData\redistpart

2013-03-06 12:33:24 -------- d-----w- C:\ProgramData\launcher

2013-03-06 12:33:24 -------- d-----w- C:\ProgramData\explauncher

2013-03-05 21:29:52 -------- d-----w- C:\ProgramData\AVG2013

2013-03-05 21:25:56 -------- d--h--w- C:\ProgramData\Common Files

2013-03-05 21:25:56 -------- d-----w- C:\ProgramData\MFAData

2013-03-05 20:56:32 -------- d-----r- C:\Users\Administrator\Searches

2013-03-05 20:56:23 -------- d-----r- C:\Users\Administrator\Contacts

2013-03-05 20:56:18 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Administrator\ntuser.ini

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Sjablonen

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\SendTo

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Recent

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Netwerkprinteromgeving

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\NetHood

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Mijn documenten

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Menu Start

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Local Settings

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Cookies

2013-03-05 20:56:18 -------- d-sh--we C:\Users\Administrator\Application Data

2013-03-05 20:56:18 -------- d--h--w- C:\Users\Administrator\AppData

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Videos

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Saved Games

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Pictures

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Music

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Links

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Favorites

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Downloads

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Documents

2013-03-05 20:56:18 -------- d-----r- C:\Users\Administrator\Desktop

2013-03-05 20:22:50 -------- d-----r- C:\Users\Wilco\Searches

2013-03-05 20:22:41 -------- d-----r- C:\Users\Wilco\Contacts

2013-03-05 20:22:35 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Wilco\ntuser.ini

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Sjablonen

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\SendTo

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Recent

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Netwerkprinteromgeving

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\NetHood

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Mijn documenten

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Menu Start

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Local Settings

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Cookies

2013-03-05 20:22:35 -------- d-sh--we C:\Users\Wilco\Application Data

2013-03-05 20:22:35 -------- d--h--w- C:\Users\Wilco\AppData

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Videos

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Saved Games

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Pictures

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Music

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Links

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Favorites

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Downloads

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Documents

2013-03-05 20:22:35 -------- d-----r- C:\Users\Wilco\Desktop

2013-03-05 20:20:45 -------- d-sh--we C:\Users\Default\Sjablonen

2013-03-05 20:20:45 -------- d-sh--we C:\Users\Default\Netwerkprinteromgeving

2013-03-05 20:20:45 -------- d-sh--we C:\Users\Default\Mijn documenten

2013-03-05 20:20:45 -------- d-sh--we C:\Users\Default\Menu Start

2013-03-05 20:20:45 -------- d-sh--we C:\ProgramData\Sjablonen

2013-03-05 20:20:45 -------- d-sh--we C:\ProgramData\Menu Start

2013-03-05 20:20:45 -------- d-sh--we C:\ProgramData\Favorieten

2013-03-05 20:20:45 -------- d-sh--we C:\ProgramData\Documenten

2013-03-05 20:20:45 -------- d-sh--we C:\ProgramData\Bureaublad

====== C: exe-files ==

2013-03-09 15:42:56 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Wilco\Downloads\mbam-setup-1.70.0.1100.exe

2013-03-08 20:22:38 6C06907BBF07ACBF84F6DACCD9AF519E 1166800 ----a-w- C:\Program Files\FileSeek\unins000.exe

2013-03-08 20:22:38 265F57140616E8D271AF75F987A1CCF5 551320 ----a-w- C:\Program Files\FileSeek\FileSeek.exe

2013-03-08 20:22:17 7773253232FB5103323A5B1318B92D9E 781824 ----a-w- C:\Users\Wilco\Downloads\FileSeekSetup-2.1.3.exe

2013-03-08 10:30:32 093C23CE94E97C95A5DFE6D18FB1D073 32416608 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\25.0.1364.160\25.0.1364.160_chrome_installer.exe

2013-03-08 10:27:30 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-03-08 10:27:30 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-03-08 10:27:30 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-03-08 10:27:29 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\GoogleUpdate.exe

2013-03-08 10:27:27 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-03-08 10:27:27 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-03-08 10:27:27 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-03-07 20:07:19 C44F12B72DF42A037E65713B0F50B9D8 7330384 ----a-w- C:\Program Files\AVG\AVG2013\avgmfapx.exe

2013-03-07 20:07:19 7F2843FF4197C1DC2D62BB8880914339 7325728 ----a-w- C:\Users\Wilco\AppData\Local\Avg2013\update\backup\avgmfapx.exe

2013-03-07 16:57:45 03DFB01979908D80BAEC49A9740D3646 1065888 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.exe

2013-03-07 16:57:35 ECDBAF92029E281D5395E529EBFA4E0C 698320 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.exe

2013-03-07 16:55:26 794D4B48DFB6E999537C7C3947863463 1153368 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

2013-03-07 16:55:26 4CD08EEAC08BA53A38E48AF4813E1968 2005504 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDShred.exe

2013-03-07 16:55:25 390679F7A217A5E73D756276C40AE887 2260480 --sha-r- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

2013-03-07 16:55:24 8F70F2CCE1DEF20016B53A8D217FA3B5 1757696 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDFiles.exe

2013-03-07 16:55:24 7C616AD7AE8F75278A069641ECFCDC06 1740632 --sha-r- C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

2013-03-07 16:55:24 0477C2F9171599CA5BC3307FDFBA8D89 5365592 --sha-r- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

2013-03-07 16:55:23 8C9740A3B7603B0A746213DAE8C89526 428888 ----a-w- C:\Program Files\Spybot - Search & Destroy\blindman.exe

2013-03-07 16:55:23 6B44700917F45B19B96B46B345B6F0E7 414552 ----a-w- C:\Program Files\Spybot - Search & Destroy\SDMain.exe

2013-03-07 16:55:23 0BA1ACFEE0532249412F53EE6374EE93 696200 ----a-w- C:\Program Files\Spybot - Search & Destroy\unins000.exe

2013-03-07 16:55:23 00071AF6D95C1002E5F9B63EA00A37A3 464728 ----a-w- C:\Program Files\Spybot - Search & Destroy\Update.exe

2013-03-07 15:28:06 B17F14E0624D4F70BA6E880289B76761 864087 ----a-w- C:\Users\Administrator\Downloads\dcsetup_1.8.1795.exe

2013-03-06 23:41:16 3B65A18970E5E6A08B8E70A624D82C43 1493608 ----a-w- C:\Program Files\Realtek\Audio\InstallShield\Rtkupd.exe

2013-03-06 23:41:13 D38DFE3B2B394AF3955A2B4665D4E74D 141968 ------w- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE

2013-03-06 23:40:45 3B65A18970E5E6A08B8E70A624D82C43 1493608 ------w- C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe

2013-03-06 23:40:44 660BC1E4161311025421123FD2DB0556 11672208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\RtHDVCpl.exe

2013-03-06 23:40:44 660BC1E4161311025421123FD2DB0556 11672208 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

2013-03-06 23:40:44 3B65A18970E5E6A08B8E70A624D82C43 1493608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\RtlUpd.exe

2013-03-06 23:40:44 3B65A18970E5E6A08B8E70A624D82C43 1493608 ------w- C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe

2013-03-06 23:40:44 0BC6161D88BD671B9DA82BEA1DD18707 5995152 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\RtkNGUI.exe

2013-03-06 23:40:44 0BC6161D88BD671B9DA82BEA1DD18707 5995152 ------w- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe

2013-03-06 23:40:43 98DD158D6D191346A98245B82B95252A 916112 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\RtHDVBg.exe

2013-03-06 23:40:43 98DD158D6D191346A98245B82B95252A 916112 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

2013-03-06 23:40:42 879BBDF616FE27FECEABB2910259FD0E 52288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\FMAPP.exe

2013-03-06 23:40:42 879BBDF616FE27FECEABB2910259FD0E 52288 ------w- C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2013-03-06 23:40:41 A6CE73469591554279DA63BE715DBC93 87968 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\AERTSrv.exe

2013-03-06 23:40:41 A6CE73469591554279DA63BE715DBC93 87968 ------w- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

2013-03-06 23:40:41 49B3D2077199C44C1F3BBB16B4094AE6 121064 ----a-w- C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe

2013-03-06 23:40:34 D87A2C80695F22C428BD4A64291D45E3 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe

2013-03-06 23:29:52 F7B53B4BD50C13D17F5C54F82CDE7836 82944 ----a-w- C:\Users\Wilco\AppData\Local\Temp\A4F80550-B4EC-40BA-9837-DA27B4E054A6\DismHost.exe

2013-03-06 22:56:48 9730E43C00252BA1659E3A0AA99251A3 183112 ----a-w- C:\Program Files\Intel\AMT\atchksrv.exe

2013-03-06 22:56:48 8BB0417DF3D6DEBA4AD61E103D7AF2E2 404288 ----a-w- C:\Program Files\Intel\AMT\atchk.exe

2013-03-06 22:56:48 33935488739DDD635FF8CF1A32A85025 372736 ----a-w- C:\Windows\System32\mesoludlg.exe

2013-03-06 22:56:47 4E7997432EA324502622D05BBC527F4F 98304 ----a-w- C:\Program Files\Intel\AMT\LMS.exe

2013-03-06 21:17:02 E7E495AE09D2C8D4FD690A202CCB4030 297344 ----a-w- C:\Windows\System32\PROUnstl.exe

2013-03-06 21:03:40 0B04D423440002BD43C9288970922490 106008 ----a-w- C:\SWTOOLS\DRIVERS\CHIPSET\8m03dc36g01\x64\Difx64.exe

2013-03-06 21:03:39 45F4E64691CDD36FF75855EFAC035B22 195096 ----a-w- C:\SWTOOLS\DRIVERS\CHIPSET\8m03dc36g01\ia64\Difx64.exe

2013-03-06 21:03:39 12B983C53DA5F5ACA95624C5FABE4C3D 956952 ----a-w- C:\SWTOOLS\DRIVERS\CHIPSET\8m03dc36g01\Setup.exe

2013-03-06 15:55:02 0A4856A0CAAE5742954F497FBFE65EC4 364544 ----a-w- C:\Windows\System32\heciudlg.exe

2013-03-06 14:56:49 0BDE7DF2B7D87A0F6D5075C523BF20FC 3254528 -c--a-w- C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B}\Fences.exe

2013-03-06 14:27:14 9D10F99A6712E28F8ACD5641E3A7EA6B 149352 ----a-w- C:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\ose.exe

2013-03-06 14:27:00 C87E561258F2F8650CEF999BF643A731 519584 ----a-w- C:\MSOCache\All Users\{90140000-006E-0413-0000-0000000FF1CE}-C\dwtrig20.exe

2013-03-06 14:26:59 A41E524F8D45F0074FD07805FF0C9B12 838536 ----a-w- C:\MSOCache\All Users\{90140000-006E-0413-0000-0000000FF1CE}-C\DW20.EXE

2013-03-06 14:26:51 4D92F518527353C0DB88A70FDDCFD390 1100664 ----a-w- C:\MSOCache\All Users\{91140000-0011-0000-0000-0000000FF1CE}-C\setup.exe

2013-03-06 13:58:26 36AB5B70ABF65F4C29E2F2D8ED27B4FC 85655 ----a-w- C:\Program Files\PhotoFiltre\Uninst.exe

2013-03-06 13:28:57 22060C6F3202BE269F5B1C48E13427AA 75323 ----a-w- C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe

2013-03-06 13:20:46 AB8D287C8E6B22767324451014A87B77 714240 ----a-w- C:\Program Files\PDFCreator\Images2PDF\Images2PDF.exe

2013-03-06 13:20:46 6833A4AD362BE8DC10EB12ED57336FA8 157184 ----a-w- C:\Program Files\PDFCreator\Images2PDF\Images2PDFC.exe

2013-03-06 13:20:44 1CB9AD813D15236A5EDFD97DE43FCB14 618496 ----a-w- C:\Program Files\PDFCreator\languages\TransTool.exe

2013-03-06 13:20:44 1187D7EF1998C14CF1F69A393850AE57 3166208 ----a-w- C:\Program Files\PDFCreator\PDFCreator.exe

2013-03-06 13:20:42 8656C24F6B4AA340BFFCB716DDBE8B22 718064 ----a-w- C:\Program Files\PDFCreator\unins000.exe

2013-03-06 12:58:50 DAE01E9252CAE56C8B05B9FCE041902C 89344 ----a-w- C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe

2013-03-06 12:58:50 1D366F5F485F3563122EC82B5E22B9A8 6794496 ----a-w- C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe

2013-03-06 12:56:41 78E662D435A8E1F5B9CED236FD331856 58641 ----a-w- C:\Program Files\7-Zip\Uninstall.exe

2013-03-05 21:45:28 BE5FF3A734B61D755AD46798005ACAFA 3622984 ----a-w- C:\Users\Wilco\Downloads\sp52095.exe

2013-03-05 21:24:53 5842B155A4531DBC5F4B2623F58A7063 393064 ----a-w- C:\Users\Wilco\Downloads\SoftonicDownloader_voor_avg-anti-virus-free.exe

2013-03-05 21:04:07 FC6CB42D993BA6D9F471F249385A98D4 10120 ------w- C:\Users\Wilco\AppData\Local\Apps\2.0\3W34ZZ8M.A9G\VKM6DAO8.GLA\inst...app_4fe91ede9f9bdca3_0001.0003_214d3455d1980b24\clickonce_bootstrap.exe

2013-03-05 21:04:07 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Wilco\AppData\Local\Apps\2.0\3W34ZZ8M.A9G\VKM6DAO8.GLA\inst...app_4fe91ede9f9bdca3_0001.0003_214d3455d1980b24\GoogleUpdateSetup.exe

2013-03-05 21:04:07 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Wilco\AppData\Local\Apps\2.0\3W34ZZ8M.A9G\VKM6DAO8.GLA\clic...exe_4fe91ede9f9bdca3_0001.0003_none_81523b6764d98a8a\GoogleUpdateSetup.exe

2013-03-05 20:32:08 1B24EC543ADEA0AFB520B4F104134CBB 1002008 ----a-w- C:\Windows\System32\igxpun.exe

2013-03-05 20:31:14 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-03-05 20:31:11 698EB1E5F8C66344D97C00B5699E871D 757280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-03-05 20:28:31 660100CB90F344040EF57F52FC0681C3 3967848 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2013-03-05 20:28:30 82FF919E9236B0137B5C7455B0E1418A 3913064 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-05 20:14:16 631EA355665F28D4707448E442FBF5B8 485760 ----a-w- C:\Boot\memtest.exe

=== C: other files ==

2013-03-09 15:44:41 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-07 19:48:20 D256E5DCB345B6E1556290D0AE4FC1DF 306 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip

2013-03-07 19:48:20 791E3ECC7B07FFA18DB3A965E2662546 494 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip

2013-03-07 16:57:45 B25DDC8AC4641F37F31066A2D7ACCEBB 1036085 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.zip

2013-03-07 16:57:40 762084B2AE9CD878ED74E37C330C6974 31852 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\lang.nederlands.zip

2013-03-07 16:57:39 D804878E27E7A9F43EEA8D8BFB08CB1F 541903 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\clsid.zip

2013-03-07 16:57:35 991A8696DDAF1AD5C68924BE2CA6BD7B 667628 ----a-w- C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.zip

2013-03-06 23:40:44 29F8775BB2DEC2BB038FAB1A7AC05482 3302416 ----a-w- C:\Windows\System32\DriverStore\FileRepository\hdahpbpc.inf_x86_neutral_71cd49356635d287\RTKVHDA.sys

2013-03-06 23:40:44 29F8775BB2DEC2BB038FAB1A7AC05482 3302416 ----a-w- C:\Windows\System32\drivers\RTKVHDA.sys

2013-03-06 13:20:45 FE82CC07F21FCC4769FFAF71083FC3C7 1206 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\SayIt.vbs

2013-03-06 13:20:45 FA5429E1B5E5959BF92D66AEC52F8684 3357 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\GhostscriptDirect.vbs

2013-03-06 13:20:45 E239A0E745583C0C9F9083EB4A8C1F30 4155 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\ShowOptions.vbs

2013-03-06 13:20:45 D09021E66F07B0742608AA24F9CE6A46 1420 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\SaveOptionsToFile.vbs

2013-03-06 13:20:45 C703A331134B4A2136118704067C5C86 3138 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\Convert2PDFAndPrint.vbs

2013-03-06 13:20:45 A5E62495FE0ADD0BFB594163FE053E4C 2055 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\ConvertJPEG2PDF.vbs

2013-03-06 13:20:45 9F88B55A78B4F8A2C4844098EE5E4157 1284 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\TestEvents.vbs

2013-03-06 13:20:45 9E45772D6C39D762DC060DA80B66CA4D 1709 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\AddWatermarkToPDF.vbs

2013-03-06 13:20:45 994317D96FD5EB8187E8AFA25C73D119 4518 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\TestCompression1.vbs

2013-03-06 13:20:45 8EF68FDB3F993766E4A0DB59667E2355 2991 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\Convert2TXT.vbs

2013-03-06 13:20:45 8D2BF9546F4C3AE99699C316CB958F91 14324 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\CompareColorCompressionModes.vbs

2013-03-06 13:20:45 87F506076393456E8CEB09F0BC1A4778 3682 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\GUI.vbs

2013-03-06 13:20:45 876726C9C8CDEA7A8A5366D3AD0D9AE9 1862 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\SendMail.vbs

2013-03-06 13:20:45 802F702D9169B524650C3D3E8612A738 3002 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\Convert2PDF.vbs

2013-03-06 13:20:45 79C47C6CA12D847B3B6834AE6190F447 2529 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\URL2PDF.vbs

2013-03-06 13:20:45 7315AA8A59391AC2839FBE89D7E4191B 667 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramBeforeSaving\PopUpMessage.vbs

2013-03-06 13:20:45 7315AA8A59391AC2839FBE89D7E4191B 667 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\PopUpMessage.vbs

2013-03-06 13:20:45 725F2CBDB92EA32E9C965B1A5F303845 16907 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramBeforeSaving\AddBookmarks.vbs

2013-03-06 13:20:45 6C7E92B736DBA7A315B4EA63DC9AB9CB 2261 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\Testpage2PDF.vbs

2013-03-06 13:20:45 615D6343862CC55A9DBD65D9D6B870CA 1638 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\EncryptAES128.vbs

2013-03-06 13:20:45 53400371555164D6ECB1EB50A04C2648 3467 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\CombineJobs.vbs

2013-03-06 13:20:45 33ECE405DDE42607969FA443FCED16ED 1120 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\NetSend.vbs

2013-03-06 13:20:45 29B29E1D6B613A5645790376A0FB5F44 1878 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\PS2PDF.vbs

2013-03-06 13:20:45 282C00843805DDAE53C084A98EE079D6 2710 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\Testpage2PDFSendEmail.vbs

2013-03-06 13:20:45 228410D7E9AB331EE2B2E2C160F39D7F 1112 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\FTPUpload.vbs

2013-03-06 13:20:45 170CCE998953A670BC5709FCAC33E65C 1966 ----a-w- C:\Program Files\PDFCreator\Scripts\RunProgramAfterSaving\MSAgent.vbs

2013-03-06 13:20:45 0B1B4BD1260A3EC6FE67106EC0442CC9 4931 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\CombineAndAddBookmarks.vbs

2013-03-06 13:20:45 00E822D2DCA639441B9D641FFE2247FB 3025 ----a-w- C:\Program Files\PDFCreator\COM\Windows Scripting Host\VBScripts\Convert2TIFF.vbs

2013-03-06 13:20:44 F07A890F5E99F8230D63FA169F0324FD 1214 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2epsi.bat

2013-03-06 13:20:44 E9404206434B594E1E2939B465F98335 414 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2pdf13.bat

2013-03-06 13:20:44 E76D57420DF7D0042CE940AB2074F3D7 151 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gslp.bat

2013-03-06 13:20:44 E115E1E6382A786BD765F58DB4CB360B 380 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\dumphint.bat

2013-03-06 13:20:44 DF47543DCBE91E52C0289E7CD86E940B 1531 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\pftogsf.bat

2013-03-06 13:20:44 D82019091C64BB4326396A430FD5A84E 154 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gslj.bat

2013-03-06 13:20:44 D39D47ECC8890D9A8953207CFEA7854A 151 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gsbj.bat

2013-03-06 13:20:44 D0EEB6E2FE9CC92374F0D4ADC96907F1 194 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gssetgs64.bat

2013-03-06 13:20:44 CFE68524430BA4BAF854730AA6D5A147 155 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\lpgs.bat

2013-03-06 13:20:44 BEEA41F2B7D85746808D98D51CDA8B13 281 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\pf2afm.bat

2013-03-06 13:20:44 BA8F4875D3A8EF4B28962F0FE2F8B87F 136 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\font2c.bat

2013-03-06 13:20:44 B4BBBF923874C92042AFBEC3F3AAA46B 102 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gsnd.bat

2013-03-06 13:20:44 A579C21E3CC096DF48759B9A449BBDB2 156 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gsdj500.bat

2013-03-06 13:20:44 A1EF8D865899746CF3914C32C75970BA 148 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\lpr2.bat

2013-03-06 13:20:44 9CD23CC1F92FF135A0F65A3E5D3E4EF6 414 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2pdf12.bat

2013-03-06 13:20:44 93F94CEB2C5149EBCBA55F74CBE196B3 592 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\eps2eps.bat

2013-03-06 13:20:44 8C0427F938B58FC0463248A46A3E367D 194 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gssetgs32.bat

2013-03-06 13:20:44 8C0427F938B58FC0463248A46A3E367D 194 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gssetgs.bat

2013-03-06 13:20:44 7B360F5B371030C147B769ED5FF3F083 151 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\wmakebat.bat

2013-03-06 13:20:44 77B409A257B6D708728C633B6234257A 596 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2pdf.bat

2013-03-06 13:20:44 77AFEB7DC8605A1BC746F5C48A49F9BE 538 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2ps2.bat

2013-03-06 13:20:44 73A72F28B8CC9DA308F3E0D39B519D11 105 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\lp386.bat

2013-03-06 13:20:44 6F0E74D8B7F52D11C5AEDAE76E37A6B3 328 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\pdf2dsc.bat

2013-03-06 13:20:44 6AC73B335403A616A9888E1CB5599D43 105 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gsndt.bat

2013-03-06 13:20:44 64731AB7D5D42F13F499CBAADAD22E25 81 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gstt.bat

2013-03-06 13:20:44 5EE664C15A15B6B183EFBA00C5C9A492 406 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\pdfopt.bat

2013-03-06 13:20:44 5D0C22A48AA039FBCEB5B3F388A6057E 504 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\pdf2ps.bat

2013-03-06 13:20:44 50428B25FDDA74BF7515C063D0BC12BC 1470 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2pdfxx.bat

2013-03-06 13:20:44 4162E87E8C507A41295FB22E881307B9 414 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2pdf14.bat

2013-03-06 13:20:44 3FE32B11689066CDD55C4134B6A315F7 405 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2ascii.bat

2013-03-06 13:20:44 37F6FF86D1CE55874A4152D95F573854 80 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gst.bat

2013-03-06 13:20:44 364555EE48B3B938BC8F3B61E8A9DF8A 511 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\ps2ps.bat

2013-03-06 13:20:44 199FE9850BE5CE85D74D7C7A99EE0912 266 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\pfbtopfa.bat

2013-03-06 13:20:44 0C98BE5DD2CB261B9E8BDA5A7F99172E 153 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\gsdj.bat

2013-03-06 13:20:44 017F230F8F777A898456E263E5298F56 98 ----a-w- C:\Program Files\PDFCreator\GS9.05\gs9.05\Lib\lp386r2.bat

2013-03-05 21:30:14 48BFBF143AF54D92347AE26F85F3CFDF 323 ----a-w- C:\ProgramData\AVG2013\IDS\config\quarantinedList.zip

2013-03-05 20:28:34 D45B118114C9B18814CE18F72A34E934 2347008 ----a-w- C:\Windows\System32\win32k.sys

2013-03-05 20:28:28 AAB149EE616952BB84308C28E75ED20D 187752 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-03-05 20:28:28 7C0507D2391AF5933600CBCED799F277 1293672 ----a-w- C:\Windows\System32\drivers\tcpip.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1890836357-4230306360-809449720-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\atchk]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="atchk"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Intel\\AMT\\atchk.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AVG_UI"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\AVG\\AVG2013\\avgui.exe\" /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BCSSync"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HotKeysCmds"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IgfxTray"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Persistence"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RTHDVCPL"

"hkey"="HKLM"

"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PDF Architect Helper Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PDF Architect Service]

==== Startup Folders ======================

2013-01-09 18:40:26 289 ----a-w- C:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD

2013-01-09 18:40:26 289 ----a-w- C:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-03-2013 11:27]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08-03-2013 11:27]

Link naar reactie
Delen op andere sites
Con Groentje

Con

Geplaatst:
  • Auteur
Geplaatst:

Gezien de log verwachte ik niet dat het was opgelost. Maar na opnieuw opstarten, de waarschuwing

kwam altijd precies nadat dat Windows was opgestart, is blijkbaar de melding weggebleven.

Kortom YES, waanzinnig bedankt. Is nu ook te zeggen wat hiervan de veroorzaker is geweest?

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.