[Opgelost] Checkje.

yowaambie · 2 mrt 2012

Hoi hoi,

laptop is vl trager dan normaal ! Loopt vast, hapert enz ...

Willen jullie aub een checkje doen, of er rare dingen in zitten?

Dankjewel !!

[hjt]
Logfile of HijackThis v1.99.1
Scan saved at 15:25:44, on 1-3-2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Running processes:
c:\program files (x86)\daemon tools pro\dtshellhlp.exe
d:\programmas\utorrent.exe
c:\users\mmqi-thabi\appdata\local\temp\torrent2exe\t2e.exe
c:\users\mmqi-thabi\appdata\roaming\drpsu\drvupdater.exe
c:\windows\asscrpro.exe
c:\program files (x86)\skype\phone\skype.exe
c:\program files (x86)\boingo\boingo wi-fi\boingo wi-fi.exe
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
c:\program files (x86)\asus\atk package\atk media\dmedia.exe
c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
c:\program files (x86)\eset\nod32kui.exe
c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
c:\program files (x86)\internet explorer\ielowutil.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\program files (x86)\mozilla firefox\plugin-container.exe
c:\program files (x86)\mozilla firefox\plugin-container.exe
d:\downloads\mozilla downloads\hijackthis(1).exe

r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://asus.msn.com[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://asus.msn.com[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
f2 - reg:system.ini: userinit=userinit.exe
o1 - hosts: 255.255.255.255 easyanticheat.se # misleading site
o1 - hosts: 255.255.255.255 www.easyanticheat.se # misleading site
o1 - hosts: 255.255.255.255 easyanticheat.com # misleading site
o1 - hosts: 255.255.255.255 www.easyanticheat.com # misleading site
o1 - hosts: 255.255.255.255 easyanticheat.org # misleading site
o1 - hosts: 255.255.255.255 www.easyanticheat.org # misleading site
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~1\office14\grooveex.dll
o2 - bho: aanmeldhulp voor windows live id - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: altergeo magic scanner - {9bfba68e-e21b-458e-ae12-fe85e903d2c1} - c:\program files (x86)\altergeo\altergeo magic scanner\3.2.1.742\altergeo.browserplugin.dll
o2 - bho: windows live messenger companion helper - {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
o2 - bho: skypeiepluginbho - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o2 - bho: urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~1\office14\urlredir.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
o2 - bho: youtube downloader toolbar - {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files (x86)\youtube downloader toolbar\ie\5.0\youtubedownloadertoolbarie.dll
o3 - toolbar: youtube downloader toolbar - {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files (x86)\youtube downloader toolbar\ie\5.0\youtubedownloadertoolbarie.dll
o4 - hklm\..\run: [updatelbpshortcut] c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe "c:\program files (x86)\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
o4 - hklm\..\run: [updatep2goshortcut] c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
o4 - hklm\..\run: [boingo wi-fi] c:\program files (x86)\boingo\boingo wi-fi\boingo.lnk
o4 - hklm\..\run: [atkosd2] c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
o4 - hklm\..\run: [atkmedia] c:\program files (x86)\asus\atk package\atk media\dmedia.exe
o4 - hklm\..\run: [hcontroluser] c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
o4 - hklm\..\run: [nod32kui] c:\program files (x86)\eset\nod32kui.exe /waitservice
o4 - hklm\..\run: [nbagent] d:\programmas\nero\nero backitup\nbagent.exe /winstart
o4 - hklm\..\run: [clmlserver] c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
o4 - hklm\..\run: [asuswebstorage] c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe /s
o4 - hklm\..\run: [startccc] c:\program files (x86)\atinew\ati.ace\core-static\clistart.exe msrun
o4 - hklm\..\run: [searchsettings] c:\program files (x86)\common files\spigot\search settings\searchsettings.exe
o4 - hkcu\..\run: [msnmsgr] c:\program files (x86)\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [utorrent] d:\programmas\utorrent.exe /minimized
o4 - hkcu\..\run: [daemon tools pro agent] c:\program files (x86)\daemon tools pro\dtagent.exe -autorun
o4 - hkcu\..\run: [torrent2exe] c:\users\mmqi-t~1\appdata\local\temp\torrent2exe\t2e.exe --autorun
o4 - hkcu\..\run: [drvupdater] c:\users\mmqi-thabi\appdata\roaming\drpsu\drvupdater.exe
o4 - hkcu\..\run: [eadm] d:\bf3\origin\origin.exe -autostart
o4 - hkcu\..\run: [skype] c:\program files (x86)\skype\phone\skype.exe /nosplash /minimized
o4 - startup: battery doubler.lnk = dachshund software\battery doubler\battery doubler.exe
o4 - global startup: fancystart daemon.lnk = ?
o9 - extra button: @c:\program files (x86)\windows live\companion\companionlang.dll,-600 - {0000036b-c524-4050-81a0-243669a86b9f} - c:\program files (x86)\windows live\companion\companioncore.dll
o9 - extra button: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra button: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra 'tools' menuitem: &verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra button: pokerstars - {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files (x86)\pokerstars\pokerstarsupdate.exe
o9 - extra button: &gekoppelde notities van onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra 'tools' menuitem: &gekoppelde notities van onenote - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra button: skype click to call - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o9 - extra 'tools' menuitem: skype click to call - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o10 - unknown file in winsock lsp: c:\windows\system32\nlaapi.dll
o10 - unknown file in winsock lsp: c:\windows\system32\napinsp.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o11 - options group: [accelerated_graphics] accelerated graphics
o11 - options group: [international] international
o13 - gopher prefix:
o18 - protocol: livecall - {828030a1-22c1-4009-854f-8e305202313f} - c:\program files (x86)\windows live\messenger\msgrapp.dll
o18 - protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - (no file)
o18 - protocol: msnim - {828030a1-22c1-4009-854f-8e305202313f} - c:\program files (x86)\windows live\messenger\msgrapp.dll
o18 - protocol: skype-ie-addon-data - {91774881-d725-4e58-b298-07617b9b86a8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o18 - protocol: wlmailhtml - {03c514a3-1efb-4856-9f99-10d7be1653c0} - c:\program files (x86)\windows live\mail\mailcomm.dll
o18 - protocol: wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files (x86)\windows live\photo gallery\albumdownloadprotocolhandler.dll
o18 - filter hijack: text/xml - {807573e5-5146-11d5-a672-00b0d022e945} - c:\program files (x86)\common files\microsoft shared\office14\msoxmlmf.dll
o23 - service: afbagent - unknown owner - c:\windows\system32\fbagent.exe (file missing)
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: amd external events utility - unknown owner - c:\windows\system32\atiesrxx.exe (file missing)
o23 - service: application updater - unknown owner - c:\program files (x86)\application updater\applicationupdater.exe (file missing)
o23 - service: asldr service (asldrservice) - asus - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
o23 - service: atkgfnex service (atkgfnexsrv) - asus - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: google update service (gupdate) (gupdate) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: intel(r) management and security application local management service (lms) - intel corporation - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
o23 - service: mbamservice - malwarebytes corporation - c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe
o23 - service: microsoft sharepoint workspace audit service - unknown owner - c:\program files\microsoft office\office14\groove.exe /auditservice (file missing)
o23 - service: @c:\program files (x86)\nero\update\nasvc.exe,-200 (naupdate) - nero ag - c:\program files (x86)\nero\update\nasvc.exe
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: nod32 kernel service (nod32krn) - eset - c:\program files (x86)\eset\nod32krn.exe
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\qwave.dll,-1 (qwave) - unknown owner - %windir%\system32\svchost.exe (file missing)
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\seclogon.dll,-7001 (seclogon) - unknown owner - %windir%\system32\svchost.exe (file missing)
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: audio service (stacsv) - idt, inc. - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe
o23 - service: steam client service - valve corporation - c:\program files (x86)\common files\steam\steamservice.exe
o23 - service: tuneup utilities service (tuneup.utilitiessvc) - tuneup software - c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: intel(r) management & security application user notification service (uns) - intel corporation - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: @%systemroot%\system32\wat\watux.exe,-601 (watadminsvc) - unknown owner - c:\windows\system32\wat\watadminsvc.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - %programfiles%\windows media player\wmpnetwk.exe (file missing)

[/hjt]

Abraham54 · 3 mrt 2012

Re: Checkje.

Hoi yowaambie,

welkom op dit geweldige forum.

Je hebt overigens een antieke versie van Hijack This gebruikt!

Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:

Lees telkens elke instruktie eerst goed door.
De gegeven instrukties gelden alleen jouw Windows.
Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat mogelijk serieuze problemen in Windows veroorzaken.
Installeer geen nieuwe programma's, updates of nieuwe hardware terwijl we met de fix bezig zijn.
[*]Gebruik ook geen andere programma's of tools dan diegenen waartoe ik opdracht geef.
Emoticons (smileys) a.u.b. uitzetten, wanneer je een log post.
Gebruik altijd n scanner per keer, nooit meerdere tegelijk gebruiken.
Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
Ook indien je iets niet begrijpt, meldt dat dan.
De fix, eenmaal gestart, dient afgewerkt te worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.

Stap 1
Welk programma: sUbs dds
Waarvoor/waarom: DDS is een diagnosetool en maakt gebruik van scripts.
Moeilijkheidsgraad: Lees eerst goed wat te doen.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
Download DDS van sUBS van n van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.

sUBs dds. gebruiken:

Sluit vervolgens eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start sUBs dds. middels dubbelklik op de snelkoppeling.
- Windows Vista en Windows 7: start sUBs dds. rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
Na de scan worden twee tekstdocumnenten geopend - DDS.txt en Attach.txt - post de inhoud van beide logs maar let even op het volgende!
Ga naar DDRMMR's kleurcodeerder
Kopieer en plak de gehele inhoud van de DDS-logfile in het venster en klik op de knop Converteer
Kopieer en plak de inhoud van de kleurcodeerder in je aansluitende bericht en post tevens de inhoud van Attach.txt.

Stap 2
Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

Download Malwarebytes MBAM via n van deze locaties:

Allereerst:

Al meteen na de installatie wil 'MBAM' zijn database opwaarderen toestaan dus.
Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!

Malwarebytes MBAM opstarten:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
- Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

Let op:
- Malwarebytes verstrekt nu de volledige versie van MBAM.
- Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
- Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
- Zodoende zal MBAM als gratis versie verder te gebruiken zijn

Doe ook nog het volgende:
- Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
- Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".

Scannen:

Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.

Infecties gevonden:

Klik nu eerst op OK om de melding weg te klikken
Klik vervolgens rechtsonder op de knop Bekijk resultaten.
Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven dan telkens op 'OK' klikken!
Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.

MBAM-Log:

Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.

Post aansluitend in je volgende bericht de inhoud van het MBAM-log.

Stap 3
Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:

DDS-logfile
Attach,txt-log
MBAM scanlog

yowaambie · 10 mrt 2012

Re: Checkje.

sorry voor de uber late reactie, hier mijn dds log;

[hjt]
.
dds (ver_2011-08-26.01) - ntfsamd64
internet explorer: 9.0.8112.16421
run by mmqi at 19:11:12 on 2012-03-10
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.3949.2361 [gmt 1:00]
.
av: microsoft security essentials *enabled/updated* {108dac43-c256-20b7-bb05-914135da5160}
sp: microsoft security essentials *enabled/updated* {abec4da7-e46c-2f39-81b5-aa334e5d1bdd}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
============== running processes ===============
.
c:\windows\system32\wininit.exe
c:\windows\system32\lsm.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\program files\microsoft security client\antimalware\msmpeng.exe
c:\windows\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\atieclxx.exe
c:\windows\system32\svchost.exe -k networkservice
c:\windows\system32\fbagent.exe
c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\taskeng.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
c:\program files (x86)\asus\smartlogon\smartlogon.exe
c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
c:\program files (x86)\eset\nod32krn.exe
c:\windows\system32\svchost.exe -k localservicepeernet
c:\windows\system32\taskhost.exe
c:\windows\system32\dwm.exe
c:\windows\system32\taskeng.exe
c:\program files (x86)\asus\splendid\acmon.exe
c:\program files (x86)\asus\smartlogon\sensorsrv.exe
c:\program files (x86)\asus\asus live update\alu.exe
c:\program files (x86)\asus\controldeck\controldeckstartup.exe
c:\windows\syswow64\acengsvr.exe
c:\program files\p4g\batterylife.exe
c:\windows\explorer.exe
c:\windows\system32\taskeng.exe
c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe
c:\program files (x86)\asus\wireless console 3\wcourier.exe
c:\program files\elantech\etdctrl.exe
c:\program files\idt\wdm\sttray64.exe
c:\program files (x86)\amicosinglun\amicosinglun64.exe
c:\program files\microsoft security client\msseces.exe
c:\program files (x86)\daemon tools pro\dtshellhlp.exe
c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
c:\windows\asscrpro.exe
c:\program files (x86)\boingo\boingo wi-fi\boingo wi-fi.exe
c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
c:\program files (x86)\asus\atk package\atk media\dmedia.exe
c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
c:\program files (x86)\eset\nod32kui.exe
c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
c:\program files (x86)\atinew\ati.ace\core-static\mom.exe
c:\windows\system32\svchost.exe -k imgsvc
c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe
c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
c:\program files\common files\microsoft shared\windows live\wlidsvcm.exe
c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe
c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesapp64.exe
c:\program files\microsoft security client\antimalware\nissrv.exe
c:\windows\servicing\trustedinstaller.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
c:\program files\windows media player\wmpnetwk.exe
c:\windows\system32\wbem\wmiprvse.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\windows\system32\dllhost.exe
c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe
c:\program files (x86)\nero\update\nasvc.exe
c:\windows\system32\sppsvc.exe
c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
c:\windows\system32\taskhost.exe
c:\windows\syswow64\cmd.exe
c:\windows\system32\conhost.exe
c:\windows\syswow64\cscript.exe
c:\windows\system32\wbem\wmiprvse.exe
.
============== pseudo hjt report ===============
.
ustart page = hxxp://asus.msn.com
udefault_page_url = hxxp://asus.msn.com
mwinlogon: userinit=userinit.exe
bho: adobe pdf link helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
bho: search helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
bho: groove gfs browser helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~1\office14\grooveex.dll
bho: aanmeldhulp voor windows live id: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
bho: altergeobho class: {9bfba68e-e21b-458e-ae12-fe85e903d2c1} - c:\program files (x86)\altergeo\altergeo magic scanner\3.2.1.742\altergeo.browserplugin.dll
bho: windows live messenger companion helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
bho: skype browser helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
bho: office document cache handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~1\office14\urlredir.dll
bho: java(tm) plug-in 2 ssv helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
urun: [msnmsgr] c:\program files (x86)\windows live\messenger\msnmsgr.exe /background
mrun: [updatelbpshortcut] c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe "c:\program files (x86)\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mrun: [updatep2goshortcut] c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mrun: [boingo wi-fi] c:\program files (x86)\boingo\boingo wi-fi\boingo.lnk
mrun: [atkosd2] c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
mrun: [atkmedia] c:\program files (x86)\asus\atk package\atk media\dmedia.exe
mrun: [hcontroluser] c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
mrun: [nod32kui] c:\program files (x86)\eset\nod32kui.exe /waitservice
mrun: [nbagent] d:\programmas\nero\nero backitup\nbagent.exe /winstart
mrun: [clmlserver] c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
mrun: [asuswebstorage] c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe /s
mrun: [startccc] c:\program files (x86)\atinew\ati.ace\core-static\clistart.exe msrun
mrun: [<no name>]
mrun: [malwarebytes' anti-malware] c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe /starttray
startupfolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{2b81872b-a054-48da-be3b-fa5c164c303a}\_c4a2fc3e3722966204fdd8.exe
mpolicies-explorer: noactivedesktop = 1 (0x1)
mpolicies-explorer: noactivedesktopchanges = 1 (0x1)
mpolicies-system: consentpromptbehavioradmin = 5 (0x5)
mpolicies-system: consentpromptbehavioruser = 3 (0x3)
mpolicies-system: enableuiadesktoptoggle = 0 (0x0)
mpolicies-system: enablelinkedconnections = 1 (0x1)
ie: free youtube download - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
ie: free youtube to mp3 converter - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
ie: {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files (x86)\pokerstars\pokerstarsupdate.exe
ie: {0000036b-c524-4050-81a0-243669a86b9f} - {b63dba5f-523f-4b9c-a43d-65df1977ead3} - c:\program files (x86)\windows live\companion\companioncore.dll
ie: {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - {5f7b1267-94a9-47f5-98db-e99415f33aec} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
ie: {2670000a-7350-4f3c-8081-5663ee0c6c49} - {48e73304-e1d6-4330-914c-f5f514e3486c} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
ie: {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - {fffdc614-b694-4ae6-ab38-5d6374584b52} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
ie: {898ea8c8-e7ff-479b-8935-aec46303b9e5} - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
lsp: c:\windows\system32\imon.dll
dpf: {8ad9c840-044e-11d1-b3e9-00805f499d93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
dpf: {cafeefac-0016-0000-0029-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
dpf: {cafeefac-ffff-ffff-ffff-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
tcp: dhcpnameserver = 192.168.1.254
tcp: interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a} : dhcpnameserver = 192.168.1.254
tcp: interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a}\242757e69616 : dhcpnameserver = 192.168.2.1
tcp: interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a}\2656c6b696e6534376 : dhcpnameserver = 192.168.2.1
tcp: interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a}\3596475636f6d6146403730344 : dhcpnameserver = 192.168.0.1
tcp: interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a}\37c663030316d676 : dhcpnameserver = 192.168.1.1
tcp: interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a}\4584559435e45445755425b4 : dhcpnameserver = 192.168.0.1
filter: text/xml - {807573e5-5146-11d5-a672-00b0d022e945} - c:\program files (x86)\common files\microsoft shared\office14\msoxmlmf.dll
handler: skype-ie-addon-data - {91774881-d725-4e58-b298-07617b9b86a8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
handler: wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files (x86)\windows live\photo gallery\albumdownloadprotocolhandler.dll
seh: groove gfs stub execution hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~2\micros~1\office14\grooveex.dll
{18df081c-e8ad-4283-a596-fa578c2ebdc3}
{6ebf7485-159f-4bff-a14f-b9e3aac4465b}
{72853161-30c5-4d22-b7f9-0bbc1d38a37e}
{9030d464-4c02-4abf-8ecc-5164760863c6}
{9bfba68e-e21b-458e-ae12-fe85e903d2c1}
{9fdde16b-836f-4806-ab1f-1455cbeff289}
{ae805869-2e5c-4ed4-8f7b-f1f7851a4497}
{b4f3a835-0e21-4959-ba22-42b3008e02ff}
{dbc80044-a445-435b-bc74-9c25c1c588a9}
mrun-x64: [updatelbpshortcut] c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe "c:\program files (x86)\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mrun-x64: [updatep2goshortcut] c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mrun-x64: [boingo wi-fi] c:\program files (x86)\boingo\boingo wi-fi\boingo.lnk
mrun-x64: [atkosd2] c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
mrun-x64: [atkmedia] c:\program files (x86)\asus\atk package\atk media\dmedia.exe
mrun-x64: [hcontroluser] c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
mrun-x64: [nod32kui] c:\program files (x86)\eset\nod32kui.exe /waitservice
mrun-x64: [nbagent] d:\programmas\nero\nero backitup\nbagent.exe /winstart
mrun-x64: [clmlserver] c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
mrun-x64: [asuswebstorage] c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe /s
mrun-x64: [startccc] c:\program files (x86)\atinew\ati.ace\core-static\clistart.exe msrun
mrun-x64: [(standaard)]
mrun-x64: [malwarebytes' anti-malware] c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe /starttray
ie-x64: {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files (x86)\pokerstars\pokerstarsupdate.exe
seh-x64: {b5a7f190-dda6-4420-b3ba-52453494e6cd}: groove gfs stub execution hook
hosts: 255.255.255.255 easyanticheat.se # misleading site
hosts: 255.255.255.255 www.easyanticheat.se # misleading site
hosts: 255.255.255.255 easyanticheat.com # misleading site
hosts: 255.255.255.255 www.easyanticheat.com # misleading site
hosts: 255.255.255.255 easyanticheat.org # misleading site
.
note: multiple hosts entries found. please refer to attach.txt
.
================= firefox ===================
.
ff - profilepath - c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\
ff - prefs.js: browser.search.defaulturl - hxxp://go.mail.ru/search?fr=fftb&utf8in&q=
ff - prefs.js: browser.search.selectedengine - yahoo
ff - prefs.js: keyword.url - hxxp://go.mail.ru/search?utf8in=1&fr=fftbufix&q=
ff - prefs.js: network.proxy.type - 0
ff - plugin: c:\progra~2\micros~1\office14\npauthz.dll
ff - plugin: c:\progra~2\micros~1\office14\npspwrap.dll
ff - plugin: c:\program files (x86)\adobe\reader 9.0\reader\air\nppdf32.dll
ff - plugin: c:\program files (x86)\battlelog web plugins\1.104.0\npesnlaunch.dll
ff - plugin: c:\program files (x86)\battlelog web plugins\sonar\0.70.4\npesnsonar.dll
ff - plugin: c:\program files (x86)\divx\divx ovs helper\npovshelper.dll
ff - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
ff - plugin: c:\program files (x86)\foxit software\foxit reader\plugins\npfoxitreaderplugin.dll
ff - plugin: c:\program files (x86)\google\update\1.3.21.57\npgoogleupdate3.dll
ff - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployjava1.dll
ff - plugin: c:\program files (x86)\microsoft silverlight\5.0.61118.0\npctrlui.dll
ff - plugin: c:\program files (x86)\mozilla firefox\plugins\npdeployjava1.dll
ff - plugin: c:\program files (x86)\windows live\photo gallery\npwlpg.dll
ff - plugin: c:\windows\syswow64\macromed\flash\npswf32.dll
.
---- firefox policies ----
ff - user.js: network.http.max-persistent-connections-per-server - 4
ff - user.js: nglayout.initialpaint.delay - 600
ff - user.js: content.notify.interval - 600000
ff - user.js: content.max.tokenizing.time - 1800000
ff - user.js: content.switch.threshold - 600000
.
============= services / drivers ===============
.
r1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys --> c:\windows\system32\drivers\dtsoftbus01.sys [?]
r1 mpfilter;microsoft malware protection driver;c:\windows\system32\drivers\mpfilter.sys --> c:\windows\system32\drivers\mpfilter.sys [?]
r1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys --> c:\windows\system32\drivers\vwififlt.sys [?]
r2 afbagent;afbagent;c:\windows\system32\fbagent.exe --> c:\windows\system32\fbagent.exe [?]
r2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe --> c:\windows\system32\atiesrxx.exe [?]
r2 asmmap64;asmmap64;c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys [2009-7-3 15416]
r2 mbamservice;mbamservice;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2011-7-16 652360]
r2 naupdate;nero update;c:\program files (x86)\nero\update\nasvc.exe [2010-3-25 490280]
r2 nod32krn;nod32 kernel service;c:\program files (x86)\eset\nod32krn.exe [2011-2-14 552064]
r2 tuneup.utilitiessvc;tuneup utilities service;c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe [2011-11-23 2118976]
r2 uns;intel(r) management & security application user notification service;c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe [2010-10-8 2314240]
r3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys --> c:\windows\system32\drivers\atikmdag.sys [?]
r3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys --> c:\windows\system32\drivers\atikmpag.sys [?]
r3 atihdaudioservice;amd function driver for hd audio service;c:\windows\system32\drivers\atihdw76.sys --> c:\windows\system32\drivers\atihdw76.sys [?]
r3 etd;elan ps/2 port input device;c:\windows\system32\drivers\etd.sys --> c:\windows\system32\drivers\etd.sys [?]
r3 hecix64;intel(r) management engine interface;c:\windows\system32\drivers\hecix64.sys --> c:\windows\system32\drivers\hecix64.sys [?]
r3 l1c;ndis miniport driver for atheros ar813x/ar815x pci-e ethernet controller;c:\windows\system32\drivers\l1c62x64.sys --> c:\windows\system32\drivers\l1c62x64.sys [?]
r3 mbamprotector;mbamprotector;\??\c:\windows\system32\drivers\mbam.sys --> c:\windows\system32\drivers\mbam.sys [?]
r3 nisdrv;microsoft network inspection system;c:\windows\system32\drivers\nisdrvwfp.sys --> c:\windows\system32\drivers\nisdrvwfp.sys [?]
r3 nissrv;microsoft network inspection;c:\program files\microsoft security client\antimalware\nissrv.exe [2011-4-27 288272]
r3 tuneuputilitiesdrv;tuneuputilitiesdrv;c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesdriver64.sys [2011-11-9 11856]
s2 application updater;application updater;c:\program files (x86)\application updater\applicationupdater.exe --> c:\program files (x86)\application updater\applicationupdater.exe [?]
s2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
s2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
s3 amustor;am usb stroage driver;c:\windows\system32\drivers\amustor.sys --> c:\windows\system32\drivers\amustor.sys [?]
s3 drvagent64;drvagent64;c:\windows\syswow64\drivers\drvagent64.sys [2011-12-30 21712]
s3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys --> c:\windows\system32\drivers\fssfltr.sys [?]
s3 fsssvc;windows live family safety service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
s3 gupdate;google update service (gupdate);c:\program files (x86)\google\update\googleupdate.exe [2010-10-8 135664]
s3 gupdatem;google update-service (gupdatem);c:\program files (x86)\google\update\googleupdate.exe [2010-10-8 135664]
s3 microsoft sharepoint workspace audit service;microsoft sharepoint workspace audit service;c:\program files\microsoft office\office14\groove.exe [2011-6-12 51740536]
s3 mpnwmon;microsoft malware protection network driver;c:\windows\system32\drivers\mpnwmon.sys --> c:\windows\system32\drivers\mpnwmon.sys [?]
s3 ose64;office 64 source engine;c:\program files\common files\microsoft shared\source engine\ose.exe [2010-1-9 174440]
s3 osppsvc;office software protection platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe [2010-1-9 4925184]
s3 sisgbelh;sis191/sis190 ethernet device ndis 6.0 driver;c:\windows\system32\drivers\sisg664.sys --> c:\windows\system32\drivers\sisg664.sys [?]
s3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys --> c:\windows\system32\drivers\tsusbflt.sys [?]
s3 vwifimp;microsoft virtual wifi miniport service;c:\windows\system32\drivers\vwifimp.sys --> c:\windows\system32\drivers\vwifimp.sys [?]
s3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe --> c:\windows\system32\wat\watadminsvc.exe [?]
s4 wlcrasvc;windows live mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== created last 30 ================
.
2012-03-10 18:08:49 -------- d-----w- c:\users\mmqi\appdata\local\{2c76356f-6fd8-4967-94d8-4dcb0fe08b93}
2012-03-10 18:08:36 -------- d-----w- c:\users\mmqi\appdata\local\{14e75e92-fb6f-4366-aed0-39404663e7ae}
2012-03-10 18:02:24 -------- d-----w- c:\users\mmqi\appdata\local\{b9362429-9f07-4a13-990a-7d61c4bbf379}
2012-03-10 18:02:14 -------- d-----w- c:\users\mmqi\appdata\local\{801b5eff-a524-4dc6-8890-39419502a625}
2012-03-09 23:57:09 8643640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{064f5e69-f141-4dea-bebe-a01e2fb2ad6b}\mpengine.dll
2012-03-07 11:52:47 -------- d-----w- c:\users\mmqi\appdata\local\{2c95af0b-b565-40c4-b498-166dcad77e17}
2012-03-06 23:52:25 -------- d-----w- c:\users\mmqi\appdata\local\{97bf66f9-682c-4a6b-b351-3271ce3a76ce}
2012-03-06 11:52:03 -------- d-----w- c:\users\mmqi\appdata\local\{23f086e7-9dda-4380-b64d-e1d15e4cbf30}
2012-03-05 23:51:38 -------- d-----w- c:\users\mmqi\appdata\local\{c53a4eae-6d22-4f8e-9c06-ee80dd6a2176}
2012-03-05 23:51:27 -------- d-----w- c:\users\mmqi\appdata\local\{b72a5b6a-714b-43d6-9bdf-f23450eabe20}
2012-03-05 11:45:06 -------- d-----w- c:\users\mmqi\appdata\local\{c9310b38-6eeb-4ad2-8869-558044f71eab}
2012-03-04 23:44:42 -------- d-----w- c:\users\mmqi\appdata\local\{5163e4c2-059f-4cab-9c94-85247030795c}
2012-03-04 23:44:29 -------- d-----w- c:\users\mmqi\appdata\local\{362d3dc6-01d5-43d6-98e1-4896751eb38b}
2012-03-03 12:39:57 -------- d-----w- c:\users\mmqi\appdata\local\{4b70b0b9-8fa6-4676-a58c-c5e7cd41aa8f}
2012-03-03 12:39:46 -------- d-----w- c:\users\mmqi\appdata\local\{0772c43f-ba35-4354-8ccf-ae8c2c74c241}
2012-03-03 11:00:08 -------- d-----w- c:\users\mmqi\appdata\roaming\malwarebytes
2012-03-03 00:39:20 -------- d-----w- c:\users\mmqi\appdata\local\{9a87356b-c1cd-4951-b71d-08ae6d264d0d}
2012-03-03 00:39:10 -------- d-----w- c:\users\mmqi\appdata\local\{3d1d3348-3dc6-4f5a-9960-5f7eb6c19b3c}
2012-03-01 14:34:12 -------- d-----w- c:\rbackup
2012-03-01 14:18:16 -------- d-----w- c:\program files\perfect uninstaller
2012-03-01 13:39:15 -------- d-----w- c:\users\mmqi\appdata\local\{55405d9d-0e5c-4abb-9068-67420dc34c05}
2012-03-01 13:39:05 -------- d-----w- c:\users\mmqi\appdata\local\{5cf94ba9-f862-43cc-b05b-303ecdd89aa1}
2012-02-29 23:37:34 -------- d-----w- c:\users\mmqi\appdata\local\{856abe75-084c-41bc-88f0-e0d395ac8bf7}
2012-02-29 23:37:24 -------- d-----w- c:\users\mmqi\appdata\local\{7d81622e-cdf7-4289-8e41-885d56566dec}
2012-02-29 01:18:43 -------- d-----w- c:\users\mmqi\appdata\local\{c170af36-145a-402c-b1b3-1e9ff8ff77b9}
2012-02-28 13:18:21 -------- d-----w- c:\users\mmqi\appdata\local\{735f4667-3b22-4241-a436-ab5bb35498f3}
2012-02-28 01:17:59 -------- d-----w- c:\users\mmqi\appdata\local\{37bbe140-e7c3-435d-ba5c-366c67ae3c5f}
2012-02-27 13:17:38 -------- d-----w- c:\users\mmqi\appdata\local\{145787de-1014-438d-b23f-9b5bf2bde186}
2012-02-27 01:17:16 -------- d-----w- c:\users\mmqi\appdata\local\{b7a25859-7a5f-47f9-8325-b12eb5aee928}
2012-02-26 13:16:54 -------- d-----w- c:\users\mmqi\appdata\local\{ff70beb8-faa7-408b-b30e-15a92254fa1d}
2012-02-26 13:16:44 -------- d-----w- c:\users\mmqi\appdata\local\{ef6f17a0-38dc-486b-9cde-34c6fb8918f7}
2012-02-24 02:24:48 -------- d-----w- c:\users\mmqi\appdata\local\{6e9e3953-8620-449f-9cba-ee1884d6215f}
2012-02-24 02:24:38 -------- d-----w- c:\users\mmqi\appdata\local\{9b8e7407-6456-452a-8ed7-2b26b04c3ec4}
2012-02-23 14:24:14 -------- d-----w- c:\users\mmqi\appdata\local\{7c172d61-94d6-4722-8881-03bf0de138ef}
2012-02-23 14:24:03 -------- d-----w- c:\users\mmqi\appdata\local\{a1d7986f-c20a-4304-a6f9-9674847835c0}
2012-02-23 02:23:51 -------- d-----w- c:\users\mmqi\appdata\local\{4e1f8ac8-edab-419e-aa22-087d967ec28a}
2012-02-23 02:23:40 -------- d-----w- c:\users\mmqi\appdata\local\{c1606e8f-3078-46dc-9443-a64a50d4c485}
2012-02-22 14:23:11 -------- d-----w- c:\users\mmqi\appdata\local\{87ab1ac6-2e5e-4cc5-8e01-01ec133701e4}
2012-02-22 14:23:00 -------- d-----w- c:\users\mmqi\appdata\local\{a60689e0-1c61-457a-818d-ce9a93d10408}
2012-02-22 01:49:37 -------- d-----w- c:\users\mmqi\appdata\local\{b1755713-2a8e-4103-858e-1e9be410041f}
2012-02-22 01:49:27 -------- d-----w- c:\users\mmqi\appdata\local\{375c9c7b-bd46-46ff-aea6-7c63fa0ec4e6}
2012-02-21 13:49:03 -------- d-----w- c:\users\mmqi\appdata\local\{a2a9c614-e2c7-4371-9ef9-bfde67718da8}
2012-02-21 01:48:41 -------- d-----w- c:\users\mmqi\appdata\local\{42b7e8c5-6489-48ec-bc4a-65a985a551bd}
2012-02-21 01:48:30 -------- d-----w- c:\users\mmqi\appdata\local\{7c7c59f8-c340-4109-ad31-53c3207390e7}
2012-02-20 13:48:03 -------- d-----w- c:\users\mmqi\appdata\local\{42644de7-072b-4a15-8bd6-22441320ec32}
2012-02-20 13:47:52 -------- d-----w- c:\users\mmqi\appdata\local\{a882149e-fff0-4cf2-b7f9-b6f61f3ae509}
2012-02-20 01:33:32 -------- d-----w- c:\users\mmqi\appdata\local\{02e839c3-f3da-4688-90c1-0f2d5f3b5cde}
2012-02-19 13:33:09 -------- d-----w- c:\users\mmqi\appdata\local\{a9150f2b-56c2-4c20-95e6-a2777b3bb3bc}
2012-02-19 01:32:46 -------- d-----w- c:\users\mmqi\appdata\local\{e33082c8-bf02-4bf1-8ee2-89b715034acb}
2012-02-18 20:58:31 -------- d-----w- c:\users\mmqi\appdata\local\pokerstars
2012-02-18 20:58:08 -------- d-----w- c:\program files (x86)\pokerstars
2012-02-18 14:08:15 -------- d-----w- c:\users\mmqi\appdata\roaming\dvdvideosoft
2012-02-18 14:08:11 -------- d-----w- c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers
2012-02-18 14:07:52 -------- d-----w- c:\program files (x86)\dvdvideosoft
2012-02-18 14:07:52 -------- d-----w- c:\program files (x86)\common files\dvdvideosoft
2012-02-18 13:32:23 -------- d-----w- c:\users\mmqi\appdata\local\{7fdcc67c-f058-4f8e-9a0b-7862865c3aa1}
2012-02-18 13:32:13 -------- d-----w- c:\users\mmqi\appdata\local\{f127ce15-5dc8-4159-88c4-d1faf579e471}
2012-02-18 01:31:47 -------- d-----w- c:\users\mmqi\appdata\local\{f3437ded-9736-42b0-abbc-723058c89c02}
2012-02-18 01:31:37 -------- d-----w- c:\users\mmqi\appdata\local\{f8e004cd-57bb-4922-aca7-6e0e94663e75}
2012-02-16 16:09:25 -------- d-----w- c:\users\mmqi\appdata\local\{546b83f9-99d3-44e8-82a1-6819117427c9}
2012-02-16 13:55:54 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 13:55:54 442880 ----a-w- c:\windows\syswow64\ntshrui.dll
2012-02-16 13:55:53 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 13:55:52 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 13:55:51 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 13:55:51 478720 ----a-w- c:\windows\syswow64\timedate.cpl
2012-02-16 13:55:48 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 13:55:47 690688 ----a-w- c:\windows\syswow64\msvcrt.dll
2012-02-16 04:09:04 -------- d-----w- c:\users\mmqi\appdata\local\{3edf660b-5219-48fc-b6e0-c14297a8fab0}
2012-02-15 16:08:39 -------- d-----w- c:\users\mmqi\appdata\local\{1be8749c-a746-423f-b5e3-f80aa91a4793}
2012-02-15 16:08:29 -------- d-----w- c:\users\mmqi\appdata\local\{f6bcf2be-7b21-4ad2-bc7e-283179494842}
2012-02-15 03:45:28 -------- d-----w- c:\users\mmqi\appdata\local\{7f576feb-8b58-4675-85b9-4c32dbd68ee7}
2012-02-14 15:45:06 -------- d-----w- c:\users\mmqi\appdata\local\{76bee51e-277e-413a-a56c-4d909a589624}
2012-02-13 22:37:41 -------- d-----w- c:\users\mmqi\appdata\local\{4dcd176a-396f-453d-ac36-e2a1c90e59a3}
2012-02-13 10:37:18 -------- d-----w- c:\users\mmqi\appdata\local\{6946e2a2-5da3-428b-8510-5b8a2c57964a}
2012-02-12 22:36:56 -------- d-----w- c:\users\mmqi\appdata\local\{b9aff372-58ee-4505-862c-2c7203d8be0b}
2012-02-12 10:36:34 -------- d-----w- c:\users\mmqi\appdata\local\{d6cf92c5-3b00-4c84-9e7c-b01aa6f6ce13}
2012-02-11 22:36:12 -------- d-----w- c:\users\mmqi\appdata\local\{fa19548d-9364-42f1-b9d9-8fb81fa3b3a6}
2012-02-11 10:35:49 -------- d-----w- c:\users\mmqi\appdata\local\{6f28f87a-02e9-44fa-9dd8-f6462c71b087}
2012-02-10 20:59:07 927800 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{274c1437-4687-49eb-943c-5a6ace168a53}\gapaengine.dll
2012-02-10 20:50:25 -------- d-----w- c:\users\mmqi\appdata\local\{2464feab-74c2-4caa-966f-7e68c91f6b5d}
2012-02-10 08:50:03 -------- d-----w- c:\users\mmqi\appdata\local\{8dd0a6b1-d0ca-434b-876d-b3979927f22c}
2012-02-09 20:49:39 -------- d-----w- c:\users\mmqi\appdata\local\{40ed9dd8-1b62-4068-968c-04a180f4636e}
2012-02-09 20:49:29 -------- d-----w- c:\users\mmqi\appdata\local\{269f6399-5960-448d-95ff-036c6a4d1c0c}
.
==================== find3m ====================
.
2012-02-08 21:38:35 189248 ----a-w- c:\windows\syswow64\pnkbstrb.ex0
2012-01-31 12:44:20 279656 ------w- c:\windows\system32\mpsigstub.exe
2012-01-19 21:25:03 280904 ----a-w- c:\windows\syswow64\pnkbstrb.xtr
2011-12-30 18:05:12 21712 ----a-w- c:\windows\syswow64\drivers\drvagent64.sys
2011-12-22 15:20:12 414368 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2011-12-14 07:11:03 2308096 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\syswow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\syswow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\syswow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\syswow64\mshtml.tlb
2011-11-10 19:01:28 159744 ----a-w- c:\program files (x86)\atiapfxx.exe
2011-11-10 19:01:24 4096 ----a-w- c:\program files (x86)\version.dll
2010-10-16 10:50:24 3056008 ----a-w- c:\program files (x86)\common files\asktoolbarinstaller.exe
2010-01-26 09:11:08 444283 ----a-w- c:\program files (x86)\common files\winpcapnmap.exe
2009-10-15 14:06:26 170 ----a-w- c:\program files (x86)\appprofiles.reg
.
============= finish: 19:12:42,97 ===============

[/hjt]

---------- Bericht toegevoegd om 19:10 ---------- Vorige bericht geplaatst om 19:08 ----------

en hier mijn Attach logje:

[hjt]
.
unless specifically instructed, do not post this log.
if requested, zip it up & attach it
.
dds (ver_2011-08-26.01)
.
microsoft windows 7 home premium
boot device: \device\harddiskvolume2
install date: 7-12-2010 0:16:30
system uptime: 10-3-2012 19:07:32 (0 hours ago)
.
motherboard: asustek computer inc. | | k72jr
processor: intel(r) core(tm) i3 cpu m 370 @ 2.40ghz | socket 989 | 1991/133mhz
.
==== disk partitions =========================
.
c: is fixed (ntfs) - 116 gib total, 46,666 gib free.
d: is fixed (ntfs) - 330 gib total, 183,815 gib free.
e: is cdrom ()
f: is cdrom ()
.
==== disabled device manager items =============
.
class guid: {4d36e972-e325-11ce-bfc1-08002be10318}
description: microsoft virtual wifi miniport-adapter
device id: {5d624f94-8850-40c3-a3fa-a4fd2080baf3}\vwifimp\5&4240f00&0&01
manufacturer: microsoft
name: microsoft virtual wifi miniport-adapter
pnp device id: {5d624f94-8850-40c3-a3fa-a4fd2080baf3}\vwifimp\5&4240f00&0&01
service: vwifimp
.
==== system restore points ===================
.
rp230: 8-2-2012 15:50:25 - windows update
rp231: 8-3-2012 0:57:33 - windows update
.
==== hosts file hijack ======================
.
hosts: 255.255.255.255 easyanticheat.se # misleading site
hosts: 255.255.255.255 www.easyanticheat.se # misleading site
hosts: 255.255.255.255 easyanticheat.com # misleading site
hosts: 255.255.255.255 www.easyanticheat.com # misleading site
hosts: 255.255.255.255 easyanticheat.org # misleading site
hosts: 255.255.255.255 www.easyanticheat.org # misleading site
.
==== installed programs ======================
.
7-zip 9.20
aangifte inkomstenbelasting 2008
aangifte inkomstenbelasting 2010
acrobat.com
adobe air
adobe flash player 11 activex
adobe reader 9.4.6 mui
adobe shockwave player 11.5
alcor micro usb card reader
altergeo magic scanner
amnesia - the dark descent
application profiles
asus ai recovery
asus ap bank
asus fancystart
asus lifeframe3
asus live update
asus multiframe
asus smartlogon
asus splendid video enhancement technology
asus virtual camera
asus webstorage
atk hotkey
atk package
torrent
battery doubler 1.2.1
battlefield 3™
boingo wi-fi
catalyst control center
catalyst control center - branding
catalyst control center graphics previews common
catalyst control center installproxy
ccc help english
controldeck
cool edit pro 2.0
counter-strike
cyberlink labelprint
cyberlink power2go
d3dx10
daemon tools pro
divx setup
esn sonar
foxit reader
foxit reader 5.1
free youtube download version 3.0.20.1228
free youtube to mp3 converter version 3.10.15.1228
generator
google chrome
google update helper
high-definition video playback 10
idt audio
intel(r) management engine components
java auto updater
java(tm) 6 update 29
jdownloader
junk mail filter update
k-lite codec pack 7.5.0 (full)
k_series_screensaver_en
malwarebytes anti-malware versie 1.60.1.1000
mesh runtime
messenger companion
microsoft primary interoperability assemblies 2005
microsoft search enhancement pack
microsoft sql server 2005 compact edition [enu]
microsoft visual c++ 2005 atl update kb973923 - x86 8.0.50727.4053
microsoft visual c++ 2005 redistributable
microsoft visual c++ 2008 atl update kb973924 - x86 9.0.30729.4148
microsoft visual c++ 2008 redistributable - kb2467174 - x86 9.0.30729.5570
microsoft visual c++ 2008 redistributable - x86 9.0.21022
microsoft visual c++ 2008 redistributable - x86 9.0.30729.17
microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148
microsoft visual c++ 2008 redistributable - x86 9.0.30729.6161
microsoft visual c++ 2010 x86 redistributable - 10.0.40219
microsoft wse 3.0 runtime
mirc
mozilla firefox 10.0.2 (x86 nl)
msvcrt
msvcrt_amd64
msxml 4.0 sp3 parser (kb973685)
nba 2k11
nba 2k12
nero 10 menu templatepack basic
nero 10 movie themepack basic
nero backitup 10
nero backitup 10 help (chm)
nero burning rom 10
nero burningrom 10 help (chm)
nero burnrights 10
nero burnrights 10 help (chm)
nero control center 10
nero controlcenter 10 help (chm)
nero core components 10
nero coverdesigner 10
nero coverdesigner 10 help (chm)
nero discspeed 10
nero discspeed 10 help (chm)
nero dolby files 10
nero express 10
nero express 10 help (chm)
nero infotool 10
nero infotool 10 help (chm)
nero mediahub 10
nero mediahub 10 help (chm)
nero multimedia suite 10
nero recode 10
nero recode 10 help (chm)
nero rescueagent 10
nero rescueagent 10 help (chm)
nero soundtrax 10
nero soundtrax 10 help (chm)
nero startsmart 10
nero startsmart 10 help (chm)
nero update
nero vision 10
nero vision 10 help (chm)
nero waveeditor 10
nero waveeditor 10 help (chm)
origin
pirates, vikings, & knights ii
pokerstars
punto switcher
security update for microsoft .net framework 4 client profile (kb2160841)
security update for microsoft .net framework 4 client profile (kb2446708)
security update for microsoft .net framework 4 client profile (kb2478663)
security update for microsoft .net framework 4 client profile (kb2518870)
security update for microsoft .net framework 4 client profile (kb2539636)
security update for microsoft .net framework 4 client profile (kb2572078)
security update for microsoft .net framework 4 client profile (kb2633870)
security update for microsoft .net framework 4 client profile (kb2656351)
security update for taalpakket voor microsoft .net framework 4 client profile - nld (kb2478663)
security update for taalpakket voor microsoft .net framework 4 client profile - nld (kb2518870)
skype click to call
skype™ 5.5
steam
syncables desktop se
system requirements lab cyri
tuneup utilities 2012
tuneup utilities language pack (nl-nl)
update for microsoft .net framework 4 client profile (kb2468871)
update for microsoft .net framework 4 client profile (kb2473228)
update for microsoft .net framework 4 client profile (kb2533523)
update for microsoft .net framework 4 client profile (kb2600217)
vc80crtredist - 8.0.50727.4053
vdownloader 3.0.721
visual studio 2008 x64 redistributables
vlc media player 1.1.11
vuze
windows live communications platform
windows live essentials
windows live installer
windows live mail
windows live mesh
windows live mesh - activex-besturingselement voor externe verbindingen
windows live messenger
windows live messenger companion core
windows live movie maker
windows live photo common
windows live photo gallery
windows live pimt platform
windows live soxe
windows live soxe definitions
windows live sync
windows live ux platform
windows live ux platform language pack
windows live writer
windows live writer resources
windows media player firefox plugin
winflash
winpcap 4.1.1
wireless console 3
youtube downloader 3.5
youtube downloader toolbar v5.0
.
==== end of file ===========================

[/hjt]

---------- Bericht toegevoegd om 19:17 ---------- Vorige bericht geplaatst om 19:10 ----------

En mijn malwarebytes logje:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
mmqi :: MMQI-THABI-PC [administrator]

Protection: Enabled

10-3-2012 19:17:32
mbam-log-2012-03-10 (19-17-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211168
Time elapsed: 5 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

---------- Bericht toegevoegd om 19:27 ---------- Vorige bericht geplaatst om 19:17 ----------

Heb trouwens nu ook last van de mail.ru besmetting.

Abraham54 · 10 mrt 2012

Re: Checkje.

Doe het volgende: download OTL naar je Bureaublad

OTL.com gebruiken:

Notabene: Sluit nu eerst alle nog openstaande programmavensters!
Het programma opstarten middels dubbelklikken op OTL.com.
Start verder geen andere programma's op en laat het programma ongestoord zijn werk doen.
Zet een vinkje bij Scan All Users.
Klik op de knop Quick Scan.
Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef.
De scan zal niet heel erg lang duren.
- Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is.
- OTL.Txt en Extras.Txt. Deze twee tekstbestanden zijn opgeslagen in dezelfde locatie als OTL.
- Ga naar DDRMMR's kleurcodeerder (Klik)
- Kopieer en plak de inhoud van het OTL.Txt in het webvenster en klik op de knop 'Converteer'.
- Kopieer en plak de inhoud van de kleurcodeerder in je aansluitende bericht.
- Kopieer en plak tevens de inhoud van Extras.Txt in je aansluitende bericht.
OTL produceert behoorlijk grote logs, dus kan het gebeuren, dat je het log in twee of meerdere keren moet posten.

yowaambie · 10 mrt 2012

Re: Checkje.

EXTRAS.TXT :
[hjt]
otl extras logfile created on: 3/10/2012 8:20:18 pm - run 1
otl by oldtimer - version 3.2.36.2 folder = c:\users\mmqi\desktop
64bit- home premium edition service pack 1 (version = 6.1.7601) - type = ntworkstation
internet explorer (version = 9.0.8112.16421)
locale: 00000409 | country: nederland | language: nld | date format: d-m-yyyy

3.86 gb total physical memory | 2.28 gb available physical memory | 59.22% memory free
7.71 gb paging file | 6.07 gb available in paging file | 78.69% paging file free
paging file location(s): ?:\pagefile.sys [binary data]

%systemdrive% = c: | %systemroot% = c:\windows | %programfiles% = c:\program files (x86)
drive c: | 116.44 gb total space | 42.13 gb free space | 36.18% space free | partition type: ntfs
drive d: | 329.79 gb total space | 183.81 gb free space | 55.74% space free | partition type: ntfs

computer name: mmqi-thabi-pc | user name: mmqi | logged in as administrator.
boot mode: normal | scan mode: all users | quick scan | include 64bit scans
company name whitelist: on | skip microsoft files: on | no company name whitelist: on | file age = 30 days

========== extra registry (safelist) ==========

========== file associations ==========

64bit: [hkey_local_machine\software\classes\<extension>]
.url[@ = internetshortcut] -- c:\windows\sysnative\rundll32.exe (microsoft corporation)

[hkey_local_machine\software\classes\<extension>]
.cpl [@ = cplfile] -- c:\windows\syswow64\control.exe (microsoft corporation)

[hkey_users\s-1-5-21-184446441-2391753829-3075136764-1004\software\classes\<extension>]
.html [@ = firefoxhtml] -- c:\program files (x86)\mozilla firefox\firefox.exe (mozilla corporation)

========== shell spawning ==========

64bit: [hkey_local_machine\software\classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- reg error: key error.
inffile [install] -- %systemroot%\system32\infdefaultinstall.exe "%1" (microsoft corporation)
internetshortcut [open] -- c:\windows\system32\rundll32.exe c:\windows\system32\ieframe.dll,openurl %l (microsoft corporation)
internetshortcut [print] -- c:\windows\system32\rundll32.exe c:\windows\system32\mshtml.dll,printhtml "%1" (microsoft corporation)
piffile [open] -- "%1" %*
regfile [merge] -- reg error: key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,installscreensaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- reg error: key error.
unknown [openas] -- %systemroot%\system32\rundll32.exe %systemroot%\system32\shell32.dll,openas_rundll %1
directory [addtoplaylistvlc] -- c:\program files (x86)\videolan\vlc\vlc.exe --started-from-file --playlist-enqueue "%1" ()
directory [cmd] -- cmd.exe /s /k pushd "%v" (microsoft corporation)
directory [find] -- %systemroot%\explorer.exe (microsoft corporation)
directory [playwithvlc] -- c:\program files (x86)\videolan\vlc\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
folder [open] -- %systemroot%\explorer.exe (microsoft corporation)
folder [explore] -- reg error: value error.
drive [find] -- %systemroot%\explorer.exe (microsoft corporation)

[hkey_local_machine\software\classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %systemroot%\system32\control.exe "%1",%* (microsoft corporation)
exefile [open] -- "%1" %*
helpfile [open] -- reg error: key error.
inffile [install] -- %systemroot%\system32\infdefaultinstall.exe "%1" (microsoft corporation)
piffile [open] -- "%1" %*
regfile [merge] -- reg error: key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,installscreensaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- reg error: key error.
unknown [openas] -- %systemroot%\system32\rundll32.exe %systemroot%\system32\shell32.dll,openas_rundll %1
directory [addtoplaylistvlc] -- c:\program files (x86)\videolan\vlc\vlc.exe --started-from-file --playlist-enqueue "%1" ()
directory [cmd] -- cmd.exe /s /k pushd "%v" (microsoft corporation)
directory [find] -- %systemroot%\explorer.exe (microsoft corporation)
directory [playwithvlc] -- c:\program files (x86)\videolan\vlc\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
folder [open] -- %systemroot%\explorer.exe (microsoft corporation)
folder [explore] -- reg error: value error.
drive [find] -- %systemroot%\explorer.exe (microsoft corporation)

========== security center settings ==========

64bit: [hkey_local_machine\software\microsoft\security center]
"cval" = 1
"autoupdatedisablenotify" = 1

64bit: [hkey_local_machine\software\microsoft\security center\monitoring]

64bit: [hkey_local_machine\software\microsoft\security center\svc]
"vistasp1" = 28 4d b2 76 41 04 ca 01 [binary data]
"antivirusoverride" = 0
"antispywareoverride" = 0
"firewalloverride" = 0

64bit: [hkey_local_machine\software\microsoft\security center\svc\vol]

[hkey_local_machine\software\microsoft\security center]

[hkey_local_machine\software\microsoft\security center\svc]

========== firewall settings ==========

[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile]
"disablenotifications" = 0
"enablefirewall" = 1

[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"disablenotifications" = 0
"enablefirewall" = 1

[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\publicprofile]
"disablenotifications" = 0
"enablefirewall" = 1

========== authorized applications list ==========

[hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"c

rogram filescinema tv livecinema tv live.exe" = c

rogram filescinema tv livecinema tv live.exe:*:enabled:cinema tv live
"c

rogram filescinema tv livecinema tv live.exe" = c

rogram filescinema tv livecinema tv live.exe:*:enabled:cinema tv live

========== hkey_local_machine uninstall list ==========

64bit: [hkey_local_machine\software\microsoft\windows\currentversion\uninstall]
"{05bfb060-4f22-4710-b0a2-2801a1b606c5}" = microsoft antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = microsoft visual c++ 2005 redistributable (x64)
"{0bd776f3-057d-4c11-020c-4fa9b13d04f9}" = amd catalyst install manager
"{13f4a7f3-eabc-4261-af6b-1317777f0755}" = fast boot
"{180c8888-50f1-426b-a9dc-ab83a1989c65}" = windows live language selector
"{1acc8ffb-9d84-4c05-a4de-d28a9bc91698}" = windows live id sign-in assistant
"{42738db0-fc3e-4672-a99b-9372f5696e30}" = microsoft security client
"{4567ea14-6bca-3ef9-859b-92ce48b1d704}" = microsoft .net framework 4 client profile nld language pack
"{463fb535-67fb-17c9-6fd6-164bc60462f6}" = ccc-utility64
"{4b6c7001-c7d6-3710-913e-5bc23fce91e6}" = microsoft visual c++ 2008 redistributable - x64 9.0.30729.4148
"{4d533f05-a3f6-f8a9-f1f6-fa6812089d36}" = amd drag and drop transcoding
"{503f672d-6c84-448a-8f8f-4bc35ac83441}" = amd app sdk runtime
"{5fce6d76-f5dc-37ab-b2b8-22ab8cedb1d4}" = microsoft visual c++ 2008 redistributable - x64 9.0.30729.6161
"{6cbfdc3c-cf21-4c02-a6dc-a5a2707faf55}" = windows live remote service resources
"{89f4137d-6c26-4a84-bdb8-2e5a4bb71e00}" = microsoft silverlight
"{90140000-0011-0000-1000-0000000ff1ce}" = microsoft office professional plus 2010
"{90140000-0011-0000-1000-0000000ff1ce}_office14.proplus_{7bc9b5eb-125a-4e9b-97e1-8d85b5e960b8}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0015-0413-1000-0000000ff1ce}" = microsoft office access mui (dutch) 2010
"{90140000-0015-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0016-0413-1000-0000000ff1ce}" = microsoft office excel mui (dutch) 2010
"{90140000-0016-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0018-0413-1000-0000000ff1ce}" = microsoft office powerpoint mui (dutch) 2010
"{90140000-0018-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0019-0413-1000-0000000ff1ce}" = microsoft office publisher mui (dutch) 2010
"{90140000-0019-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-001a-0413-1000-0000000ff1ce}" = microsoft office outlook mui (dutch) 2010
"{90140000-001a-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-001b-0413-1000-0000000ff1ce}" = microsoft office word mui (dutch) 2010
"{90140000-001b-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-001f-0407-1000-0000000ff1ce}" = microsoft office proof (german) 2010
"{90140000-001f-0407-1000-0000000ff1ce}_office14.proplus_{70a3169e-288f-454f-a08d-20df66639b50}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-001f-0409-1000-0000000ff1ce}" = microsoft office proof (english) 2010
"{90140000-001f-0409-1000-0000000ff1ce}_office14.proplus_{0242505c-4e90-407f-9299-b5b275f50d86}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-001f-040c-1000-0000000ff1ce}" = microsoft office proof (french) 2010
"{90140000-001f-040c-1000-0000000ff1ce}_office14.proplus_{b51389c8-2890-4633-81d8-47d2a7402274}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-001f-0413-1000-0000000ff1ce}" = microsoft office proof (dutch) 2010
"{90140000-001f-0413-1000-0000000ff1ce}_office14.proplus_{aa4240dc-855a-477b-8e38-89fbc16056e3}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-002c-0413-1000-0000000ff1ce}" = microsoft office proofing (dutch) 2010
"{90140000-002c-0413-1000-0000000ff1ce}_office14.proplus_{f6144043-f441-49ee-bc99-ecaafd3c3a65}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0043-0000-1000-0000000ff1ce}" = microsoft office office 32-bit components 2010
"{90140000-0043-0000-1000-0000000ff1ce}_office14.proplus_{e8b6d35b-0b6f-4dce-9493-859bf3809a7f}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0043-0413-1000-0000000ff1ce}" = microsoft office shared 32-bit mui (dutch) 2010
"{90140000-0043-0413-1000-0000000ff1ce}_office14.proplus_{acb44c8d-aa50-44d2-b1dc-408a7f215fa2}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-0044-0413-1000-0000000ff1ce}" = microsoft office infopath mui (dutch) 2010
"{90140000-0044-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-006e-0413-1000-0000000ff1ce}" = microsoft office shared mui (dutch) 2010
"{90140000-006e-0413-1000-0000000ff1ce}_office14.proplus_{ba6af386-8886-4907-8cdf-be7b7071944a}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-00a1-0413-1000-0000000ff1ce}" = microsoft office onenote mui (dutch) 2010
"{90140000-00a1-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{90140000-00ba-0413-1000-0000000ff1ce}" = microsoft office groove mui (dutch) 2010
"{90140000-00ba-0413-1000-0000000ff1ce}_office14.proplus_{f5dbc9e7-1b2b-4aa8-87de-b586e5abf7d0}" = microsoft office 2010 service pack 1 (sp1)
"{91efe3a1-585e-4f66-b5f6-f118f56c4c47}" = asus power4gear hybrid
"{95120000-00b9-0409-1000-0000000ff1ce}" = microsoft application error reporting
"{95140000-007a-0413-1000-0000000ff1ce}" = microsoft outlook hotmail connector 64-bits
"{95140000-007d-0409-1000-0000000ff1ce}" = microsoft outlook social connector provider for windows live messenger 64-bit
"{a6fe29a0-622b-2763-88aa-d1e084f77cd9}" = amd media foundation decoders
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = microsoft visual c++ 2005 redistributable (x64) - kb2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = microsoft visual c++ 2005 redistributable (x64)
"{b6e3757b-5e77-3915-866a-ccfc4b8d194c}" = microsoft visual c++ 2005 atl update kb973923 - x64 8.0.50727.4053
"{c9f05151-95a9-4b9b-b534-1760e2d014a5}" = windows live remote client resources
"{cea21f20-dbf4-464c-8b81-28b8508afddd}" = windows live family safety
"{da54f80e-261c-41a2-a855-549a144f2f59}" = windows live mime ifilter
"{da5e371c-6333-3d8a-93a4-6fd5b20bcc6e}" = microsoft visual c++ 2010 x64 redistributable - 10.0.30319
"{dc911adf-7b60-40f2-a112-fb1eb6402d07}" = microsoft security client nl-nl language pack
"{df1ffba0-5851-46d1-90e8-818e4e75cccf}" = avg 2011
"{df6d988a-eea0-4277-aab8-158e086e439b}" = windows live remote client
"{e02a6548-6fde-40e2-8ed9-119d7d7e641f}" = windows live remote service
"{f11009b0-f4db-463b-b717-5266e47498aa}" = windows live family safety
"{f5b09cfd-f0b2-36af-8df4-1df6b63fc7b4}" = microsoft .net framework 4 client profile
"{f8edc0f8-15bc-4411-8762-77105c8aaeec}" = microsoft antimalware service nl-nl language pack
"38c67bf1810213b90eeb4c2bbdc66a000c9d2b15" = windows-stuurprogrammapakket - intel(r) corporation media (09/26/2009 6.12.00.3034)
"8303db422d955d7bebedda7b3c66606556405d5a" = windows-stuurprogrammapakket - intel (impcd) system (10/12/2009 01.00.00.1030)
"adobe flash player plugin" = adobe flash player 11 plugin 64-bit
"asus usb2.0 uvc vga webcam" = asus usb2.0 uvc vga webcam
"de35df194f1f4f776aa8626270ee5c24bcdffe37" = windows-stuurprogrammapakket - intel corporation (igfx) display (10/30/2009 8.15.10.1986)
"driveragent.exe" = driveragent by esupport.com
"elantech" = etdware ps/2-x64 7.0.5.9_whql
"microsoft .net framework 4 client profile" = microsoft .net framework 4 client profile
"microsoft .net framework 4 client profile nld language pack" = taalpakket voor microsoft .net framework 4 client profile - nld
"microsoft security client" = microsoft security essentials
"office14.proplus" = microsoft office professional plus 2010
"perfect uninstaller_is1" = perfect uninstaller v6.3.3.9
"winrar archiver" = winrar archiver

[hkey_local_machine\software\microsoft\windows\currentversion\uninstall]
"{002d9d5e-29ba-3e6d-9bc4-3d7d6dbc735c}" = microsoft visual c++ 2008 atl update kb973924 - x86 9.0.30729.4148
"{0309f85c-b1cc-da9f-d184-fe93ccf08e1d}" = application profiles
"{048298c9-a4d3-490b-9ff9-ab023a9238f3}" = steam
"{04e9b02b-4f85-4b73-b865-27b9b8b35877}" = nba 2k12
"{06585b02-f20d-4ab2-9a64-86ef2ae0f8f0}" = asus ai recovery
"{08c8666b-c502-4ab3-b4cb-d74ac42d14fe}" = nero backitup 10 help (chm)
"{0969af05-4ff6-4c00-9406-43599238de0d}" = asus splendid video enhancement technology
"{0b0f231f-ce6a-483d-aa23-77b364f75917}" = windows live installer
"{14b441b7-774d-4170-98ea-a13667ae6218}" = windows live writer resources
"{16987e99-c95c-4513-9239-7b44a0a71db5}" = nero soundtrax 10 help (chm)
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = youtube downloader 3.5
"{1dbd1f12-ed93-49c0-a7cc-56cbde488158}" = asus lifeframe3
"{1f1c2dfc-2d24-3e06-bcb8-725134adf989}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148
"{1f6ab0e7-8cdd-4b93-8a23-aa9eb2fefce4}" = junk mail filter update
"{1f7fb68f-52f6-46a3-b42f-38ce46295ae5}" = nero mediahub 10
"{200fec62-3c34-4d60-9ce8-ec372e01c08f}" = windows live soxe definitions
"{20fdf948-c8ed-4543-a539-f7f4aef5afa2}" = wireless console 3
"{23170f69-40c1-2701-0920-000001000000}" = 7-zip 9.20
"{237ccb62-8454-43e3-b158-3acd0134852e}" = high-definition video playback 10
"{2436f2a8-4b7e-4b6c-ae4e-604c84aa6a4f}" = nero core components 10
"{26a24ae4-039d-4ca4-87b4-2f83216026ff}" = java(tm) 6 update 29
"{277c1559-4cf7-44ff-8d07-98aa9c13aabd}" = nero multimedia suite 10
"{287ecfa4-719a-2143-a09b-d6a12de54e40}" = acrobat.com
"{2a07c35b-8384-4da4-9a95-442b6c89a073}" = windows live essentials
"{2b81872b-a054-48da-be3b-fa5c164c303a}" = asus fancystart
"{2eca81ca-d932-4ad3-ad59-bf5ccf099c83}" = catalyst control center - branding
"{32364cea-7855-4a3c-b674-53d8e9b97936}" = tuneup utilities 2012
"{329411a0-19f3-4740-874f-17400b126f27}" = nero vision 10 help (chm)
"{3336f667-9049-4d46-98b6-4c743eebc5b1}" = windows live photo gallery
"{33643918-7957-4839-92c7-ea96cb621a98}" = nero express 10 help (chm)
"{341697d8-9923-445e-b42a-529e5a99cb7a}" = syncables desktop se
"{34490f4e-48d0-492e-8249-b48becf0537c}" = nero discspeed 10
"{347151c4-7f16-b275-8865-cc6b64056d3f}" = catalyst control center graphics previews common
"{3f4143a1-9c21-4011-8679-3bc1014c6886}" = windows live mesh
"{40bf1e83-20eb-11d8-97c5-0009c5020658}" = cyberlink power2go
"{48294d95-ee9a-4377-8213-44fc4265fb27}" = windows live messenger
"{4a03706f-666a-4037-7777-5f2748764d10}" = java auto updater
"{523b2b1b-d8db-4b41-90ff-c4d799e2758a}" = nero controlcenter 10 help (chm)
"{54b7a3c7-0940-4c16-a509-fc3c3758d22a}_is1" = amnesia - the dark descent
"{555868c6-49fb-484f-bb43-8980651a1b00}" = nero burnrights 10 help (chm)
"{5b65ef64-1dfa-414a-8c94-7bb726158e21}" = controldeck
"{5ee7d259-d137-4438-9a5f-42f432ec0421}" = vc80crtredist - 8.0.50727.4053
"{62aebbb6-8314-7902-b3da-1690f97dfa74}" = ccc help english
"{63aa3eab-23bb-48b2-9ad0-44f878075604}" = nero 10 menu templatepack basic
"{64452561-169f-4a36-a2ff-b5e118ec65f5}" = asus smartlogon
"{65153ea5-8b6e-43b6-857b-c6e4fc25798a}" = intel(r) management engine components
"{65bb0407-4cc8-4dc7-952e-3eefdf05602a}" = nero update
"{66049135-9659-4aad-9169-9cca269ebb3e}" = nero infotool 10 help (chm)
"{68205ffb-5918-43d4-b0d4-131de9282046}" = foxit reader
"{682b3e4f-696a-42de-a41c-4c07ea1678b4}" = windows live soxe
"{68ab6930-5bff-4ff6-923b-516a91984fe6}" = nero backitup 10
"{69fdfbb6-351d-4b8c-89d8-867dc9d0a2a4}" = windows media player firefox plugin
"{6dfb899f-17a2-48f0-a533-ed8d6866cf38}" = nero control center 10
"{70550193-1c22-445c-8fa4-564e155db1a7}" = nero express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = microsoft visual c++ 2005 redistributable
"{76285c16-411a-488a-bce3-c83cb933d8cf}" = battlefield 3™
"{770657d0-a123-3c07-8e44-1c83ec895118}" = microsoft visual c++ 2005 atl update kb973923 - x86 8.0.50727.4053
"{78a96b4c-a643-4d0f-98c2-a8e16a6669f9}" = windows live messenger companion core
"{7a295d8f-484b-4ffb-89ab-c1fd497591fe}" = nero waveeditor 10 help (chm)
"{7a5d731d-b4b3-490e-b339-75685712baab}" = nero burning rom 10
"{7c05592d-424b-46cb-b505-e0013e8e75c9}" = atk hotkey
"{7e017923-16f8-4e32-94ef-0a150bd196fe}" = windows live writer
"{8142d25e-028a-4563-86ed-5755783c8029}" = messenger companion
"{81dd0597-29eb-4fa0-8223-4f41362b2e72}" = nba 2k11
"{83c292b7-38a5-440b-a731-07070e81a64f}" = windows live pimt platform
"{86ce85e6-dbac-3ffd-b977-e4b79f83c909}" = microsoft visual c++ 2008 redistributable - kb2467174 - x86 9.0.30729.5570
"{8c6d6116-b724-4810-8f2d-d047e6b7d68e}" = mesh runtime
"{8dd46c6a-0056-4fec-b70a-28bb16a1f11f}" = msvcrt
"{8ecec853-5c3d-4b10-b5c7-ff11ff724807}" = nero recode 10
"{8f21291e-0444-4b1d-b9f9-4370a73e346d}" = winflash
"{92e25238-61a3-4acd-a407-3c480eef47a7}" = nero rescueagent 10 help (chm)
"{92ea4134-10d1-418a-91e1-5a0453131a38}" = windows live movie maker
"{93df9f1f-17eb-82c0-f82b-9abc230d6de5}" = application profiles
"{943a8d28-80d6-41dc-ae94-81feb42041bf}" = system requirements lab cyri
"{943cfd7d-5336-47af-9418-e02473a5a517}" = nero burnrights 10
"{96d1db14-e6fd-4f3b-8f2c-060b28063907}" = altergeo magic scanner
"{9a25302d-30c0-39d9-bd6f-21e6ec160475}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.17
"{9a4297f3-2a51-4ed9-92ca-4bcb8380947e}" = nero vision 10
"{9b6b24be-80e7-46c4-9fa5-b167d5e0f345}" = nero burningrom 10 help (chm)
"{9bd262d0-b788-4546-a0a5-f4f56ec3834b}" = windows live photo common
"{9be518e6-ecc6-35a9-88e4-87755c07200f}" = microsoft visual c++ 2008 redistributable - x86 9.0.30729.6161
"{9d48531d-2135-49fc-bc29-accda5396a76}" = asus multiframe
"{9d56775a-93f3-44a3-8092-840e3826de30}" = windows live mail
"{a2090170-70b6-40d6-8b43-04ecdc641ea6}" = tuneup utilities language pack (nl-nl)
"{a2bca9f1-566c-4805-97d1-7fdc93386723}" = adobe air
"{a60b3bf0-954b-42af-b8d8-2c1d34b613aa}" = windows live photo gallery
"{a726ae06-aaa3-43d1-87e3-70f510314f04}" = windows live writer
"{a7e19604-93af-4611-8c9f-ce509c2b286e}_is1" = vdownloader 3.0.721
"{a92dab39-4e2c-4304-9ab6-bc44e68b55e2}" = google update helper
"{a9bdca6b-3653-467b-ac83-94367da3bfe3}" = windows live photo common
"{aa59dde4-b672-4621-a016-4c248204957a}" = skype™ 5.5
"{aaafc670-569b-4a2f-82b4-42945e0de3ef}" = windows live writer
"{ab5c933e-5c7d-4d30-b314-9c83a49b94be}" = atk package
"{ac76ba86-7ad7-ffff-7b44-a91000000001}" = adobe reader 9.4.6 mui
"{b653a2ec-d816-4498-a4fd-651047ab9dc9}" = boingo wi-fi
"{b6cf2967-c81e-40c0-9815-c05774fef120}" = skype click to call
"{b9b55e8c-7ef6-4937-85f2-282a9f645eac}" = youtube downloader toolbar v5.0
"{ba45d6c9-ac93-288b-dc4c-d65a01a2ed02}" = application profiles
"{c01ae05c-3c8c-75b3-c9f0-1b525dd3697c}" = catalyst control center installproxy
"{c18a0418-442a-4186-af98-d08f5054a2fc}" = nero discspeed 10 help (chm)
"{c3273c55-e1e4-41ff-8d69-0158090db8d8}" = nero coverdesigner 10 help (chm)
"{c32ce55c-12ba-4951-8797-0967fdef556f}" = windows live mesh - activex-besturingselement voor externe verbindingen
"{c3580ac4-c827-4332-b935-9a282ed5bb97}" = nero dolby files 10
"{c496ed25-f3ec-0cbc-37db-b31c6e6592c9}" = application profiles
"{c59c179c-668d-49a9-b6ea-0121ccfc1243}" = cyberlink labelprint
"{cb7224d9-6dca-43f1-8f83-6b1e39a00f92}" = windows live movie maker
"{ce95a79e-e4fc-4fff-8a75-29f04b942ff2}" = windows live ux platform
"{cff8b8e8-e086-4de0-935f-fe22cab54f80}" = microsoft search enhancement pack
"{d0b44725-3666-492d-bef6-587a14bd9bd9}" = msvcrt_amd64
"{d24db8b9-bb6c-4334-9619-ba1c650e13d3}" = microsoft primary interoperability assemblies 2005
"{d45240d3-b6b3-4ff9-b243-54ece3e10066}" = windows live communications platform
"{d588365a-ae39-4f27-bdae-b4e72c8e900c}" = windows live mail
"{d6f25cf9-4e87-43eb-b324-c12be9cdd668}" = windows live ux platform language pack
"{db7c1d4a-08ba-4c7e-a8aa-b7f9bb372dcf}" = nero recode 10 help (chm)
"{decdcb7c-58cc-4865-91af-627f9798fe48}" = windows live mesh
"{e09c4db7-630c-4f06-a631-8ea7239923af}" = d3dx10
"{e1ee5339-5d32-458f-baab-b19f6301bce2}" = nero soundtrax 10
"{e337e787-cf61-4b7b-b84f-509202a54023}" = nero rescueagent 10
"{e34f703a-1c9d-4b1f-abbe-d7e8800b860d}" = windows live sync
"{e3a5a8ab-58f6-45ff-afcb-c9ae18c05001}" = idt audio
"{e3e71d07-cd27-46cb-8448-16d4fb29aa13}" = microsoft wse 3.0 runtime
"{e5b21f11-6933-4e0b-a25c-7963e3c07d11}" = windows live messenger
"{e657b243-9ad4-4ecc-be81-4ccf8d667fd0}" = asus live update
"{ec8bd21f-0ca0-4bbf-97d9-4a52b30041a1}" = asus virtual camera
"{edcdfad5-df80-4600-a493-e9dad6810230}" = nero waveeditor 10
"{f0b430d1-b6aa-473d-9b06-aa3dd01fd0b8}" = microsoft sql server 2005 compact edition [enu]
"{f0c3e5d1-1ade-321e-8167-68ef0de699a5}" = microsoft visual c++ 2010 x86 redistributable - 10.0.40219
"{f2739d43-f30e-4294-87c1-0f814cceb9e9}" = catalyst control center installproxy
"{f412b4af-388c-4ff5-9b2f-33db1c536953}" = nero infotool 10
"{f467862a-d9ca-47ed-8d81-b4b3c9399272}" = nero mediahub 10 help (chm)
"{f4bf5f6b-f695-4762-aeb2-d095a4c34d89}" = alcor micro usb card reader
"{f5cb822f-b365-43d1-bcc0-4fda1a2017a7}" = nero 10 movie themepack basic
"{f6117f9c-adb5-4590-9be4-12c7bec28702}" = nero startsmart 10 help (chm)
"{f61d489e-6c44-49ac-ad02-7da8aca73a65}" = nero startsmart 10
"{f658aa94-daa4-4984-80e7-0eb2a10d816c}" = battery doubler 1.2.1
"{f865b0b5-0d43-2704-0b22-35c5f721374b}" = catalyst control center
"{fcdbea60-79f0-4fae-bba8-55a26c609a49}" = visual studio 2008 x64 redistributables
"{fcf00a6e-fb58-477a-abe9-232907105521}" = nero coverdesigner 10
"{ff66e9f6-83e7-3a3e-af14-8de9a809a6a4}" = microsoft visual c++ 2008 redistributable - x86 9.0.21022
"8461-7759-5462-8226" = vuze
"aangifte inkomstenbelasting 2008" = aangifte inkomstenbelasting 2008
"aangifte inkomstenbelasting 2010" = aangifte inkomstenbelasting 2010
"adobe air" = adobe air
"adobe flash player activex" = adobe flash player 11 activex
"adobe shockwave player" = adobe shockwave player 11.5
"asus ap bank_is1" = asus ap bank
"asus webstorage" = asus webstorage
"cool edit pro 2.0" = cool edit pro 2.0
"daemon tools pro" = daemon tools pro
"divx setup.divx.com" = divx setup
"esn sonar-0.70.4" = esn sonar
"foxit reader_is1" = foxit reader 5.1
"free youtube download_is1" = free youtube download version 3.0.20.1228
"free youtube to mp3 converter_is1" = free youtube to mp3 converter version 3.10.15.1228
"google chrome" = google chrome
"installshield_{40bf1e83-20eb-11d8-97c5-0009c5020658}" = cyberlink power2go
"installshield_{c59c179c-668d-49a9-b6ea-0121ccfc1243}" = cyberlink labelprint
"installshield_{f4bf5f6b-f695-4762-aeb2-d095a4c34d89}" = alcor micro usb card reader
"jdownloader" = jdownloader
"k_series_screensaver_en" = k_series_screensaver_en
"klitecodecpack_is1" = k-lite codec pack 7.5.0 (full)
"malwarebytes' anti-malware_is1" = malwarebytes anti-malware versie 1.60.1.1000
"mirc" = mirc
"mozilla firefox 10.0.2 (x86 nl)" = mozilla firefox 10.0.2 (x86 nl)
"origin" = origin
"pokerstars" = pokerstars
"punto switcher" = punto switcher
"steam app 10" = counter-strike
"steam app 17570" = pirates, vikings, & knights ii
"tuneup utilities 2012" = tuneup utilities 2012
"utorrent" = torrent
"vlc media player" = vlc media player 1.1.11
"winlivesuite" = windows live essentials
"winpcapinst" = winpcap 4.1.1

========== hkey_users uninstall list ==========

[hkey_users\s-1-5-21-184446441-2391753829-3075136764-1004\software\microsoft\windows\currentversion\uninstall]
"generator" = generator

========== last 10 event log errors ==========

error reading event logs: the event service is not operating properly or the event logs are corrupt!

< end of report >

[/hjt]

---------- Bericht toegevoegd om 20:22 ---------- Vorige bericht geplaatst om 20:20 ----------

[hjt]
otl logfile created on: 3/10/2012 8:20:18 pm - run 1
otl by oldtimer - version 3.2.36.2 folder = c:\users\mmqi\desktop
64bit- home premium edition service pack 1 (version = 6.1.7601) - type = ntworkstation
internet explorer (version = 9.0.8112.16421)
locale: 00000409 | country: nederland | language: nld | date format: d-m-yyyy

3.86 gb total physical memory | 2.28 gb available physical memory | 59.22% memory free
7.71 gb paging file | 6.07 gb available in paging file | 78.69% paging file free
paging file location(s): ?:\pagefile.sys [binary data]

%systemdrive% = c: | %systemroot% = c:\windows | %programfiles% = c:\program files (x86)
drive c: | 116.44 gb total space | 42.13 gb free space | 36.18% space free | partition type: ntfs
drive d: | 329.79 gb total space | 183.81 gb free space | 55.74% space free | partition type: ntfs

computer name: mmqi-thabi-pc | user name: mmqi | logged in as administrator.
boot mode: normal | scan mode: all users | quick scan | include 64bit scans
company name whitelist: on | skip microsoft files: on | no company name whitelist: on | file age = 30 days

========== processes (safelist) ==========

prc - [2012/03/10 20:19:06 | 000,593,920 | ---- | m] (oldtimer tools) -- c:\users\mmqi\desktop\otl.com
prc - [2012/01/13 14:53:18 | 000,652,360 | ---- | m] (malwarebytes corporation) -- c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe
prc - [2012/01/13 14:53:18 | 000,460,872 | ---- | m] (malwarebytes corporation) -- c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe
prc - [2011/04/27 08:56:10 | 000,232,896 | ---- | m] (vuze inc.) -- c:\program files (x86)\vuze\azureus.exe
prc - [2011/03/17 09:15:46 | 000,382,272 | ---- | m] (dt soft ltd) -- c:\program files (x86)\daemon tools pro\dtshellhlp.exe
prc - [2011/02/14 00:09:03 | 000,949,376 | ---- | m] (eset ) -- c:\program files (x86)\eset\nod32kui.exe
prc - [2011/02/14 00:09:03 | 000,552,064 | ---- | m] (eset ) -- c:\program files (x86)\eset\nod32krn.exe
prc - [2010/10/08 12:29:07 | 003,054,136 | ---- | m] (asus) -- c:\windows\asscrpro.exe
prc - [2010/03/25 13:39:22 | 000,490,280 | ---- | m] (nero ag) -- c:\program files (x86)\nero\update\nasvc.exe
prc - [2010/01/05 01:43:36 | 001,597,440 | ---- | m] () -- c:\program files (x86)\asus\wireless console 3\wcourier.exe
prc - [2009/11/24 21:45:36 | 000,053,888 | ---- | m] () -- c:\program files (x86)\asus\controldeck\controldeckstartup.exe
prc - [2009/11/10 03:20:36 | 000,096,896 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
prc - [2009/11/02 22:21:26 | 000,103,720 | ---- | m] (cyberlink) -- c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
prc - [2009/10/27 04:29:32 | 006,998,656 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
prc - [2009/10/01 03:34:22 | 002,314,240 | ---- | m] (intel corporation) -- c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
prc - [2009/10/01 03:33:08 | 000,262,144 | ---- | m] (intel corporation) -- c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
prc - [2009/08/20 04:31:48 | 000,170,624 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atk media\dmedia.exe
prc - [2009/08/12 20:32:56 | 000,365,936 | ---- | m] (boingo wireless, inc.) -- c:\program files (x86)\boingo\boingo wi-fi\boingo wi-fi.exe
prc - [2009/06/19 10:29:42 | 000,105,016 | ---- | m] (asus) -- c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
prc - [2009/06/16 01:30:42 | 000,084,536 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
prc - [2009/05/18 23:58:38 | 000,305,720 | ---- | m] (asus) -- c:\program files (x86)\asus\smartlogon\sensorsrv.exe
prc - [2007/11/30 19:20:44 | 000,051,768 | ---- | m] () -- c:\program files (x86)\asus\asus live update\alu.exe

========== modules (no company name) ==========

mod - [2011/12/30 06:23:40 | 000,028,160 | ---- | m] () -- c:\users\mmqi\appdata\roaming\azureus\plugins\azutp\win32\utp.dll
mod - [2011/04/27 08:56:18 | 000,102,400 | ---- | m] () -- c:\program files (x86)\vuze\plugins\azitunes\jacob-1.14.3-x86.dll
mod - [2011/04/27 08:56:10 | 000,087,480 | ---- | m] () -- c:\program files (x86)\vuze\aereg.dll
mod - [2010/01/05 01:43:36 | 001,597,440 | ---- | m] () -- c:\program files (x86)\asus\wireless console 3\wcourier.exe
mod - [2009/11/24 21:45:36 | 000,053,888 | ---- | m] () -- c:\program files (x86)\asus\controldeck\controldeckstartup.exe
mod - [2009/11/02 22:23:36 | 000,013,096 | ---- | m] () -- c:\program files (x86)\cyberlink\power2go\clmlsvcps.dll
mod - [2009/11/02 22:20:10 | 000,619,816 | ---- | m] () -- c:\program files (x86)\cyberlink\power2go\clmedialibrary.dll
mod - [2007/11/30 19:20:44 | 000,051,768 | ---- | m] () -- c:\program files (x86)\asus\asus live update\alu.exe

========== win32 services (safelist) ==========

srv:64bit: - [2011/11/10 04:11:32 | 000,204,288 | ---- | m] (amd) [auto | running] -- c:\windows\sysnative\atiesrxx.exe -- (amd external events utility)
srv:64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | m] (microsoft corporation) [on_demand | running] -- c:\program files\microsoft security client\antimalware\nissrv.exe -- (nissrv)
srv:64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | m] (microsoft corporation) [auto | running] -- c:\program files\microsoft security client\antimalware\msmpeng.exe -- (msmpsvc)
srv:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | m] (microsoft corporation) [disabled | stopped] -- c:\program files\windows live\mesh\wlcrasvc.exe -- (wlcrasvc)
srv:64bit: - [2009/12/08 00:16:34 | 000,379,520 | ---- | m] (asustek computer inc.) [auto | running] -- c:\windows\sysnative\fbagent.exe -- (afbagent)
srv:64bit: - [2009/11/27 04:39:45 | 000,243,712 | ---- | m] (idt, inc.) [auto | running] -- c:\windows\sysnative\driverstore\filerepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (stacsv)
srv:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\program files\windows defender\mpsvc.dll -- (windefend)
srv - [2012/01/13 14:53:18 | 000,652,360 | ---- | m] (malwarebytes corporation) [auto | running] -- c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe -- (mbamservice)
srv - [2011/12/13 21:09:55 | 000,419,624 | ---- | m] (valve corporation) [on_demand | stopped] -- c:\program files (x86)\common files\steam\steamservice.exe -- (steam client service)
srv - [2011/11/23 14:15:40 | 002,118,976 | ---- | m] (tuneup software) [auto | running] -- c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe -- (tuneup.utilitiessvc)
srv - [2011/02/14 00:09:03 | 000,552,064 | ---- | m] (eset ) [auto | running] -- c:\program files (x86)\eset\nod32krn.exe -- (nod32krn)
srv - [2010/03/25 13:39:22 | 000,490,280 | ---- | m] (nero ag) [auto | running] -- c:\program files (x86)\nero\update\nasvc.exe -- (naupdate) @c:\program files (x86)
srv - [2010/03/18 13:16:28 | 000,130,384 | ---- | m] (microsoft corporation) [auto | stopped] -- c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
srv - [2009/11/10 03:20:36 | 000,096,896 | ---- | m] (asus) [auto | running] -- c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe -- (atkgfnexsrv)
srv - [2009/10/01 03:34:22 | 002,314,240 | ---- | m] (intel corporation) [auto | running] -- c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe -- (uns) intel(r)
srv - [2009/10/01 03:33:08 | 000,262,144 | ---- | m] (intel corporation) [auto | running] -- c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe -- (lms) intel(r)
srv - [2009/06/16 01:30:42 | 000,084,536 | ---- | m] (asus) [auto | running] -- c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe -- (asldrservice)
srv - [2009/06/10 22:23:09 | 000,066,384 | ---- | m] (microsoft corporation) [disabled | stopped] -- c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== driver services (safelist) ==========

drv:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | m] (malwarebytes corporation) [file_system | on_demand | running] -- c:\windows\sysnative\drivers\mbam.sys -- (mbamprotector)
drv:64bit: - [2011/11/10 04:45:30 | 010,567,680 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\atikmdag.sys -- (atikmdag)
drv:64bit: - [2011/11/10 04:45:30 | 010,567,680 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atikmdag.sys -- (amdkmdag)
drv:64bit: - [2011/11/10 03:12:44 | 000,325,632 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atikmpag.sys -- (amdkmdap)
drv:64bit: - [2011/10/19 22:23:45 | 000,272,448 | ---- | m] (dt soft ltd) [kernel | system | running] -- c:\windows\sysnative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
drv:64bit: - [2011/10/17 18:40:50 | 000,093,712 | ---- | m] (advanced micro devices) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atihdw76.sys -- (atihdaudioservice)
drv:64bit: - [2011/06/27 01:37:00 | 002,753,536 | ---- | m] (atheros communications, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\athrx.sys -- (athr)
drv:64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | m] (microsoft corporation) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\nisdrvwfp.sys -- (nisdrv)
drv:64bit: - [2011/04/26 11:07:36 | 000,557,848 | ---- | m] (intel corporation) [kernel | boot | running] -- c:\windows\sysnative\drivers\iastor.sys -- (iastor)
drv:64bit: - [2011/03/23 15:20:56 | 000,077,936 | ---- | m] (atheros communications, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\l1c62x64.sys -- (l1c)
drv:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | m] (advanced micro devices) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amdsata.sys -- (amdsata)
drv:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | m] (advanced micro devices) [kernel | boot | running] -- c:\windows\sysnative\drivers\amdxata.sys -- (amdxata)
drv:64bit: - [2011/02/14 00:09:03 | 000,146,704 | ---- | m] (eset ) [kernel | auto | running] -- c:\windows\sysnative\drivers\amon.sys -- (amon)
drv:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | m] (hewlett-packard company) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\hpsamd.sys -- (hpsamd)
drv:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\tsusbflt.sys -- (tsusbflt)
drv:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\fssfltr.sys -- (fssfltr)
drv:64bit: - [2010/01/27 03:09:02 | 000,047,632 | ---- | m] (cace technologies, inc.) [kernel | auto | running] -- c:\windows\sysnative\drivers\npf.sys -- (npf)
drv:64bit: - [2009/11/27 04:39:45 | 000,505,344 | ---- | m] (idt, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\stwrt64.sys -- (sthda)
drv:64bit: - [2009/10/15 10:23:19 | 000,117,760 | ---- | m] (elan microelectronic corp.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\etd.sys -- (etd)
drv:64bit: - [2009/09/30 02:34:31 | 000,121,872 | ---- | m] (ati technologies, inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\atihdmi.sys -- (atihdmiservice)
drv:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | m] (intel corporation) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\hecix64.sys -- (hecix64) intel(r)
drv:64bit: - [2009/08/21 07:48:17 | 000,044,032 | ---- | m] (alcor micro, corp.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amustor.sys -- (amustor)
drv:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\xusb21.sys -- (xusb21)
drv:64bit: - [2009/08/12 04:38:01 | 001,799,680 | ---- | m] () [kernel | on_demand | running] -- c:\windows\sysnative\drivers\snp2uvc.sys -- (snp2uvc) usb2.0 pc camera (snp2uvc)
drv:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | m] ( ) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\kbfiltr.sys -- (kbfiltr)
drv:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | m] (amd technologies inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amdsbs.sys -- (amdsbs)
drv:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | m] (lsi corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\lsi_sas2.sys -- (lsi_sas2)
drv:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | m] (microsoft corporation) [recognizer | boot | unknown] -- c:\windows\sysnative\drivers\fs_rec.sys -- (fs_rec)
drv:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | m] (promise technology) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\stexstor.sys -- (stexstor)
drv:64bit: - [2009/07/14 01:10:47 | 000,011,264 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\rootmdm.sys -- (rootmodem)
drv:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | m] (silicon integrated systems corp.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\sisg664.sys -- (sisgbelh)
drv:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | m] (broadcom corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\evbda.sys -- (ebdrv)

yowaambie · 10 mrt 2012

Re: Checkje.

[hjt]
otl logfile created on: 3/10/2012 8:20:18 pm - run 1
otl by oldtimer - version 3.2.36.2 folder = c:\users\mmqi\desktop
64bit- home premium edition service pack 1 (version = 6.1.7601) - type = ntworkstation
internet explorer (version = 9.0.8112.16421)
locale: 00000409 | country: nederland | language: nld | date format: d-m-yyyy

3.86 gb total physical memory | 2.28 gb available physical memory | 59.22% memory free
7.71 gb paging file | 6.07 gb available in paging file | 78.69% paging file free
paging file location(s): ?:\pagefile.sys [binary data]

%systemdrive% = c: | %systemroot% = c:\windows | %programfiles% = c:\program files (x86)
drive c: | 116.44 gb total space | 42.13 gb free space | 36.18% space free | partition type: ntfs
drive d: | 329.79 gb total space | 183.81 gb free space | 55.74% space free | partition type: ntfs

computer name: mmqi-thabi-pc | user name: mmqi | logged in as administrator.
boot mode: normal | scan mode: all users | quick scan | include 64bit scans
company name whitelist: on | skip microsoft files: on | no company name whitelist: on | file age = 30 days

========== processes (safelist) ==========

prc - [2012/03/10 20:19:06 | 000,593,920 | ---- | m] (oldtimer tools) -- c:\users\mmqi\desktop\otl.com
prc - [2012/01/13 14:53:18 | 000,652,360 | ---- | m] (malwarebytes corporation) -- c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe
prc - [2012/01/13 14:53:18 | 000,460,872 | ---- | m] (malwarebytes corporation) -- c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe
prc - [2011/04/27 08:56:10 | 000,232,896 | ---- | m] (vuze inc.) -- c:\program files (x86)\vuze\azureus.exe
prc - [2011/03/17 09:15:46 | 000,382,272 | ---- | m] (dt soft ltd) -- c:\program files (x86)\daemon tools pro\dtshellhlp.exe
prc - [2011/02/14 00:09:03 | 000,949,376 | ---- | m] (eset ) -- c:\program files (x86)\eset\nod32kui.exe
prc - [2011/02/14 00:09:03 | 000,552,064 | ---- | m] (eset ) -- c:\program files (x86)\eset\nod32krn.exe
prc - [2010/10/08 12:29:07 | 003,054,136 | ---- | m] (asus) -- c:\windows\asscrpro.exe
prc - [2010/03/25 13:39:22 | 000,490,280 | ---- | m] (nero ag) -- c:\program files (x86)\nero\update\nasvc.exe
prc - [2010/01/05 01:43:36 | 001,597,440 | ---- | m] () -- c:\program files (x86)\asus\wireless console 3\wcourier.exe
prc - [2009/11/24 21:45:36 | 000,053,888 | ---- | m] () -- c:\program files (x86)\asus\controldeck\controldeckstartup.exe
prc - [2009/11/10 03:20:36 | 000,096,896 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
prc - [2009/11/02 22:21:26 | 000,103,720 | ---- | m] (cyberlink) -- c:\program files (x86)\cyberlink\power2go\clmlsvc.exe
prc - [2009/10/27 04:29:32 | 006,998,656 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe
prc - [2009/10/01 03:34:22 | 002,314,240 | ---- | m] (intel corporation) -- c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
prc - [2009/10/01 03:33:08 | 000,262,144 | ---- | m] (intel corporation) -- c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
prc - [2009/08/20 04:31:48 | 000,170,624 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atk media\dmedia.exe
prc - [2009/08/12 20:32:56 | 000,365,936 | ---- | m] (boingo wireless, inc.) -- c:\program files (x86)\boingo\boingo wi-fi\boingo wi-fi.exe
prc - [2009/06/19 10:29:42 | 000,105,016 | ---- | m] (asus) -- c:\program files (x86)\asus\atk hotkey\hcontroluser.exe
prc - [2009/06/16 01:30:42 | 000,084,536 | ---- | m] (asus) -- c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
prc - [2009/05/18 23:58:38 | 000,305,720 | ---- | m] (asus) -- c:\program files (x86)\asus\smartlogon\sensorsrv.exe
prc - [2007/11/30 19:20:44 | 000,051,768 | ---- | m] () -- c:\program files (x86)\asus\asus live update\alu.exe

========== modules (no company name) ==========

mod - [2011/12/30 06:23:40 | 000,028,160 | ---- | m] () -- c:\users\mmqi\appdata\roaming\azureus\plugins\azutp\win32\utp.dll
mod - [2011/04/27 08:56:18 | 000,102,400 | ---- | m] () -- c:\program files (x86)\vuze\plugins\azitunes\jacob-1.14.3-x86.dll
mod - [2011/04/27 08:56:10 | 000,087,480 | ---- | m] () -- c:\program files (x86)\vuze\aereg.dll
mod - [2010/01/05 01:43:36 | 001,597,440 | ---- | m] () -- c:\program files (x86)\asus\wireless console 3\wcourier.exe
mod - [2009/11/24 21:45:36 | 000,053,888 | ---- | m] () -- c:\program files (x86)\asus\controldeck\controldeckstartup.exe
mod - [2009/11/02 22:23:36 | 000,013,096 | ---- | m] () -- c:\program files (x86)\cyberlink\power2go\clmlsvcps.dll
mod - [2009/11/02 22:20:10 | 000,619,816 | ---- | m] () -- c:\program files (x86)\cyberlink\power2go\clmedialibrary.dll
mod - [2007/11/30 19:20:44 | 000,051,768 | ---- | m] () -- c:\program files (x86)\asus\asus live update\alu.exe

========== win32 services (safelist) ==========

srv:64bit: - [2011/11/10 04:11:32 | 000,204,288 | ---- | m] (amd) [auto | running] -- c:\windows\sysnative\atiesrxx.exe -- (amd external events utility)
srv:64bit: - [2011/04/27 16:21:18 | 000,288,272 | ---- | m] (microsoft corporation) [on_demand | running] -- c:\program files\microsoft security client\antimalware\nissrv.exe -- (nissrv)
srv:64bit: - [2011/04/27 16:21:18 | 000,012,784 | ---- | m] (microsoft corporation) [auto | running] -- c:\program files\microsoft security client\antimalware\msmpeng.exe -- (msmpsvc)
srv:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | m] (microsoft corporation) [disabled | stopped] -- c:\program files\windows live\mesh\wlcrasvc.exe -- (wlcrasvc)
srv:64bit: - [2009/12/08 00:16:34 | 000,379,520 | ---- | m] (asustek computer inc.) [auto | running] -- c:\windows\sysnative\fbagent.exe -- (afbagent)
srv:64bit: - [2009/11/27 04:39:45 | 000,243,712 | ---- | m] (idt, inc.) [auto | running] -- c:\windows\sysnative\driverstore\filerepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (stacsv)
srv:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | m] (microsoft corporation) [on_demand | stopped] -- c:\program files\windows defender\mpsvc.dll -- (windefend)
srv - [2012/01/13 14:53:18 | 000,652,360 | ---- | m] (malwarebytes corporation) [auto | running] -- c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe -- (mbamservice)
srv - [2011/12/13 21:09:55 | 000,419,624 | ---- | m] (valve corporation) [on_demand | stopped] -- c:\program files (x86)\common files\steam\steamservice.exe -- (steam client service)
srv - [2011/11/23 14:15:40 | 002,118,976 | ---- | m] (tuneup software) [auto | running] -- c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe -- (tuneup.utilitiessvc)
srv - [2011/02/14 00:09:03 | 000,552,064 | ---- | m] (eset ) [auto | running] -- c:\program files (x86)\eset\nod32krn.exe -- (nod32krn)
srv - [2010/03/25 13:39:22 | 000,490,280 | ---- | m] (nero ag) [auto | running] -- c:\program files (x86)\nero\update\nasvc.exe -- (naupdate) @c:\program files (x86)
srv - [2010/03/18 13:16:28 | 000,130,384 | ---- | m] (microsoft corporation) [auto | stopped] -- c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
srv - [2009/11/10 03:20:36 | 000,096,896 | ---- | m] (asus) [auto | running] -- c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe -- (atkgfnexsrv)
srv - [2009/10/01 03:34:22 | 002,314,240 | ---- | m] (intel corporation) [auto | running] -- c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe -- (uns) intel(r)
srv - [2009/10/01 03:33:08 | 000,262,144 | ---- | m] (intel corporation) [auto | running] -- c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe -- (lms) intel(r)
srv - [2009/06/16 01:30:42 | 000,084,536 | ---- | m] (asus) [auto | running] -- c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe -- (asldrservice)
srv - [2009/06/10 22:23:09 | 000,066,384 | ---- | m] (microsoft corporation) [disabled | stopped] -- c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== driver services (safelist) ==========

drv:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | m] (malwarebytes corporation) [file_system | on_demand | running] -- c:\windows\sysnative\drivers\mbam.sys -- (mbamprotector)
drv:64bit: - [2011/11/10 04:45:30 | 010,567,680 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\atikmdag.sys -- (atikmdag)
drv:64bit: - [2011/11/10 04:45:30 | 010,567,680 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atikmdag.sys -- (amdkmdag)
drv:64bit: - [2011/11/10 03:12:44 | 000,325,632 | ---- | m] (advanced micro devices, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atikmpag.sys -- (amdkmdap)
drv:64bit: - [2011/10/19 22:23:45 | 000,272,448 | ---- | m] (dt soft ltd) [kernel | system | running] -- c:\windows\sysnative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
drv:64bit: - [2011/10/17 18:40:50 | 000,093,712 | ---- | m] (advanced micro devices) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atihdw76.sys -- (atihdaudioservice)
drv:64bit: - [2011/06/27 01:37:00 | 002,753,536 | ---- | m] (atheros communications, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\athrx.sys -- (athr)
drv:64bit: - [2011/04/27 14:25:24 | 000,084,864 | ---- | m] (microsoft corporation) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\nisdrvwfp.sys -- (nisdrv)
drv:64bit: - [2011/04/26 11:07:36 | 000,557,848 | ---- | m] (intel corporation) [kernel | boot | running] -- c:\windows\sysnative\drivers\iastor.sys -- (iastor)
drv:64bit: - [2011/03/23 15:20:56 | 000,077,936 | ---- | m] (atheros communications, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\l1c62x64.sys -- (l1c)
drv:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | m] (advanced micro devices) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amdsata.sys -- (amdsata)
drv:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | m] (advanced micro devices) [kernel | boot | running] -- c:\windows\sysnative\drivers\amdxata.sys -- (amdxata)
drv:64bit: - [2011/02/14 00:09:03 | 000,146,704 | ---- | m] (eset ) [kernel | auto | running] -- c:\windows\sysnative\drivers\amon.sys -- (amon)
drv:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | m] (hewlett-packard company) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\hpsamd.sys -- (hpsamd)
drv:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\tsusbflt.sys -- (tsusbflt)
drv:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\fssfltr.sys -- (fssfltr)
drv:64bit: - [2010/01/27 03:09:02 | 000,047,632 | ---- | m] (cace technologies, inc.) [kernel | auto | running] -- c:\windows\sysnative\drivers\npf.sys -- (npf)
drv:64bit: - [2009/11/27 04:39:45 | 000,505,344 | ---- | m] (idt, inc.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\stwrt64.sys -- (sthda)
drv:64bit: - [2009/10/15 10:23:19 | 000,117,760 | ---- | m] (elan microelectronic corp.) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\etd.sys -- (etd)
drv:64bit: - [2009/09/30 02:34:31 | 000,121,872 | ---- | m] (ati technologies, inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\atihdmi.sys -- (atihdmiservice)
drv:64bit: - [2009/09/17 20:54:54 | 000,056,344 | ---- | m] (intel corporation) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\hecix64.sys -- (hecix64) intel(r)
drv:64bit: - [2009/08/21 07:48:17 | 000,044,032 | ---- | m] (alcor micro, corp.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amustor.sys -- (amustor)
drv:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\xusb21.sys -- (xusb21)
drv:64bit: - [2009/08/12 04:38:01 | 001,799,680 | ---- | m] () [kernel | on_demand | running] -- c:\windows\sysnative\drivers\snp2uvc.sys -- (snp2uvc) usb2.0 pc camera (snp2uvc)
drv:64bit: - [2009/07/20 10:29:39 | 000,015,416 | ---- | m] ( ) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\kbfiltr.sys -- (kbfiltr)
drv:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | m] (amd technologies inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\amdsbs.sys -- (amdsbs)
drv:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | m] (lsi corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\lsi_sas2.sys -- (lsi_sas2)
drv:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | m] (microsoft corporation) [recognizer | boot | unknown] -- c:\windows\sysnative\drivers\fs_rec.sys -- (fs_rec)
drv:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | m] (promise technology) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\stexstor.sys -- (stexstor)
drv:64bit: - [2009/07/14 01:10:47 | 000,011,264 | ---- | m] (microsoft corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\rootmdm.sys -- (rootmodem)
drv:64bit: - [2009/06/10 21:35:57 | 000,056,832 | ---- | m] (silicon integrated systems corp.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\sisg664.sys -- (sisgbelh)
drv:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | m] (broadcom corporation) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\evbda.sys -- (ebdrv)

---------- Bericht toegevoegd om 20:22 ---------- Vorige bericht geplaatst om 20:22 ----------

\sysnative\drivers\[/color]b57nd60a.sys -- (b57nd60a)
drv:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | m] (hauppauge computer works, inc.) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\hcw85cir.sys -- (hcw85cir)
drv:64bit: - [2009/05/13 17:07:20 | 000,015,928 | ---- | m] (asus) [kernel | on_demand | running] -- c:\windows\sysnative\drivers\atk64amd.sys -- (mtsensor)
drv:64bit: - [2009/01/09 16:02:08 | 000,031,744 | ---- | m] (research in motion ltd) [kernel | on_demand | stopped] -- c:\windows\sysnative\drivers\rimserial_amd64.sys -- (rimvserport)
drv:64bit: - [2008/05/24 01:27:28 | 000,154,168 | ---- | m] (microsoft corporation) [file_system | on_demand | stopped] -- c:\windows\sysnative\drivers\wimfltr.sys -- (wimfltr)
drv - [2011/12/30 19:05:12 | 000,021,712 | ---- | m] (phoenix technologies) [kernel | on_demand | stopped] -- c:\windows\syswow64\drivers\drvagent64.sys -- (drvagent64)
drv - [2011/11/09 09:21:18 | 000,011,856 | ---- | m] (tuneup software) [kernel | on_demand | running] -- c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesdriver64.sys -- (tuneuputilitiesdrv)
drv - [2009/07/14 02:19:10 | 000,019,008 | ---- | m] (microsoft corporation) [file_system | on_demand | stopped] -- c:\windows\syswow64\drivers\wimmount.sys -- (wimmount)
drv - [2009/07/03 01:36:14 | 000,015,416 | ---- | m] (asus) [kernel | auto | running] -- c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys -- (asmmap64)

========== standard registry (safelist) ==========

========== internet explorer ==========

ie:64bit: - hklm\..\searchscopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ie:64bit: - hklm\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = [noparse]http://www.bing.com/search?q={searchterms}&form=asutdf&pc=maau&src=ie-searchbox[/noparse]
ie:64bit: - hklm\..\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}: "url" = [noparse]http://www.google.com/search?q={searchterms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputencoding}&oe={outputencoding}&sourceid=ie7[/noparse]
ie - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
ie - hklm\..\searchscopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ie - hklm\..\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}: "url" = [noparse]http://www.bing.com/search?q={searchterms}&form=asutdf&pc=maau&src=ie-searchbox[/noparse]
ie - hklm\..\searchscopes\{67a2568c-7a0a-4eed-aecc-b5405de63b64}: "url" = [noparse]http://www.google.com/search?sourceid=ie7&q={searchterms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputencoding}&oe={outputencoding}&rlz=1i7asut[/noparse]
ie - hklm\..\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}: "url" = [noparse]http://www.google.com/search?q={searchterms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputencoding}&oe={outputencoding}&sourceid=ie7[/noparse]

ie - hku\.default\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0

ie - hku\s-1-5-18\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0

ie - hku\s-1-5-21-184446441-2391753829-3075136764-1004\software\microsoft\internet explorer\main,default_page_url = [noparse]http://asus.msn.com[/noparse]
ie - hku\s-1-5-21-184446441-2391753829-3075136764-1004\software\microsoft\internet explorer\main,start page = [noparse]http://asus.msn.com[/noparse]
ie - hku\s-1-5-21-184446441-2391753829-3075136764-1004\..\searchscopes,defaultscope = {e5990ebf-d6b9-48b9-9a1d-7db9501871d8}
ie - hku\s-1-5-21-184446441-2391753829-3075136764-1004\..\searchscopes\{e5990ebf-d6b9-48b9-9a1d-7db9501871d8}: "url" = [noparse]http://nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchterms}[/noparse]
ie - hku\s-1-5-21-184446441-2391753829-3075136764-1004\software\microsoft\windows\currentversion\internet settings: "proxyenable" = 0

========== firefox ==========

ff - prefs.js..browser.search.defaultenginename: "yahoo"
ff - prefs.js..browser.search.defaulturl: "[noparse]http://go.mail.ru/search?fr=fftb&utf8in&q="[/noparse]
ff - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
ff - prefs.js..browser.search.selectedengine: "yahoo"
ff - prefs.js..browser.search.usedbfororder: true
ff - prefs.js..keyword.url: "[noparse]http://go.mail.ru/search?utf8in=1&fr=fftbufix&q="[/noparse]
ff - prefs.js..network.proxy.type: 0

ff:64bit: - hklm\software\mozillaplugins\@adobe.com/flashplayer: c:\windows\system32\macromed\flash\npswf64_11_1_102.dll file not found
ff:64bit: - hklm\software\mozillaplugins\@microsoft.com/genuine: disabled file not found
ff:64bit: - hklm\software\mozillaplugins\@microsoft.com/npctrl,version=1.0: c:\program files\microsoft silverlight\5.0.61118.0\npctrl.dll ( microsoft corporation)
ff:64bit: - hklm\software\mozillaplugins\@microsoft.com/officeauthz,version=14.0: c:\progra~1\micros~2\office14\npauthz.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@adobe.com/flashplayer: c:\windows\syswow64\macromed\flash\npswf32.dll ()
ff - hklm\software\mozillaplugins\@adobe.com/shockwaveplayer: c:\windows\system32\adobe\director\np32dsw.dll (adobe systems, inc.)
ff - hklm\software\mozillaplugins\@divx.com/divx browser plugin,version=1.0.0: c:\program files (x86)\divx\divx plus web player\npdivx32.dll (divx,inc.)
ff - hklm\software\mozillaplugins\@divx.com/divx vod helper,version=1.0.0: c:\program files (x86)\divx\divx ovs helper\npovshelper.dll (divx, llc.)
ff - hklm\software\mozillaplugins\@esn.me/esnsonar,version=0.70.4: c:\program files (x86)\battlelog web plugins\sonar\0.70.4\npesnsonar.dll (esn social software ab)
ff - hklm\software\mozillaplugins\@esn/esnlaunch,version=1.104.0: c:\program files (x86)\battlelog web plugins\1.104.0\npesnlaunch.dll (esn social software ab)
ff - hklm\software\mozillaplugins\@foxitsoftware.com/foxit reader plugin,version=1.0,application/pdf: c:\program files (x86)\foxit software\foxit reader\plugins\npfoxitreaderplugin.dll (foxit corporation)
ff - hklm\software\mozillaplugins\@java.com/javaplugin: c:\program files (x86)\java\jre6\bin\new_plugin\npjp2.dll (sun microsystems, inc.)
ff - hklm\software\mozillaplugins\@microsoft.com/genuine: disabled file not found
ff - hklm\software\mozillaplugins\@microsoft.com/npctrl,version=1.0: c:\program files (x86)\microsoft silverlight\5.0.61118.0\npctrl.dll ( microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/officeauthz,version=14.0: c:\progra~2\micros~1\office14\npauthz.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/sharepoint,version=14.0: c:\progra~2\micros~1\office14\npspwrap.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/wlpg,version=15.4.3502.0922: c:\program files (x86)\windows live\photo gallery\npwlpg.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/wlpg,version=15.4.3508.1109: c:\program files (x86)\windows live\photo gallery\npwlpg.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@microsoft.com/wlpg,version=15.4.3538.0513: c:\program files (x86)\windows live\photo gallery\npwlpg.dll (microsoft corporation)
ff - hklm\software\mozillaplugins\@tools.google.com/google update;version=3: c:\program files (x86)\google\update\1.3.21.57\npgoogleupdate3.dll (google inc.)
ff - hklm\software\mozillaplugins\@tools.google.com/google update;version=9: c:\program files (x86)\google\update\1.3.21.57\npgoogleupdate3.dll (google inc.)
ff - hklm\software\mozillaplugins\adobe reader: c:\program files (x86)\adobe\reader 9.0\reader\air\nppdf32.dll (adobe systems inc.)

ff - hkey_local_machine\software\mozilla\mozilla firefox 10.0.2\extensions\\components: c:\program files (x86)\mozilla firefox\components [2012/02/18 13:57:53 | 000,000,000 | ---d | m]
ff - hkey_local_machine\software\mozilla\mozilla firefox 10.0.2\extensions\\plugins: c:\program files (x86)\mozilla firefox\plugins [2011/11/14 23:37:56 | 000,000,000 | ---d | m]

[2011/12/23 22:27:39 | 000,000,000 | ---d | m] (no name found) -- c:\users\mmqi\appdata\roaming\mozilla\extensions
[2012/02/18 15:08:11 | 000,000,000 | ---d | m] (no name found) -- c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\extensions
[2012/01/27 01:22:24 | 000,000,000 | ---d | m] (ƒ‚ @mail.ru) -- c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\extensions\{37964a3c-4ee8-47b1-8321-34de2c39ba4d}
[2012/02/18 15:08:11 | 000,000,000 | ---d | m] ("free youtube download (free studio) menu") -- c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
[2012/01/27 01:22:29 | 000,001,533 | ---- | m] () -- c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\searchplugins\mailru---.xml
[2012/01/07 19:21:40 | 000,000,000 | ---d | m] (no name found) -- c:\program files (x86)\mozilla firefox\extensions
[2011/12/11 23:28:39 | 000,000,000 | ---d | m] (skype click to call) -- c:\program files (x86)\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}
[2012/02/07 17:56:03 | 000,000,000 | ---d | m] (widgi toolbar platform) -- c:\program files (x86)\common files\spigot\wtxpcom
[2012/02/07 17:56:03 | 000,000,000 | ---d | m] (youtube downloader toolbar) -- c:\program files (x86)\youtube downloader toolbar\ff
() (no name found) -- c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/02/18 13:57:53 | 000,134,104 | ---- | m] (mozilla foundation) -- c:\program files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | m] (sun microsystems, inc.) -- c:\program files (x86)\mozilla firefox\plugins\npdeployjava1.dll
[2012/02/12 23:45:25 | 000,002,252 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/12 23:45:25 | 000,001,892 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/02/12 23:45:25 | 000,004,558 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012/02/12 23:45:25 | 000,001,049 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml
[2011/03/19 10:56:24 | 000,001,106 | ---- | m] () -- c:\program files (x86)\mozilla firefox\searchplugins\yahoo-nl.xml

o1 hosts file: ([2011/12/04 23:13:48 | 000,001,173 | ---- | m]) - c:\windows\sysnative\drivers\etc\hosts

o1 - hosts: 255.255.255.255 easyanticheat.se # misleading site
o1 - hosts: 255.255.255.255 www.easyanticheat.se # misleading site
o1 - hosts: 255.255.255.255 easyanticheat.com # misleading site
o1 - hosts: 255.255.255.255 www.easyanticheat.com # misleading site
o1 - hosts: 255.255.255.255 easyanticheat.org # misleading site
o1 - hosts: 255.255.255.255 www.easyanticheat.org # misleading site
o2 - bho: (altergeobho class) - {9bfba68e-e21b-458e-ae12-fe85e903d2c1} - c:\program files (x86)\altergeo\altergeo magic scanner\3.2.1.742\altergeo.browserplugin.dll (wi2geo)
o2 - bho: (skype browser helper) - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o3:64bit: - hklm\..\toolbar: (no name) - locked - no clsid value found.
o4:64bit: - hklm..\run: [amicosinglun64] c:\program files (x86)\amicosinglun\amicosinglun64.exe (alcormicro co., ltd.)
o4:64bit: - hklm..\run: [etdware] c:\program files\elantech\etdctrl.exe (elan microelectronic corp.)
o4:64bit: - hklm..\run: [msc] c:\program files\microsoft security client\msseces.exe (microsoft corporation)
o4:64bit: - hklm..\run: [systrayapp] c:\program files\idt\wdm\sttray64.exe (idt, inc.)
o4 - hklm..\run: [] file not found
o4 - hklm..\run: [asuswebstorage] c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe (ecareme)
o4 - hklm..\run: [atkmedia] c:\program files (x86)\asus\atk package\atk media\dmedia.exe (asus)
o4 - hklm..\run: [atkosd2] c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe (asus)
o4 - hklm..\run: [boingo wi-fi] c:\program files (x86)\boingo\boingo wi-fi\boingo.lnk ()
o4 - hklm..\run: [clmlserver] c:\program files (x86)\cyberlink\power2go\clmlsvc.exe (cyberlink)
o4 - hklm..\run: [hcontroluser] c:\program files (x86)\asus\atk hotkey\hcontroluser.exe (asus)
o4 - hklm..\run: [malwarebytes' anti-malware] c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe (malwarebytes corporation)
o4 - hklm..\run: [nbagent] d:\programmas\nero\nero backitup\nbagent.exe (nero ag)
o4 - hklm..\run: [nod32kui] c:\program files (x86)\eset\nod32kui.exe (eset )
o4 - hklm..\run: [startccc] c:\program files (x86)\atinew\ati.ace\core-static\clistart.exe (advanced micro devices, inc.)
o4 - hklm..\run: [updatelbpshortcut] c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe (cyberlink corp.)
o4 - hklm..\run: [updatep2goshortcut] c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe (cyberlink corp.)
o4 - hku\s-1-5-19..\run: [sidebar] c:\program files (x86)\windows sidebar\sidebar.exe (microsoft corporation)
o4 - hku\s-1-5-20..\run: [sidebar] c:\program files (x86)\windows sidebar\sidebar.exe (microsoft corporation)
o4 - hku\s-1-5-19..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe file not found
o4 - hku\s-1-5-20..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe file not found
o4 - startup: c:\users\mmqi-thabi\appdata\roaming\microsoft\windows\start menu\programs\startup\battery doubler.lnk = c:\program files (x86)\dachshund software\battery doubler\battery doubler.exe ()
o6 - hklm\software\microsoft\windows\currentversion\policies\explorer: noactivedesktop = 1
o6 - hklm\software\microsoft\windows\currentversion\policies\explorer: noactivedesktopchanges = 1
o6 - hklm\software\microsoft\windows\currentversion\policies\system: consentpromptbehavioradmin = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: consentpromptbehavioruser = 3
o6 - hklm\software\microsoft\windows\currentversion\policies\system: enablelua = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: promptonsecuredesktop = 0
o6 - hklm\software\microsoft\windows\currentversion\policies\system: enablelinkedconnections = 1
o8:64bit: - extra context menu item: free youtube download - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm ()
o8:64bit: - extra context menu item: free youtube to mp3 converter - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm ()
o8 - extra context menu item: free youtube download - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm ()
o8 - extra context menu item: free youtube to mp3 converter - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm ()
o9 - extra button: pokerstars - {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files (x86)\pokerstars\pokerstarsupdate.exe (pokerstars)
o9 - extra button: skype click to call - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o9 - extra 'tools' menuitem : skype click to call - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)
o10:64bit: - protocol_catalog9\catalog_entries64\000000000001 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000002 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000003 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000004 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000005 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000006 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000007 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000008 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000009 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000010 - c:\windows\sysnative\imon.dll (eset )
o10:64bit: - protocol_catalog9\catalog_entries64\000000000021 - c:\windows\sysnative\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000001 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000002 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000003 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000004 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000005 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000006 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000007 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000008 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000009 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000010 - c:\windows\syswow64\imon.dll (eset )
o10 - protocol_catalog9\catalog_entries\000000000021 - c:\windows\syswow64\imon.dll (eset )
o1364bit: - gopher prefix: missing
o13 - gopher prefix: missing
o16 - dpf: {8ad9c840-044e-11d1-b3e9-00805f499d93} [noparse]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/noparse] (java plug-in 1.6.0_29)
o16 - dpf: {cafeefac-0016-0000-0029-abcdeffedcba} [noparse]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/noparse] (java plug-in 1.6.0_29)
o16 - dpf: {cafeefac-ffff-ffff-ffff-abcdeffedcba} [noparse]http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab[/noparse] (java plug-in 1.6.0_29)
o17 - hklm\system\ccs\services\tcpip\parameters: dhcpnameserver = 192.168.1.254
o17 - hklm\system\ccs\services\tcpip\parameters\interfaces\{124c82cd-c850-45b7-9d70-fed761c1dc2a}: dhcpnameserver = 192.168.1.254
o18:64bit: - protocol\handler\livecall - no clsid value found
o18:64bit: - protocol\handler\msnim - no clsid value found
o18:64bit: - protocol\handler\skype-ie-addon-data - no clsid value found
o18:64bit: - protocol\handler\wlmailhtml - no clsid value found
o18:64bit: - protocol\handler\wlpg - no clsid value found
o18 - protocol\handler\ms-help - no clsid value found
o18 - protocol\handler\skype-ie-addon-data {91774881-d725-4e58-b298-07617b9b86a8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll (skype technologies s.a.)

yowaambie · 10 mrt 2012

Re: Checkje.

o20:64bit: - hklm winlogon: shell - (explorer.exe) - c:\windows\explorer.exe (microsoft corporation)
o20:64bit: - hklm winlogon: userinit - (c:\windows\system32\userinit.exe) - c:\windows\sysnative\userinit.exe (microsoft corporation)
o20:64bit: - hklm winlogon: vmapplet - (systempropertiesperformance.exe) - c:\windows\sysnative\systempropertiesperformance.exe (microsoft corporation)
o20:64bit: - hklm winlogon: vmapplet - (/pagefile) - file not found
o20 - hklm winlogon: shell - (explorer.exe) - c:\windows\syswow64\explorer.exe (microsoft corporation)
o20 - hklm winlogon: userinit - (userinit.exe) - c:\windows\syswow64\userinit.exe (microsoft corporation)
o20 - hklm winlogon: vmapplet - (/pagefile) - file not found
o21:64bit: - ssodl: webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - no clsid value found.
o21 - ssodl: webcheck - {e6fb5e20-de35-11cf-9c87-00aa005127ed} - no clsid value found.
o32 - hklm cdrom: autorun - 1
o34 - hklm bootexecute: (autocheck autochk *)
o35:64bit: - hklm\..comfile [open] -- "%1" %*
o35:64bit: - hklm\..exefile [open] -- "%1" %*
o35 - hklm\..comfile [open] -- "%1" %*
o35 - hklm\..exefile [open] -- "%1" %*
o37:64bit: - hklm\...com [@ = comfile] -- "%1" %*
o37:64bit: - hklm\...exe [@ = exefile] -- "%1" %*
o37 - hklm\...com [@ = comfile] -- "%1" %*
o37 - hklm\...exe [@ = exefile] -- "%1" %*

========== files/folders - created within 30 days ==========

[2012/03/10 20:19:02 | 000,593,920 | ---- | c] (oldtimer tools) -- c:\users\mmqi\desktop\otl.com
[2012/03/10 19:10:41 | 000,607,260 | r--- | c] (swearware) -- c:\users\mmqi\desktop\dds.com
[2012/03/10 19:08:49 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{2c76356f-6fd8-4967-94d8-4dcb0fe08b93}
[2012/03/10 19:08:36 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{14e75e92-fb6f-4366-aed0-39404663e7ae}
[2012/03/10 19:02:24 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{b9362429-9f07-4a13-990a-7d61c4bbf379}
[2012/03/10 19:02:14 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{801b5eff-a524-4dc6-8890-39419502a625}
[2012/03/09 16:37:07 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\microsoft silverlight
[2012/03/09 16:36:54 | 000,000,000 | ---d | c] -- c:\program files\microsoft silverlight
[2012/03/09 16:36:54 | 000,000,000 | ---d | c] -- c:\program files (x86)\microsoft silverlight
[2012/03/09 16:36:31 | 000,000,000 | -hsd | c] -- c:\config.msi
[2012/03/07 12:52:47 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{2c95af0b-b565-40c4-b498-166dcad77e17}
[2012/03/07 00:52:25 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{97bf66f9-682c-4a6b-b351-3271ce3a76ce}
[2012/03/06 12:52:03 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{23f086e7-9dda-4380-b64d-e1d15e4cbf30}
[2012/03/06 00:51:38 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{c53a4eae-6d22-4f8e-9c06-ee80dd6a2176}
[2012/03/06 00:51:27 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{b72a5b6a-714b-43d6-9bdf-f23450eabe20}
[2012/03/05 12:45:06 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{c9310b38-6eeb-4ad2-8869-558044f71eab}
[2012/03/05 00:44:42 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{5163e4c2-059f-4cab-9c94-85247030795c}
[2012/03/05 00:44:29 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{362d3dc6-01d5-43d6-98e1-4896751eb38b}
[2012/03/03 13:39:57 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{4b70b0b9-8fa6-4676-a58c-c5e7cd41aa8f}
[2012/03/03 13:39:46 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{0772c43f-ba35-4354-8ccf-ae8c2c74c241}
[2012/03/03 12:00:08 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\roaming\malwarebytes
[2012/03/03 01:39:20 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{9a87356b-c1cd-4951-b71d-08ae6d264d0d}
[2012/03/03 01:39:10 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{3d1d3348-3dc6-4f5a-9960-5f7eb6c19b3c}
[2012/03/01 15:34:12 | 000,000,000 | ---d | c] -- c:\rbackup
[2012/03/01 15:18:24 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\perfect uninstaller
[2012/03/01 15:18:16 | 000,000,000 | ---d | c] -- c:\program files\perfect uninstaller
[2012/03/01 14:39:15 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{55405d9d-0e5c-4abb-9068-67420dc34c05}
[2012/03/01 14:39:05 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{5cf94ba9-f862-43cc-b05b-303ecdd89aa1}
[2012/03/01 00:37:34 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{856abe75-084c-41bc-88f0-e0d395ac8bf7}
[2012/03/01 00:37:24 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{7d81622e-cdf7-4289-8e41-885d56566dec}
[2012/02/29 02:18:43 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{c170af36-145a-402c-b1b3-1e9ff8ff77b9}
[2012/02/28 14:18:21 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{735f4667-3b22-4241-a436-ab5bb35498f3}
[2012/02/28 02:17:59 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{37bbe140-e7c3-435d-ba5c-366c67ae3c5f}
[2012/02/27 14:17:38 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{145787de-1014-438d-b23f-9b5bf2bde186}
[2012/02/27 02:17:16 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{b7a25859-7a5f-47f9-8325-b12eb5aee928}
[2012/02/27 01:29:08 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\foxit reader 5.1
[2012/02/26 14:16:54 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{ff70beb8-faa7-408b-b30e-15a92254fa1d}
[2012/02/26 14:16:44 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{ef6f17a0-38dc-486b-9cde-34c6fb8918f7}
[2012/02/24 03:24:48 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{6e9e3953-8620-449f-9cba-ee1884d6215f}
[2012/02/24 03:24:38 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{9b8e7407-6456-452a-8ed7-2b26b04c3ec4}
[2012/02/23 15:24:14 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{7c172d61-94d6-4722-8881-03bf0de138ef}
[2012/02/23 15:24:03 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{a1d7986f-c20a-4304-a6f9-9674847835c0}
[2012/02/23 03:23:51 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{4e1f8ac8-edab-419e-aa22-087d967ec28a}
[2012/02/23 03:23:40 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{c1606e8f-3078-46dc-9443-a64a50d4c485}
[2012/02/23 00:24:29 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\roaming\dvdcss
[2012/02/22 15:23:11 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{87ab1ac6-2e5e-4cc5-8e01-01ec133701e4}
[2012/02/22 15:23:00 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{a60689e0-1c61-457a-818d-ce9a93d10408}
[2012/02/22 02:49:37 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{b1755713-2a8e-4103-858e-1e9be410041f}
[2012/02/22 02:49:27 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{375c9c7b-bd46-46ff-aea6-7c63fa0ec4e6}
[2012/02/21 16:24:31 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\pokerstars
[2012/02/21 14:49:03 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{a2a9c614-e2c7-4371-9ef9-bfde67718da8}
[2012/02/21 02:48:41 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{42b7e8c5-6489-48ec-bc4a-65a985a551bd}
[2012/02/21 02:48:30 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{7c7c59f8-c340-4109-ad31-53c3207390e7}
[2012/02/20 14:48:03 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{42644de7-072b-4a15-8bd6-22441320ec32}
[2012/02/20 14:47:52 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{a882149e-fff0-4cf2-b7f9-b6f61f3ae509}
[2012/02/20 02:33:32 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{02e839c3-f3da-4688-90c1-0f2d5f3b5cde}
[2012/02/19 14:33:09 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{a9150f2b-56c2-4c20-95e6-a2777b3bb3bc}
[2012/02/19 02:32:46 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{e33082c8-bf02-4bf1-8ee2-89b715034acb}
[2012/02/18 21:58:31 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\pokerstars
[2012/02/18 21:58:08 | 000,000,000 | ---d | c] -- c:\program files (x86)\pokerstars
[2012/02/18 15:08:15 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\roaming\dvdvideosoft
[2012/02/18 15:08:11 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers
[2012/02/18 15:08:08 | 000,000,000 | ---d | c] -- c:\programdata\microsoft\windows\start menu\programs\dvdvideosoft
[2012/02/18 15:07:52 | 000,000,000 | ---d | c] -- c:\users\mmqi\documents\dvdvideosoft
[2012/02/18 15:07:52 | 000,000,000 | ---d | c] -- c:\program files (x86)\dvdvideosoft
[2012/02/18 15:07:52 | 000,000,000 | ---d | c] -- c:\program files (x86)\common files\dvdvideosoft
[2012/02/18 14:32:23 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{7fdcc67c-f058-4f8e-9a0b-7862865c3aa1}
[2012/02/18 14:32:13 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{f127ce15-5dc8-4159-88c4-d1faf579e471}
[2012/02/18 02:31:47 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{f3437ded-9736-42b0-abbc-723058c89c02}
[2012/02/18 02:31:37 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{f8e004cd-57bb-4922-aca7-6e0e94663e75}
[2012/02/16 17:09:25 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{546b83f9-99d3-44e8-82a1-6819117427c9}
[2012/02/16 05:09:04 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{3edf660b-5219-48fc-b6e0-c14297a8fab0}
[2012/02/15 17:08:39 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{1be8749c-a746-423f-b5e3-f80aa91a4793}
[2012/02/15 17:08:29 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{f6bcf2be-7b21-4ad2-bc7e-283179494842}
[2012/02/15 04:45:28 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{7f576feb-8b58-4675-85b9-4c32dbd68ee7}
[2012/02/14 16:45:06 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{76bee51e-277e-413a-a56c-4d909a589624}
[2012/02/13 23:37:41 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{4dcd176a-396f-453d-ac36-e2a1c90e59a3}
[2012/02/13 11:37:18 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{6946e2a2-5da3-428b-8510-5b8a2c57964a}
[2012/02/12 23:36:56 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{b9aff372-58ee-4505-862c-2c7203d8be0b}
[2012/02/12 11:36:34 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{d6cf92c5-3b00-4c84-9e7c-b01aa6f6ce13}
[2012/02/11 23:36:12 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{fa19548d-9364-42f1-b9d9-8fb81fa3b3a6}
[2012/02/11 11:35:49 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{6f28f87a-02e9-44fa-9dd8-f6462c71b087}
[2012/02/10 21:50:25 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{2464feab-74c2-4caa-966f-7e68c91f6b5d}
[2012/02/10 09:50:03 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{8dd0a6b1-d0ca-434b-876d-b3979927f22c}
[2012/02/09 21:49:39 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{40ed9dd8-1b62-4068-968c-04a180f4636e}
[2012/02/09 21:49:29 | 000,000,000 | ---d | c] -- c:\users\mmqi\appdata\local\{269f6399-5960-448d-95ff-036c6a4d1c0c}
[2011/11/10 20:01:28 | 000,159,744 | ---- | c] (advanced micro devices, inc.) -- c:\program files (x86)\atiapfxx.exe
[2011/11/10 20:01:24 | 000,004,096 | ---- | c] (advanced micro devices, inc.) -- c:\program files (x86)\version.dll
[2010/12/07 20:39:08 | 003,056,008 | ---- | c] (ask) -- c:\program files (x86)\common files\asktoolbarinstaller.exe

========== files - modified within 30 days ==========

[2012/03/10 20:24:20 | 000,010,240 | -h-- | m] () -- c:\windows\sysnative\7b296fb0-376b-497e-b012-9c450e1b7327-5p-1.c7483456-a289-439d-8115-601632d005a0
[2012/03/10 20:24:20 | 000,010,240 | -h-- | m] () -- c:\windows\sysnative\7b296fb0-376b-497e-b012-9c450e1b7327-5p-0.c7483456-a289-439d-8115-601632d005a0
[2012/03/10 20:19:06 | 000,593,920 | ---- | m] (oldtimer tools) -- c:\users\mmqi\desktop\otl.com
[2012/03/10 20:16:43 | 000,001,066 | ---- | m] () -- c:\windows\tasks\googleupdatetaskmachinecore.job
[2012/03/10 20:16:24 | 000,067,584 | --s- | m] () -- c:\windows\bootstat.dat
[2012/03/10 19:38:00 | 000,001,070 | ---- | m] () -- c:\windows\tasks\googleupdatetaskmachineua.job
[2012/03/10 19:10:44 | 000,607,260 | r--- | m] (swearware) -- c:\users\mmqi\desktop\dds.com
[2012/03/03 14:02:58 | 001,578,666 | ---- | m] () -- c:\windows\sysnative\perfstringbackup.ini
[2012/03/03 14:02:58 | 000,703,898 | ---- | m] () -- c:\windows\sysnative\perfh013.dat
[2012/03/03 14:02:58 | 000,618,342 | ---- | m] () -- c:\windows\sysnative\perfh009.dat
[2012/03/03 14:02:58 | 000,134,798 | ---- | m] () -- c:\windows\sysnative\perfc013.dat
[2012/03/03 14:02:58 | 000,107,622 | ---- | m] () -- c:\windows\sysnative\perfc009.dat
[2012/03/02 01:14:28 | 000,001,466 | ---- | m] () -- c:\users\public\desktop\aangifte inkomstenbelasting 2008.lnk
[2012/03/01 15:36:09 | 000,001,168 | ---- | m] () -- c:\users\public\desktop\malwarebytes anti-malware.lnk
[2012/03/01 15:18:30 | 000,000,042 | ---- | m] () -- c:\windows\syswow64\ak083e209605e394c.lie
[2012/02/27 01:29:09 | 000,001,209 | ---- | m] () -- c:\users\mmqi\application data\microsoft\internet explorer\quick launch\foxit reader 5.1.lnk
[2012/02/27 01:29:09 | 000,001,185 | ---- | m] () -- c:\users\public\desktop\foxit reader 5.1.lnk
[2012/02/21 16:24:31 | 000,001,144 | ---- | m] () -- c:\users\mmqi\application data\microsoft\internet explorer\quick launch\pokerstars.lnk
[2012/02/21 16:24:31 | 000,001,120 | ---- | m] () -- c:\users\public\desktop\pokerstars.lnk
[2012/02/18 15:11:34 | 000,001,298 | ---- | m] () -- c:\users\mmqi\desktop\dvdvideosoft free studio.lnk
[2012/02/18 15:11:33 | 000,001,457 | ---- | m] () -- c:\users\mmqi\desktop\free youtube to mp3 converter.lnk
[2012/02/18 15:08:08 | 000,001,371 | ---- | m] () -- c:\users\mmqi\desktop\free youtube download.lnk
[2012/02/18 15:03:52 | 024,825,329 | ---- | m] () -- c:\users\mmqi\documents\qadir - nickname [ lyrics ].mp4
[2012/02/18 03:17:17 | 000,414,632 | ---- | m] () -- c:\windows\sysnative\fntcache.dat
[2012/02/09 21:49:28 | 000,001,484 | ---- | m] () -- c:\users\mmqi\application data\microsoft\internet explorer\quick launch\launch internet explorer browser.lnk
[2012/02/09 21:47:34 | 000,002,109 | ---- | m] () -- c:\windows\sysnative\autorunfilter.ini
[2012/02/09 21:47:25 | 000,001,342 | ---- | m] () -- c:\windows\sysnative\servicefilter.ini

========== files created - no company name ==========

[2012/03/02 01:13:55 | 000,001,466 | ---- | c] () -- c:\users\public\desktop\aangifte inkomstenbelasting 2008.lnk
[2012/03/01 15:36:09 | 000,001,168 | ---- | c] () -- c:\users\public\desktop\malwarebytes anti-malware.lnk
[2012/03/01 15:18:30 | 000,000,042 | ---- | c] () -- c:\windows\syswow64\ak083e209605e394c.lie
[2012/02/27 01:29:09 | 000,001,209 | ---- | c] () -- c:\users\mmqi\application data\microsoft\internet explorer\quick launch\foxit reader 5.1.lnk
[2012/02/27 01:29:09 | 000,001,185 | ---- | c] () -- c:\users\public\desktop\foxit reader 5.1.lnk
[2012/02/21 16:24:31 | 000,001,144 | ---- | c] () -- c:\users\mmqi\application data\microsoft\internet explorer\quick launch\pokerstars.lnk
[2012/02/21 16:24:31 | 000,001,120 | ---- | c] () -- c:\users\public\desktop\pokerstars.lnk
[2012/02/18 15:11:33 | 000,001,457 | ---- | c] () -- c:\users\mmqi\desktop\free youtube to mp3 converter.lnk
[2012/02/18 15:08:09 | 000,001,298 | ---- | c] () -- c:\users\mmqi\desktop\dvdvideosoft free studio.lnk
[2012/02/18 15:08:08 | 000,001,371 | ---- | c] () -- c:\users\mmqi\desktop\free youtube download.lnk
[2012/02/18 15:03:36 | 024,825,329 | ---- | c] () -- c:\users\mmqi\documents\qadir - nickname [ lyrics ].mp4
[2011/12/23 23:09:57 | 000,000,017 | ---- | c] () -- c:\users\mmqi\appdata\local\resmon.resmoncfg
[2011/12/11 12:09:01 | 000,175,616 | ---- | c] () -- c:\windows\syswow64\unrar.dll
[2011/12/11 12:08:59 | 000,000,038 | ---- | c] () -- c:\windows\avisplitter.ini
[2011/12/11 12:08:53 | 000,650,752 | ---- | c] () -- c:\windows\syswow64\xvidcore.dll
[2011/12/11 12:08:53 | 000,243,200 | ---- | c] () -- c:\windows\syswow64\xvidvfw.dll
[2011/12/11 12:08:52 | 000,074,752 | ---- | c] () -- c:\windows\syswow64\ff_vfw.dll
[2011/11/10 20:01:34 | 000,212,472 | ---- | c] () -- c:\program files (x86)\atiapfxx.blb
[2011/11/10 03:36:06 | 000,204,960 | ---- | c] () -- c:\windows\syswow64\ativvsvl.dat
[2011/11/10 03:36:06 | 000,157,152 | ---- | c] () -- c:\windows\syswow64\ativvsva.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | c] () -- c:\windows\syswow64\openvideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | c] () -- c:\windows\syswow64\ovdecode.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | c] () -- c:\windows\syswow64\ovdecoder.dll
[2011/09/13 00:06:16 | 000,003,917 | ---- | c] () -- c:\windows\syswow64\atipblag.dat
[2011/07/24 14:13:44 | 001,577,904 | ---- | c] () -- c:\windows\syswow64\perfstringbackup.ini
[2011/02/13 04:09:32 | 000,000,218 | -h-- | c] () -- c:\windows\sysreg.dat
[2010/12/21 19:36:11 | 000,000,280 | ---- | c] () -- c:\windows\game.ini
[2010/12/07 20:39:08 | 000,444,283 | ---- | c] () -- c:\program files (x86)\common files\winpcapnmap.exe
[2010/10/08 12:29:33 | 000,053,248 | ---- | c] () -- c:\windows\syswow64\logonstart.dll
[2010/10/08 12:22:13 | 000,000,000 | ---- | c] () -- c:\windows\ativpsrm.bin
[2010/10/08 12:08:40 | 000,131,472 | ---- | c] () -- c:\programdata\fullremove.exe

========== lop check ==========

[2011/12/22 16:40:22 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\asus webstorage
[2012/03/10 20:24:52 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\azureus
[2011/12/22 16:32:13 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\daemon tools pro
[2012/02/18 15:11:38 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\dvdvideosoft
[2012/02/18 15:11:35 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers
[2012/01/22 22:19:01 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\foxit software
[2011/12/22 16:42:41 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\origin
[2011/12/30 18:21:12 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\rovio
[2011/12/30 18:35:45 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\systemrequirementslab
[2012/02/07 17:51:41 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\tuneup software
[2012/02/01 23:01:27 | 000,000,000 | ---d | m] -- c:\users\mmqi\appdata\roaming\utorrent
[2011/10/19 23:02:50 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\2k sports
[2011/12/18 22:42:46 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\asus webstorage
[2011/07/16 01:17:27 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\avg10
[2012/03/10 18:58:17 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\azureus
[2012/03/02 01:17:59 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\belastingdienst
[2011/05/15 22:01:05 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\daemon tools lite
[2010/12/07 22:38:08 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\daemon tools pro
[2011/11/16 00:51:07 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\drpsu
[2011/12/18 22:42:04 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\eeestorageuploader
[2011/12/21 23:11:32 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\foxit software
[2011/12/11 12:09:57 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\mail.ru
[2011/12/11 12:10:02 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\mra
[2011/12/11 13:11:26 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\opera
[2011/12/06 14:58:30 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\origin
[2011/09/24 13:24:42 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\rovio
[2011/08/08 13:32:24 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\thinstall
[2012/03/01 14:46:47 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\tuneup software
[2012/03/10 19:05:05 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\utorrent
[2011/07/25 00:12:12 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\vdownloader
[2011/12/11 12:13:41 | 000,000,000 | ---d | m] -- c:\users\mmqi-thabi\appdata\roaming\yandex
[2011/12/11 12:13:10 | 000,032,542 | ---- | m] () -- c:\windows\tasks\schedlgu.txt

========== purity check ==========

========== alternate data streams ==========

@alternate data stream - 143 bytes -> c:\programdata\temp:981884e7
< end of report >

[/hjt]

Abraham54 · 10 mrt 2012

Re: Checkje.

Je hebt een obscure malwarescanner - altergeo magic scanner - genstalleerd, die op zijn beurt Firefox van instellingen heeft voorzien!

Sluit voordat je OTL de fix laat doen, eerst alle andere openstaande vensters!

Start OTL

Plak de volgende (vetgedrukte, blauwe tekst) onder Custom Scans/Fixes

:OTL

@alternate data stream - 143 bytes -> c:\programdata\temp:981884e7

c:\program files (x86)\common files\asktoolbarinstaller.exe

c:\users\mmqi\appdata\roaming\mozilla\firefox\prof iles\9zj3c6wi.default\extensions\{37964a3c-4ee8-47b1-8321-34de2c39ba4d}
c:\users\mmqi\appdata\roaming\mozilla\firefox\prof iles\9zj3c6wi.default\searchplugins\mailru---.xml

c:\program files (x86)\altergeo

:Services

:Reg

:Files

:Commands
[purity]

[emptytemp]
[emptyflash]
[createrestorepoint]
[reboot]
Klik daarna bovenaan op de knop Run Fix
Laat het programma ongestoord zijn werk doen.
De pc zal na afloop opnieuw opgestart worden.
Post tevens de inhoud van het OTL-scanlog

yowaambie · 10 mrt 2012

Re: Checkje.

Hier de log !

All processes killed
========== OTL ==========
ADS c:\programdata\temp:981884e7 deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: mmqi
->Temp folder emptied: 96637602 bytes
->Temporary Internet Files folder emptied: 324783946 bytes
->Java cache emptied: 2072667 bytes
->FireFox cache emptied: 69710331 bytes
->Flash cache emptied: 29627 bytes

User: Mmqi-Thabi
->Temp folder emptied: 1872072853 bytes
->Temporary Internet Files folder emptied: 398715089 bytes
->Java cache emptied: 7477329 bytes
->FireFox cache emptied: 44249603 bytes
->Flash cache emptied: 8114642 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3359714 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67887 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2,696.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: mmqi
->Flash cache emptied: 0 bytes

User: Mmqi-Thabi
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.36.2 log created on 03102012_212639

Files\Folders moved on Reboot...
C:\Users\mmqi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

---------- Bericht toegevoegd om 21:28 ---------- Vorige bericht geplaatst om 21:27 ----------

Ik weet trouwens niet of dit over het mail.ru geval ging, maar die staat nog steeds als startpagina ..

Abraham54 · 10 mrt 2012

Re: Checkje.

Zoals ik al schreef, dat komt omdat je onvoorzichtig bent geweest met het installeren van een obscure malwarescanner!
Overigens is jouw Windows behoorlijk gereinigd.
Ca. 2GB aan troep is verwijderd!

Stap 1
Welk programma: TDSSStarter .exe
Waarvoor/waarom: Rootkitscanner
Moeilijkheidsgraad: geen
Download TDSSStarter naar het bureaublad.

"TDSSSStarter.exe" gebruiken:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start het tool middels dubbelklik op " TDSSStarter .exe".
- Windows Vista en Windows 7: start het tool middels rechtsklik op "TDSSStarter.exe" en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.

Stap 2
Welk programma: ComboFix
Waarvoor/waarom: Zeer specialistische scanner om Windows diepgaand te onderzoeken en op te schonen.
Moeilijkheidsgraad: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download ComboFix via n van deze locaties:

Hier zie je hoe je ComboFix moet gebruiken.

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:

Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

ComboFix opstarten:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start ComboFix.exe middels dubbelklik op ComboFix.exe.
- Windows Vista en Windows 7: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor Als Administrator uitvoeren.

ComboFix is opgestart:

Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt

[info]
Belangrijke opmerking:

Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
Illegal operation attempted on a registery key that has been marked for deletion.
Start dan de computer opnieuw op.

[/info]
Stap 3
Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:

TDSSStarter-log
ComboFix.txt-log

yowaambie · 10 mrt 2012

Re: Checkje.

Alvast TDSS log:

22:16:41.0503 1184 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
22:16:41.0503 1184 ============================================================
22:16:41.0503 1184 Current date / time: 2012/03/10 22:16:41.0503
22:16:41.0503 1184 SystemInfo:
22:16:41.0503 1184
22:16:41.0503 1184 OS Version: 6.1.7601 ServicePack: 1.0
22:16:41.0503 1184 Product type: Workstation
22:16:41.0503 1184 ComputerName: MMQI-THABI-PC
22:16:41.0503 1184 UserName: mmqi
22:16:41.0503 1184 Windows directory: C:\Windows
22:16:41.0503 1184 System windows directory: C:\Windows
22:16:41.0503 1184 Running under WOW64
22:16:41.0503 1184 Processor architecture: Intel x64
22:16:41.0503 1184 Number of processors: 4
22:16:41.0503 1184 Page size: 0x1000
22:16:41.0503 1184 Boot type: Normal boot
22:16:41.0503 1184 ============================================================
22:16:43.0173 1184 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:16:43.0173 1184 \Device\Harddisk0\DR0:
22:16:43.0173 1184 MBR used
22:16:43.0173 1184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0xE8E0168
22:16:43.0204 1184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10FF2000, BlocksNum 0x29393800
22:16:43.0329 1184 Initialize success
22:16:43.0329 1184 ============================================================
22:16:43.0360 4768 ============================================================
22:16:43.0360 4768 Scan started
22:16:43.0360 4768 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
22:16:43.0360 4768 ============================================================
22:16:44.0904 4768 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:16:44.0998 4768 1394ohci - ok
22:16:45.0107 4768 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:16:45.0138 4768 ACPI - ok
22:16:45.0201 4768 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:16:45.0263 4768 AcpiPmi - ok
22:16:45.0388 4768 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:16:45.0419 4768 adp94xx - ok
22:16:45.0513 4768 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:16:45.0528 4768 adpahci - ok
22:16:45.0575 4768 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:16:45.0606 4768 adpu320 - ok
22:16:45.0747 4768 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:16:45.0840 4768 AFD - ok
22:16:45.0965 4768 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:16:45.0996 4768 agp440 - ok
22:16:46.0105 4768 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:16:46.0121 4768 aliide - ok
22:16:46.0183 4768 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:16:46.0199 4768 amdide - ok
22:16:46.0261 4768 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:16:46.0339 4768 AmdK8 - ok
22:16:47.0104 4768 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys
22:16:47.0556 4768 amdkmdag - ok
22:16:47.0681 4768 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys
22:16:47.0743 4768 amdkmdap - ok
22:16:47.0853 4768 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:16:47.0899 4768 AmdPPM - ok
22:16:47.0946 4768 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:16:47.0993 4768 amdsata - ok
22:16:48.0055 4768 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:16:48.0087 4768 amdsbs - ok
22:16:48.0118 4768 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:16:48.0149 4768 amdxata - ok
22:16:48.0305 4768 AMON (1920edd6b850617182cfa03bf3416ccf) C:\Windows\system32\drivers\amon.sys
22:16:48.0851 4768 AMON - ok
22:16:48.0991 4768 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
22:16:49.0069 4768 AmUStor - ok
22:16:49.0350 4768 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:16:49.0444 4768 AppID - ok
22:16:49.0647 4768 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:16:49.0693 4768 arc - ok
22:16:49.0787 4768 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:16:49.0834 4768 arcsas - ok
22:16:49.0959 4768 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
22:16:49.0974 4768 ASMMAP64 - ok
22:16:50.0068 4768 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:50.0130 4768 AsyncMac - ok
22:16:50.0193 4768 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:16:50.0224 4768 atapi - ok
22:16:50.0349 4768 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
22:16:50.0505 4768 athr - ok
22:16:50.0692 4768 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys
22:16:50.0723 4768 AtiHDAudioService - ok
22:16:50.0863 4768 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys
22:16:50.0910 4768 AtiHdmiService - ok
22:16:51.0721 4768 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys
22:16:51.0877 4768 atikmdag - ok
22:16:52.0143 4768 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:16:52.0299 4768 b06bdrv - ok
22:16:52.0470 4768 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:16:52.0579 4768 b57nd60a - ok
22:16:52.0704 4768 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:16:52.0782 4768 Beep - ok
22:16:52.0891 4768 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:16:52.0954 4768 blbdrive - ok
22:16:53.0016 4768 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:16:53.0079 4768 bowser - ok
22:16:53.0219 4768 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:16:53.0297 4768 BrFiltLo - ok
22:16:53.0344 4768 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:16:53.0406 4768 BrFiltUp - ok
22:16:53.0687 4768 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:16:53.0781 4768 Brserid - ok
22:16:53.0874 4768 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:16:53.0937 4768 BrSerWdm - ok
22:16:54.0077 4768 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:16:54.0171 4768 BrUsbMdm - ok
22:16:54.0202 4768 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:16:54.0249 4768 BrUsbSer - ok
22:16:54.0327 4768 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:16:54.0373 4768 BTHMODEM - ok
22:16:54.0467 4768 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:16:54.0561 4768 cdfs - ok
22:16:54.0623 4768 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:16:54.0685 4768 cdrom - ok
22:16:54.0795 4768 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:16:54.0857 4768 circlass - ok
22:16:54.0935 4768 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:16:54.0997 4768 CLFS - ok
22:16:55.0185 4768 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:16:55.0231 4768 CmBatt - ok
22:16:55.0294 4768 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:16:55.0309 4768 cmdide - ok
22:16:55.0387 4768 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
22:16:55.0450 4768 CNG - ok
22:16:55.0575 4768 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:16:55.0606 4768 Compbatt - ok
22:16:55.0699 4768 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:16:55.0762 4768 CompositeBus - ok
22:16:55.0887 4768 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:16:55.0933 4768 crcdisk - ok
22:16:56.0011 4768 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:16:56.0105 4768 DfsC - ok
22:16:56.0214 4768 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:16:56.0292 4768 discache - ok
22:16:56.0386 4768 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:16:56.0433 4768 Disk - ok
22:16:56.0526 4768 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:16:56.0589 4768 drmkaud - ok
22:16:56.0745 4768 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
22:16:56.0776 4768 DrvAgent64 - ok
22:16:56.0916 4768 dtsoftbus01 (1cecd1252261153c7873b5d9eb259d65) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:16:57.0072 4768 dtsoftbus01 - ok
22:16:57.0291 4768 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:16:57.0353 4768 DXGKrnl - ok
22:16:57.0821 4768 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:16:58.0071 4768 ebdrv - ok
22:16:58.0476 4768 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:16:58.0601 4768 elxstor - ok
22:16:58.0913 4768 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:16:59.0022 4768 ErrDev - ok
22:16:59.0256 4768 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys
22:16:59.0303 4768 ETD - ok
22:16:59.0490 4768 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:16:59.0615 4768 exfat - ok
22:16:59.0865 4768 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:16:59.0943 4768 fastfat - ok
22:17:00.0239 4768 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:17:00.0286 4768 fdc - ok
22:17:00.0379 4768 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:17:00.0411 4768 FileInfo - ok
22:17:00.0629 4768 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:17:00.0754 4768 Filetrace - ok
22:17:01.0050 4768 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:17:01.0097 4768 flpydisk - ok
22:17:01.0425 4768 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:17:01.0487 4768 FltMgr - ok
22:17:01.0674 4768 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:17:01.0705 4768 FsDepends - ok
22:17:02.0173 4768 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
22:17:02.0205 4768 fssfltr - ok
22:17:02.0376 4768 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:17:02.0407 4768 Fs_Rec - ok
22:17:02.0673 4768 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:17:02.0719 4768 fvevol - ok
22:17:02.0875 4768 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:17:02.0907 4768 gagp30kx - ok
22:17:03.0094 4768 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:17:03.0172 4768 hcw85cir - ok
22:17:03.0281 4768 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:17:03.0343 4768 HdAudAddService - ok
22:17:03.0499 4768 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:17:03.0546 4768 HDAudBus - ok
22:17:03.0671 4768 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:17:03.0702 4768 HECIx64 - ok
22:17:03.0889 4768 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:17:03.0967 4768 HidBatt - ok
22:17:04.0077 4768 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:17:04.0123 4768 HidBth - ok
22:17:04.0248 4768 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:17:04.0295 4768 HidIr - ok
22:17:04.0451 4768 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:17:04.0576 4768 HidUsb - ok
22:17:04.0810 4768 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:17:04.0857 4768 HpSAMD - ok
22:17:04.0997 4768 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:17:05.0106 4768 HTTP - ok
22:17:05.0340 4768 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:17:05.0372 4768 hwpolicy - ok
22:17:05.0543 4768 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:17:05.0590 4768 i8042prt - ok
22:17:05.0730 4768 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\DRIVERS\iaStor.sys
22:17:05.0777 4768 iaStor - ok
22:17:05.0996 4768 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:17:06.0074 4768 iaStorV - ok
22:17:06.0198 4768 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:17:06.0230 4768 iirsp - ok
22:17:06.0308 4768 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:17:06.0339 4768 intelide - ok
22:17:06.0417 4768 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:17:06.0479 4768 intelppm - ok
22:17:06.0557 4768 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:17:06.0651 4768 IpFilterDriver - ok
22:17:06.0760 4768 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:17:06.0838 4768 IPMIDRV - ok
22:17:06.0963 4768 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:17:07.0041 4768 IPNAT - ok
22:17:07.0166 4768 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:17:07.0212 4768 IRENUM - ok
22:17:07.0290 4768 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:17:07.0322 4768 isapnp - ok
22:17:07.0353 4768 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:17:07.0384 4768 iScsiPrt - ok
22:17:07.0446 4768 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:17:07.0478 4768 kbdclass - ok
22:17:07.0556 4768 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:17:07.0602 4768 kbdhid - ok
22:17:07.0665 4768 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
22:17:07.0696 4768 kbfiltr - ok
22:17:07.0743 4768 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
22:17:07.0790 4768 KSecDD - ok
22:17:07.0821 4768 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
22:17:07.0868 4768 KSecPkg - ok
22:17:07.0946 4768 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:17:08.0008 4768 ksthunk - ok
22:17:08.0117 4768 L1C (173666119d217e3739205c169e2bf0e5) C:\Windows\system32\DRIVERS\L1C62x64.sys
22:17:08.0148 4768 L1C - ok
22:17:08.0226 4768 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:17:08.0320 4768 lltdio - ok
22:17:08.0460 4768 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:17:08.0507 4768 LSI_FC - ok
22:17:08.0554 4768 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:17:08.0585 4768 LSI_SAS - ok
22:17:08.0663 4768 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:17:08.0694 4768 LSI_SAS2 - ok
22:17:08.0726 4768 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:17:08.0757 4768 LSI_SCSI - ok
22:17:08.0804 4768 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:17:08.0897 4768 luafv - ok
22:17:09.0006 4768 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
22:17:09.0022 4768 MBAMProtector - ok
22:17:09.0116 4768 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:17:09.0147 4768 megasas - ok
22:17:09.0256 4768 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:17:09.0303 4768 MegaSR - ok
22:17:09.0350 4768 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:17:09.0459 4768 Modem - ok
22:17:09.0552 4768 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:17:09.0584 4768 monitor - ok
22:17:09.0802 4768 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:17:09.0849 4768 mouclass - ok
22:17:09.0958 4768 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:17:10.0005 4768 mouhid - ok
22:17:10.0130 4768 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:17:10.0161 4768 mountmgr - ok
22:17:10.0208 4768 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
22:17:10.0270 4768 MpFilter - ok
22:17:10.0364 4768 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:17:10.0410 4768 mpio - ok
22:17:10.0551 4768 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:17:10.0598 4768 MpNWMon - ok
22:17:10.0629 4768 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:17:10.0738 4768 mpsdrv - ok
22:17:10.0816 4768 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:17:10.0910 4768 MRxDAV - ok
22:17:10.0988 4768 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:17:11.0112 4768 mrxsmb - ok
22:17:11.0284 4768 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:17:11.0362 4768 mrxsmb10 - ok
22:17:11.0768 4768 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:17:11.0846 4768 mrxsmb20 - ok
22:17:11.0955 4768 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:17:11.0986 4768 msahci - ok
22:17:12.0095 4768 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:17:12.0126 4768 msdsm - ok
22:17:12.0204 4768 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:17:12.0298 4768 Msfs - ok
22:17:12.0360 4768 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:17:12.0454 4768 mshidkmdf - ok
22:17:12.0501 4768 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:17:12.0532 4768 msisadrv - ok
22:17:12.0641 4768 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:17:12.0735 4768 MSKSSRV - ok
22:17:12.0860 4768 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:17:12.0938 4768 MSPCLOCK - ok
22:17:12.0984 4768 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:17:13.0078 4768 MSPQM - ok
22:17:13.0156 4768 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:17:13.0187 4768 MsRPC - ok
22:17:13.0234 4768 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:17:13.0250 4768 mssmbios - ok
22:17:13.0328 4768 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:17:13.0437 4768 MSTEE - ok
22:17:13.0562 4768 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:17:13.0624 4768 MTConfig - ok
22:17:13.0749 4768 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
22:17:13.0764 4768 MTsensor - ok
22:17:13.0920 4768 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:17:13.0952 4768 Mup - ok
22:17:14.0076 4768 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:17:14.0154 4768 NativeWifiP - ok
22:17:14.0357 4768 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:17:14.0404 4768 NDIS - ok
22:17:14.0482 4768 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:17:14.0560 4768 NdisCap - ok
22:17:14.0669 4768 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:17:14.0732 4768 NdisTapi - ok
22:17:14.0763 4768 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:17:14.0841 4768 Ndisuio - ok
22:17:14.0872 4768 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:17:14.0966 4768 NdisWan - ok
22:17:14.0997 4768 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:17:15.0090 4768 NDProxy - ok
22:17:15.0153 4768 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:17:15.0246 4768 NetBIOS - ok
22:17:15.0278 4768 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:17:15.0402 4768 NetBT - ok
22:17:15.0558 4768 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:17:15.0590 4768 nfrd960 - ok
22:17:15.0683 4768 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:17:15.0730 4768 NisDrv - ok
22:17:15.0886 4768 npf (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
22:17:15.0917 4768 npf - ok
22:17:16.0120 4768 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:17:16.0198 4768 Npfs - ok
22:17:16.0338 4768 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:17:16.0494 4768 nsiproxy - ok
22:17:16.0775 4768 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:17:16.0884 4768 Ntfs - ok
22:17:16.0994 4768 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:17:17.0134 4768 Null - ok
22:17:17.0212 4768 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:17:17.0259 4768 nvraid - ok
22:17:17.0290 4768 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:17:17.0337 4768 nvstor - ok
22:17:17.0384 4768 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:17:17.0415 4768 nv_agp - ok
22:17:17.0462 4768 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:17:17.0508 4768 ohci1394 - ok
22:17:17.0571 4768 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:17:17.0633 4768 Parport - ok
22:17:17.0664 4768 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:17:17.0680 4768 partmgr - ok
22:17:17.0742 4768 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:17:17.0774 4768 pci - ok
22:17:17.0789 4768 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:17:17.0805 4768 pciide - ok
22:17:17.0883 4768 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:17:17.0914 4768 pcmcia - ok
22:17:18.0023 4768 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:17:18.0054 4768 pcw - ok
22:17:18.0257 4768 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:17:18.0429 4768 PEAUTH - ok
22:17:18.0554 4768 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:17:18.0632 4768 PptpMiniport - ok
22:17:18.0694 4768 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:17:18.0756 4768 Processor - ok
22:17:18.0881 4768 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:17:18.0990 4768 Psched - ok
22:17:19.0084 4768 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:17:19.0178 4768 ql2300 - ok
22:17:19.0302 4768 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:17:19.0334 4768 ql40xx - ok
22:17:19.0396 4768 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:17:19.0474 4768 QWAVEdrv - ok
22:17:19.0583 4768 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:17:19.0692 4768 RasAcd - ok
22:17:19.0802 4768 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:17:19.0880 4768 RasAgileVpn - ok
22:17:19.0926 4768 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:17:20.0020 4768 Rasl2tp - ok
22:17:20.0145 4768 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:17:20.0238 4768 RasPppoe - ok
22:17:20.0285 4768 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:17:20.0363 4768 RasSstp - ok
22:17:20.0394 4768 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:17:20.0472 4768 rdbss - ok
22:17:20.0504 4768 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:17:20.0535 4768 rdpbus - ok
22:17:20.0566 4768 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:17:20.0644 4768 RDPCDD - ok
22:17:20.0675 4768 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:17:20.0784 4768 RDPENCDD - ok
22:17:20.0894 4768 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:17:20.0987 4768 RDPREFMP - ok
22:17:21.0034 4768 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
22:17:21.0112 4768 RDPWD - ok
22:17:21.0190 4768 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:17:21.0237 4768 rdyboost - ok
22:17:21.0362 4768 RimUsb - ok
22:17:21.0424 4768 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
22:17:21.0502 4768 RimVSerPort - ok
22:17:21.0611 4768 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
22:17:21.0720 4768 ROOTMODEM - ok
22:17:21.0783 4768 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:17:21.0908 4768 rspndr - ok
22:17:22.0142 4768 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:17:22.0188 4768 sbp2port - ok
22:17:22.0298 4768 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:17:22.0376 4768 scfilter - ok
22:17:22.0516 4768 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:17:22.0594 4768 secdrv - ok
22:17:22.0656 4768 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:17:22.0719 4768 Serenum - ok
22:17:22.0844 4768 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:17:22.0906 4768 Serial - ok
22:17:23.0015 4768 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:17:23.0062 4768 sermouse - ok
22:17:23.0140 4768 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:17:23.0202 4768 sffdisk - ok
22:17:23.0265 4768 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:17:23.0312 4768 sffp_mmc - ok
22:17:23.0343 4768 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:17:23.0405 4768 sffp_sd - ok
22:17:23.0468 4768 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:17:23.0530 4768 sfloppy - ok
22:17:23.0639 4768 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
22:17:23.0686 4768 SiSGbeLH - ok
22:17:23.0733 4768 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:17:23.0764 4768 SiSRaid2 - ok
22:17:23.0795 4768 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:17:23.0826 4768 SiSRaid4 - ok
22:17:23.0889 4768 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:17:23.0982 4768 Smb - ok
22:17:24.0123 4768 SNP2UVC (f06a6de8438f7446bff9e61f31356521) C:\Windows\system32\DRIVERS\snp2uvc.sys
22:17:24.0216 4768 SNP2UVC - ok
22:17:24.0326 4768 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:17:24.0357 4768 spldr - ok
22:17:24.0544 4768 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:17:24.0622 4768 srv - ok
22:17:24.0825 4768 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:17:24.0934 4768 srv2 - ok
22:17:25.0199 4768 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:17:25.0246 4768 srvnet - ok
22:17:25.0418 4768 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:17:25.0449 4768 stexstor - ok
22:17:25.0496 4768 STHDA (ddb811b13d827081e7c1ddff302ab334) C:\Windows\system32\DRIVERS\stwrt64.sys
22:17:25.0542 4768 STHDA - ok
22:17:25.0636 4768 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:17:25.0683 4768 swenum - ok
22:17:25.0870 4768 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
22:17:25.0979 4768 Tcpip - ok
22:17:26.0494 4768 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
22:17:26.0556 4768 TCPIP6 - ok
22:17:26.0759 4768 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:17:26.0853 4768 tcpipreg - ok
22:17:26.0978 4768 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:17:27.0071 4768 TDPIPE - ok
22:17:27.0118 4768 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:17:27.0196 4768 TDTCP - ok
22:17:27.0430 4768 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:17:27.0508 4768 tdx - ok
22:17:27.0617 4768 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:17:27.0648 4768 TermDD - ok
22:17:27.0758 4768 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:17:27.0836 4768 tssecsrv - ok
22:17:28.0054 4768 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:17:28.0132 4768 TsUsbFlt - ok
22:17:28.0257 4768 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
22:17:28.0288 4768 TuneUpUtilitiesDrv - ok
22:17:28.0382 4768 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:17:28.0491 4768 tunnel - ok
22:17:28.0772 4768 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:17:28.0834 4768 uagp35 - ok
22:17:28.0959 4768 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:17:29.0084 4768 udfs - ok
22:17:29.0177 4768 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:17:29.0208 4768 uliagpkx - ok
22:17:29.0286 4768 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:17:29.0333 4768 umbus - ok
22:17:29.0442 4768 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:17:29.0505 4768 UmPass - ok
22:17:29.0661 4768 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
22:17:29.0723 4768 usbaudio - ok
22:17:29.0848 4768 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:17:29.0910 4768 usbccgp - ok
22:17:30.0004 4768 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:17:30.0066 4768 usbcir - ok
22:17:30.0113 4768 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:17:30.0160 4768 usbehci - ok
22:17:30.0207 4768 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:17:30.0254 4768 usbhub - ok
22:17:30.0285 4768 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:17:30.0332 4768 usbohci - ok
22:17:30.0378 4768 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:17:30.0441 4768 usbprint - ok
22:17:30.0472 4768 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:17:30.0534 4768 USBSTOR - ok
22:17:30.0566 4768 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:17:30.0612 4768 usbuhci - ok
22:17:30.0675 4768 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:17:30.0737 4768 usbvideo - ok
22:17:30.0784 4768 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:17:30.0800 4768 vdrvroot - ok
22:17:30.0862 4768 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:17:30.0893 4768 vga - ok
22:17:30.0956 4768 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:17:31.0049 4768 VgaSave - ok
22:17:31.0236 4768 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:17:31.0268 4768 vhdmp - ok
22:17:31.0439 4768 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:17:31.0470 4768 viaide - ok
22:17:31.0548 4768 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:17:31.0580 4768 volmgr - ok
22:17:31.0689 4768 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:17:31.0751 4768 volmgrx - ok
22:17:32.0172 4768 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:17:32.0266 4768 volsnap - ok
22:17:32.0422 4768 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:17:32.0453 4768 vsmraid - ok
22:17:32.0500 4768 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:17:32.0562 4768 vwifibus - ok
22:17:32.0578 4768 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:17:32.0640 4768 vwififlt - ok
22:17:32.0750 4768 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:17:32.0781 4768 vwifimp - ok
22:17:32.0828 4768 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:17:32.0890 4768 WacomPen - ok
22:17:32.0968 4768 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:17:33.0046 4768 WANARP - ok
22:17:33.0062 4768 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:17:33.0108 4768 Wanarpv6 - ok
22:17:33.0233 4768 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:17:33.0280 4768 Wd - ok
22:17:33.0498 4768 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:17:33.0561 4768 Wdf01000 - ok
22:17:33.0732 4768 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:17:33.0810 4768 WfpLwf - ok
22:17:33.0998 4768 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
22:17:34.0029 4768 WimFltr - ok
22:17:34.0247 4768 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:17:34.0278 4768 WIMMount - ok
22:17:34.0450 4768 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:17:34.0512 4768 WmiAcpi - ok
22:17:34.0575 4768 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:17:34.0668 4768 ws2ifsl - ok
22:17:34.0700 4768 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:17:34.0778 4768 WudfPf - ok
22:17:34.0871 4768 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:17:34.0949 4768 WUDFRd - ok
22:17:35.0136 4768 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
22:17:35.0199 4768 xusb21 - ok
22:17:35.0261 4768 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:17:35.0714 4768 \Device\Harddisk0\DR0 - ok
22:17:35.0760 4768 Boot (0x1200) (d8b588d5bf829e5ee183ed9e47f67ebf) \Device\Harddisk0\DR0\Partition0
22:17:35.0760 4768 \Device\Harddisk0\DR0\Partition0 - ok
22:17:35.0792 4768 Boot (0x1200) (56f925e861f157fc995596bf716b6c69) \Device\Harddisk0\DR0\Partition1
22:17:35.0792 4768 \Device\Harddisk0\DR0\Partition1 - ok
22:17:35.0792 4768 ============================================================
22:17:35.0792 4768 Scan finished
22:17:35.0792 4768 ============================================================
22:17:36.0384 2304 Deinitialize success

==============================================
System Restore Point Check:

TDSSKiller Starter Restore Point Created Succesfully
==============================================
EOF

---------- Bericht toegevoegd om 22:12 ---------- Vorige bericht geplaatst om 22:12 ----------

Moeten die btw ook steeds in kleur ?

Abraham54 · 10 mrt 2012

Re: Checkje.

Als bij de handleiding niks over de kleurcodeerder staat vermeld, hoeft het ook niet.
ComboFix heeft wel die vermelding!

yowaambie · 10 mrt 2012

Re: Checkje.

Ok, hier de combofix log:

[hjt]
combofix 12-03-10.02 - mmqi 10-03-2012 22:26:30.1.4 - x64
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.3949.2464 [gmt 1:00]
gestart vanuit: c:\users\mmqi\desktop\combofix.exe
av: microsoft security essentials *disabled/updated* {108dac43-c256-20b7-bb05-914135da5160}
sp: microsoft security essentials *disabled/updated* {abec4da7-e46c-2f39-81b5-aa334e5d1bdd}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\amazon.ico
c:\programdata\fullremove.exe
c:\programdata\mercadolivre.ico
c:\programdata\quickstores.ico
c:\windows\syswow64\packet.dll
c:\windows\syswow64\pthreadvc.dll
c:\windows\syswow64\wpcap.dll
d:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( drivers/services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\legacy_npf
-------\service_npf
.
.
(((((((((((((((((((( bestanden gemaakt van 2012-02-10 to 2012-03-10 ))))))))))))))))))))))))))))))
.
.
2012-03-10 21:16 . 2012-03-10 21:17 -------- d-----w- c:\tdssstarter
2012-03-10 20:26 . 2012-03-10 20:26 -------- d-----w- c:\_otl
2012-03-10 12:17 . 2012-03-10 13:41 -------- d-----w- c:\users\mmqi-thabi\appdata\local\pokerstars
2012-03-09 23:57 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{064f5e69-f141-4dea-bebe-a01e2fb2ad6b}\mpengine.dll
2012-03-09 15:36 . 2012-03-09 15:36 -------- d-----w- c:\program files\microsoft silverlight
2012-03-09 15:36 . 2012-03-09 15:36 -------- d-----w- c:\program files (x86)\microsoft silverlight
2012-03-03 11:00 . 2012-03-03 11:00 -------- d-----w- c:\users\mmqi\appdata\roaming\malwarebytes
2012-03-01 14:34 . 2012-03-01 14:34 -------- d-----w- c:\rbackup
2012-03-01 14:18 . 2012-03-03 13:07 -------- d-----w- c:\program files\perfect uninstaller
2012-02-22 23:24 . 2012-02-22 23:24 -------- d-----w- c:\users\mmqi\appdata\roaming\dvdcss
2012-02-18 20:58 . 2012-03-07 12:42 -------- d-----w- c:\users\mmqi\appdata\local\pokerstars
2012-02-18 20:58 . 2012-03-07 12:42 -------- d-----w- c:\program files (x86)\pokerstars
2012-02-18 14:08 . 2012-02-18 14:11 -------- d-----w- c:\users\mmqi\appdata\roaming\dvdvideosoft
2012-02-18 14:07 . 2012-02-18 14:11 -------- d-----w- c:\program files (x86)\common files\dvdvideosoft
2012-02-18 14:07 . 2012-02-18 14:11 -------- d-----w- c:\program files (x86)\dvdvideosoft
2012-02-16 13:55 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 13:55 . 2012-01-04 08:58 442880 ----a-w- c:\windows\syswow64\ntshrui.dll
2012-02-16 13:55 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 13:55 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 13:55 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 13:55 . 2011-12-30 05:27 478720 ----a-w- c:\windows\syswow64\timedate.cpl
2012-02-16 13:55 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 13:55 . 2011-12-16 07:52 690688 ----a-w- c:\windows\syswow64\msvcrt.dll
2012-02-10 20:59 . 2012-02-10 20:58 927800 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{274c1437-4687-49eb-943c-5a6ace168a53}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-08 21:38 . 2010-12-21 18:36 189248 ----a-w- c:\windows\syswow64\pnkbstrb.ex0
2012-02-08 07:13 . 2011-07-25 15:59 8643640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-01-31 12:44 . 2010-12-20 22:00 279656 ------w- c:\windows\system32\mpsigstub.exe
2012-01-19 21:25 . 2011-12-06 15:41 280904 ----a-w- c:\windows\syswow64\pnkbstrb.xtr
2011-12-30 18:05 . 2011-12-30 18:05 21712 ----a-w- c:\windows\syswow64\drivers\drvagent64.sys
2011-12-22 15:20 . 2011-06-13 00:37 414368 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2011-11-10 19:01 . 2011-11-10 19:01 159744 ----a-w- c:\program files (x86)\atiapfxx.exe
2011-11-10 19:01 . 2011-11-10 19:01 4096 ----a-w- c:\program files (x86)\version.dll
2010-10-16 10:50 . 2010-12-07 19:39 3056008 ----a-w- c:\program files (x86)\common files\asktoolbarinstaller.exe
2010-01-26 09:11 . 2010-12-07 19:39 444283 ----a-w- c:\program files (x86)\common files\winpcapnmap.exe
2009-10-15 14:06 . 2009-10-15 14:06 170 ----a-w- c:\program files (x86)\appprofiles.reg
.
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_local_machine\wow6432node\~\browser helper objects\{9bfba68e-e21b-458e-ae12-fe85e903d2c1}]
2011-02-28 09:59 268136 ----a-w- c:\program files (x86)\altergeo\altergeo magic scanner\3.2.1.742\altergeo.browserplugin.dll
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"updatelbpshortcut"=c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe [2009-05-20 222504]
"updatep2goshortcut"=c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe [2009-05-20 222504]
"boingo wi-fi"=c:\program files (x86)\boingo\boingo wi-fi\boingo.lnk [2010-10-08 2429]
"atkosd2"=c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2009-10-27 6998656]
"atkmedia"=c:\program files (x86)\asus\atk package\atk media\dmedia.exe [2009-08-20 170624]
"hcontroluser"=c:\program files (x86)\asus\atk hotkey\hcontroluser.exe [2009-06-19 105016]
"nod32kui"=c:\program files (x86)\eset\nod32kui.exe [2011-02-13 949376]
"nbagent"=d:\programmas\nero\nero backitup\nbagent.exe [2010-03-26 1234216]
"clmlserver"=c:\program files (x86)\cyberlink\power2go\clmlsvc.exe [2009-11-02 103720]
"asuswebstorage"=c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe [2011-08-17 737104]
"startccc"=c:\program files (x86)\atinew\ati.ace\core-static\clistart.exe [2011-11-09 343168]
"malwarebytes' anti-malware"=c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe [2012-01-13 460872]
.
c:\users\mmqi-thabi\appdata\roaming\microsoft\windows\start menu\programs\startup\
battery doubler.lnk - c:\program files (x86)\dachshund software\battery doubler\battery doubler.exe [2002-9-21 1534267]
.
c:\programdata\microsoft\windows\start menu\programs\startup\
fancystart daemon.lnk - c:\windows\installer\{2b81872b-a054-48da-be3b-fa5c164c303a}\_c4a2fc3e3722966204fdd8.exe [2010-10-8 12862]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"consentpromptbehavioruser"= 3 (0x3)
"enablelua"= 0 (0x0)
"enableuiadesktoptoggle"= 0 (0x0)
"promptonsecuredesktop"= 0 (0x0)
"enablelinkedconnections"= 1 (0x1)
.
[hkey_local_machine\system\currentcontrolset\control\lsa]
security packages reg_multi_sz kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
@="service"
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run-]
"adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
"adobe reader speed launcher"=c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
"divxupdate"=c:\program files (x86)\divx\divx update\divxupdate.exe /checknow
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe
.
r2 application updater;application updater;c:\program files (x86)\application updater\applicationupdater.exe [x]
r2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
r3 amustor;am usb stroage driver;c:\windows\system32\drivers\amustor.sys [x]
r3 drvagent64;drvagent64;c:\windows\syswow64\drivers\drvagent64.sys [2011-12-30 21712]
r3 gupdate;google update service (gupdate);c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 135664]
r3 gupdatem;google update-service (gupdatem);c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 135664]
r3 microsoft sharepoint workspace audit service;microsoft sharepoint workspace audit service;c:\program files\microsoft office\office14\groove.exe [2011-06-12 51740536]
r3 mpnwmon;microsoft malware protection network driver;c:\windows\system32\drivers\mpnwmon.sys [x]
r3 nisdrv;microsoft network inspection system;c:\windows\system32\drivers\nisdrvwfp.sys [x]
r3 nissrv;microsoft network inspection;c:\program files\microsoft security client\antimalware\nissrv.exe [2011-04-27 288272]
r3 ose64;office 64 source engine;c:\program files\common files\microsoft shared\source engine\ose.exe [2010-01-09 174440]
r3 osppsvc;office software protection platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe [2010-01-09 4925184]
r3 sisgbelh;sis191/sis190 ethernet device ndis 6.0 driver;c:\windows\system32\drivers\sisg664.sys [x]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys [x]
r3 vwifimp;microsoft virtual wifi miniport service;c:\windows\system32\drivers\vwifimp.sys [x]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe [x]
r4 wlcrasvc;windows live mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 57184]
s1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys [x]
s1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [x]
s2 afbagent;afbagent;c:\windows\system32\fbagent.exe [x]
s2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe [x]
s2 asmmap64;asmmap64;c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys [2009-07-03 15416]
s2 mbamservice;mbamservice;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2012-01-13 652360]
s2 naupdate;nero update;c:\program files (x86)\nero\update\nasvc.exe [2010-03-25 490280]
s2 tuneup.utilitiessvc;tuneup utilities service;c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe [2011-11-23 2118976]
s2 uns;intel(r) management & security application user notification service;c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe [2009-10-01 2314240]
s3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [x]
s3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [x]
s3 atihdaudioservice;amd function driver for hd audio service;c:\windows\system32\drivers\atihdw76.sys [x]
s3 etd;elan ps/2 port input device;c:\windows\system32\drivers\etd.sys [x]
s3 hecix64;intel(r) management engine interface;c:\windows\system32\drivers\hecix64.sys [x]
s3 l1c;ndis miniport driver for atheros ar813x/ar815x pci-e ethernet controller;c:\windows\system32\drivers\l1c62x64.sys [x]
s3 mbamprotector;mbamprotector;c:\windows\system32\drivers\mbam.sys [x]
s3 tuneuputilitiesdrv;tuneuputilitiesdrv;c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesdriver64.sys [2011-11-09 11856]
.
.
inhoud van de 'gedeelde taken' map
.
2012-03-10 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 11:07]
.
2012-03-10 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 11:07]
.
.
--------- x86-64 -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\asuswsshellext_b]
@="{6d4133e5-0742-4adc-8a8c-9303440f7190}"
[hkey_classes_root\clsid\{6d4133e5-0742-4adc-8a8c-9303440f7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\asuswsshellext_o]
@="{64174815-8d98-4ce6-8646-4c039977d808}"
[hkey_classes_root\clsid\{64174815-8d98-4ce6-8646-4c039977d808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"etdware"=c:\program files\elantech\etdctrl.exe [2009-09-30 621440]
"systrayapp"=c:\program files\idt\wdm\sttray64.exe [2009-11-27 487424]
"amicosinglun64"=c:\program files (x86)\amicosinglun\amicosinglun64.exe [2009-09-01 323584]
"bcssync"=c:\program files\microsoft office\office14\bcssync.exe [2010-03-13 112512]
"msc"=c:\program files\microsoft security client\msseces.exe [2011-06-15 1436736]
"combofix"="c:\combofix\cf18134.3xe" [2010-11-20 345088]
.
[hkey_local_machine\software\microsoft\windows nt\currentversion\windows]
"loadappinit_dlls"=0x0
.
------- bijkomende scan -------
.
ulocal page = c:\windows\system32\blank.htm
ustart page = hxxp://asus.msn.com
mlocal page = c:\windows\syswow64\blank.htm
ie: free youtube download - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
ie: free youtube to mp3 converter - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
lsp: c:\windows\system32\imon.dll
tcp: dhcpnameserver = 192.168.1.254
ff - profilepath - c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\
ff - prefs.js: browser.search.defaulturl - hxxp://go.mail.ru/search?fr=fftb&utf8in&q=
ff - prefs.js: browser.search.selectedengine - yahoo
ff - prefs.js: keyword.url - hxxp://go.mail.ru/search?utf8in=1&fr=fftbufix&q=
ff - prefs.js: network.proxy.type - 0
ff - user.js: network.http.max-persistent-connections-per-server - 4
ff - user.js: nglayout.initialpaint.delay - 600
ff - user.js: content.notify.interval - 600000
ff - user.js: content.max.tokenizing.time - 1800000
ff - user.js: content.switch.threshold - 600000
.
- - - - orphans verwijderd - - - -
.
toolbar-locked - (no file)
addremove-adobe shockwave player - c:\windows\system32\adobe\shockwave 11\uninstaller.exe
addremove-k_series_screensaver_en - c:\windows\system32\k_series_screensaver_en.scr
addremove-generator - c:\windows\system32\javaws.exe
.
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil11e_activex.exe,-101"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}\localserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flashutil11e_activex.exe
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="shockwave flash object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
@="0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
@="shockwaveflash.shockwaveflash.10"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="shockwaveflash.shockwaveflash"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="macromedia flash factory object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
@="flashfactory.flashfactory.1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="flashfactory.flashfactory"
.
[hkey_local_machine\software\classes\wow6432node\interface\{e3f2c3cb-5eb8-4a04-b22c-7e3b4b6af30f}]
@denied: (a 2) (everyone)
@="iflashbroker4"
.
[hkey_local_machine\software\classes\wow6432node\interface\{e3f2c3cb-5eb8-4a04-b22c-7e3b4b6af30f}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\wow6432node\interface\{e3f2c3cb-5eb8-4a04-b22c-7e3b4b6af30f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
------------------------ andere aktieve processen ------------------------
.
c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
c:\program files (x86)\eset\nod32krn.exe
c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe
c:\program files (x86)\asus\smartlogon\sensorsrv.exe
c:\program files (x86)\asus\controldeck\controldeckstartup.exe
c:\windows\asscrpro.exe
c:\program files (x86)\daemon tools pro\dtshellhlp.exe
c:\program files (x86)\boingo\boingo wi-fi\boingo wi-fi.exe
.
**************************************************************************
.
voltooingstijd: 2012-03-10 22:39:02 - machine werd herstart
combofix-quarantined-files.txt 2012-03-10 21:39
.
pre-run: 51.537.530.880 bytes beschikbaar
post-run: 50.654.785.536 bytes beschikbaar
.
- - end of file - - bae795bac4c2d13965a7dbc2bc150afc

[/hjt]

---------- Bericht toegevoegd om 22:40 ---------- Vorige bericht geplaatst om 22:33 ----------

Ga nu nachtrust houden ! Goodnight

Abraham54 · 10 mrt 2012

Re: Checkje.

Welterusten hoor.

Klusje voor de zondagmorgen:

open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".

Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster

Code:

[B][color=#0000FF]ClearJavaCache::

File::
c:\program files (x86)\common files\asktoolbarinstaller.exe

Folder::
c:\program files (x86)\altergeo

Firefox::
ff - profilepath - c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\
ff - prefs.js: browser.search.defaulturl -[/COLOR][/B][

Sla dit kladblokbestand op je bureaublad op als CFScript.txt.

Nu eerst de antivirus en eventuele spywarescanners deaktiveren!
Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!
Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in C:\Combofix.txt

Belangrijke opmerking:

Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
Illegal operation attempted on a registery key that has been marked for deletion.
Start dan de computer opnieuw op.

yowaambie · 11 mrt 2012

Re: Checkje.

Ok daar waren we weer fris en fruitig.

Combofix log:

[hjt]
combofix 12-03-10.02 - mmqi 11-03-2012 12:34:09.2.4 - x64
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.3949.2171 [gmt 1:00]
gestart vanuit: c:\users\mmqi\desktop\combofix.exe
gebruikte opdracht switches :: c:\users\mmqi\desktop\cfscript.txt
av: microsoft security essentials *disabled/updated* {108dac43-c256-20b7-bb05-914135da5160}
sp: microsoft security essentials *disabled/updated* {abec4da7-e46c-2f39-81b5-aa334e5d1bdd}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
file ::
c:\program files (x86)\common files\asktoolbarinstaller.exe
.
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\altergeo
c:\program files (x86)\altergeo\altergeo magic scanner\3.2.1.742\altergeo.browserplugin.dll
c:\program files (x86)\common files\asktoolbarinstaller.exe
.
.
(((((((((((((((((((( bestanden gemaakt van 2012-02-11 to 2012-03-11 ))))))))))))))))))))))))))))))
.
.
2012-03-11 11:39 . 2012-03-11 11:39 -------- d-----w- c:\users\default\appdata\local\temp
2012-03-11 09:00 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f9b231ac-c40e-4bdb-9cc4-b9298410474e}\mpengine.dll
2012-03-10 21:39 . 2012-03-11 11:39 -------- d-----w- c:\users\mmqi-thabi\appdata\local\temp
2012-03-10 21:16 . 2012-03-10 21:17 -------- d-----w- c:\tdssstarter
2012-03-10 20:26 . 2012-03-10 20:26 -------- d-----w- c:\_otl
2012-03-10 12:17 . 2012-03-10 13:41 -------- d-----w- c:\users\mmqi-thabi\appdata\local\pokerstars
2012-03-09 15:36 . 2012-03-09 15:36 -------- d-----w- c:\program files\microsoft silverlight
2012-03-09 15:36 . 2012-03-09 15:36 -------- d-----w- c:\program files (x86)\microsoft silverlight
2012-03-03 11:00 . 2012-03-03 11:00 -------- d-----w- c:\users\mmqi\appdata\roaming\malwarebytes
2012-03-01 14:34 . 2012-03-01 14:34 -------- d-----w- c:\rbackup
2012-03-01 14:18 . 2012-03-11 08:50 -------- d-----w- c:\program files\perfect uninstaller
2012-02-22 23:24 . 2012-02-22 23:24 -------- d-----w- c:\users\mmqi\appdata\roaming\dvdcss
2012-02-18 20:58 . 2012-03-07 12:42 -------- d-----w- c:\users\mmqi\appdata\local\pokerstars
2012-02-18 20:58 . 2012-03-07 12:42 -------- d-----w- c:\program files (x86)\pokerstars
2012-02-18 14:08 . 2012-02-18 14:11 -------- d-----w- c:\users\mmqi\appdata\roaming\dvdvideosoft
2012-02-18 14:07 . 2012-02-18 14:11 -------- d-----w- c:\program files (x86)\common files\dvdvideosoft
2012-02-18 14:07 . 2012-02-18 14:11 -------- d-----w- c:\program files (x86)\dvdvideosoft
2012-02-16 13:55 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 13:55 . 2012-01-04 08:58 442880 ----a-w- c:\windows\syswow64\ntshrui.dll
2012-02-16 13:55 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 13:55 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 13:55 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 13:55 . 2011-12-30 05:27 478720 ----a-w- c:\windows\syswow64\timedate.cpl
2012-02-16 13:55 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 13:55 . 2011-12-16 07:52 690688 ----a-w- c:\windows\syswow64\msvcrt.dll
2012-02-10 20:59 . 2012-02-10 20:58 927800 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{274c1437-4687-49eb-943c-5a6ace168a53}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-08 21:38 . 2010-12-21 18:36 189248 ----a-w- c:\windows\syswow64\pnkbstrb.ex0
2012-02-08 07:13 . 2011-07-25 15:59 8643640 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-01-31 12:44 . 2010-12-20 22:00 279656 ------w- c:\windows\system32\mpsigstub.exe
2012-01-19 21:25 . 2011-12-06 15:41 280904 ----a-w- c:\windows\syswow64\pnkbstrb.xtr
2011-12-30 18:05 . 2011-12-30 18:05 21712 ----a-w- c:\windows\syswow64\drivers\drvagent64.sys
2011-12-22 15:20 . 2011-06-13 00:37 414368 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2011-11-10 19:01 . 2011-11-10 19:01 159744 ----a-w- c:\program files (x86)\atiapfxx.exe
2011-11-10 19:01 . 2011-11-10 19:01 4096 ----a-w- c:\program files (x86)\version.dll
2010-01-26 09:11 . 2010-12-07 19:39 444283 ----a-w- c:\program files (x86)\common files\winpcapnmap.exe
2009-10-15 14:06 . 2009-10-15 14:06 170 ----a-w- c:\program files (x86)\appprofiles.reg
.
.
((((((((((((((((((((((((((((( snapshot@2012-03-10_21.34.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-08 11:20 . 2012-03-11 08:51 54542 c:\windows\system32\wdi\shutdownperformancediagnostics_systemdata.bin
+ 2009-07-14 05:10 . 2012-03-11 08:51 35132 c:\windows\system32\wdi\bootperformancediagnostics_systemdata.bin
+ 2010-12-06 23:18 . 2012-03-11 08:51 15284 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-184446441-2391753829-3075136764-1000_userdata.bin
- 2010-12-06 23:18 . 2011-12-18 02:08 15284 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-184446441-2391753829-3075136764-1000_userdata.bin
+ 2011-12-22 15:31 . 2012-03-10 21:35 5526 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-184446441-2391753829-3075136764-1004_userdata.bin
+ 2012-03-11 09:00 . 2012-03-11 09:01 2062 c:\windows\softwaredistribution\eventcache\{4f9b322f-4818-4fea-9d7d-b67e90bdcaa4}.bin
- 2012-03-10 21:33 . 2012-03-10 21:33 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
+ 2012-03-11 08:48 . 2012-03-11 08:48 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
- 2012-03-10 21:33 . 2012-03-10 21:33 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
+ 2012-03-11 08:48 . 2012-03-11 08:48 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
+ 2010-12-06 23:52 . 2012-03-11 11:12 348516 c:\windows\system32\wdi\suspendperformancediagnostics_systemdata_s3.bin
- 2009-07-14 05:01 . 2012-03-10 21:32 384792 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-system.dat
+ 2009-07-14 05:01 . 2012-03-10 21:46 384792 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-system.dat
- 2011-12-23 22:38 . 2012-03-10 21:32 2432820 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-s-1-5-21-184446441-2391753829-3075136764-1004-12288.dat
+ 2011-12-23 22:38 . 2012-03-10 21:46 2432820 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-s-1-5-21-184446441-2391753829-3075136764-1004-12288.dat
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"updatelbpshortcut"=c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe [2009-05-20 222504]
"updatep2goshortcut"=c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe [2009-05-20 222504]
"boingo wi-fi"=c:\program files (x86)\boingo\boingo wi-fi\boingo.lnk [2010-10-08 2429]
"atkosd2"=c:\program files (x86)\asus\atk package\atkosd2\atkosd2.exe [2009-10-27 6998656]
"atkmedia"=c:\program files (x86)\asus\atk package\atk media\dmedia.exe [2009-08-20 170624]
"hcontroluser"=c:\program files (x86)\asus\atk hotkey\hcontroluser.exe [2009-06-19 105016]
"nod32kui"=c:\program files (x86)\eset\nod32kui.exe [2011-02-13 949376]
"nbagent"=d:\programmas\nero\nero backitup\nbagent.exe [2010-03-26 1234216]
"clmlserver"=c:\program files (x86)\cyberlink\power2go\clmlsvc.exe [2009-11-02 103720]
"asuswebstorage"=c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswspanel.exe [2011-08-17 737104]
"startccc"=c:\program files (x86)\atinew\ati.ace\core-static\clistart.exe [2011-11-09 343168]
"malwarebytes' anti-malware"=c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe [2012-01-13 460872]
.
c:\users\mmqi-thabi\appdata\roaming\microsoft\windows\start menu\programs\startup\
battery doubler.lnk - c:\program files (x86)\dachshund software\battery doubler\battery doubler.exe [2002-9-21 1534267]
.
c:\programdata\microsoft\windows\start menu\programs\startup\
fancystart daemon.lnk - c:\windows\installer\{2b81872b-a054-48da-be3b-fa5c164c303a}\_c4a2fc3e3722966204fdd8.exe [2010-10-8 12862]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"consentpromptbehavioruser"= 3 (0x3)
"enablelua"= 0 (0x0)
"enableuiadesktoptoggle"= 0 (0x0)
"promptonsecuredesktop"= 0 (0x0)
"enablelinkedconnections"= 1 (0x1)
.
[hkey_local_machine\system\currentcontrolset\control\lsa]
security packages reg_multi_sz kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
@="service"
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run-]
"adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
"adobe reader speed launcher"=c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
"divxupdate"=c:\program files (x86)\divx\divx update\divxupdate.exe /checknow
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe
.
r2 application updater;application updater;c:\program files (x86)\application updater\applicationupdater.exe [x]
r2 clr_optimization_v4.0.30319_32;microsoft .net framework ngen v4.0.30319_x86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
r3 amustor;am usb stroage driver;c:\windows\system32\drivers\amustor.sys [x]
r3 drvagent64;drvagent64;c:\windows\syswow64\drivers\drvagent64.sys [2011-12-30 21712]
r3 gupdate;google update service (gupdate);c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 135664]
r3 gupdatem;google update-service (gupdatem);c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 135664]
r3 microsoft sharepoint workspace audit service;microsoft sharepoint workspace audit service;c:\program files\microsoft office\office14\groove.exe [2011-06-12 51740536]
r3 nisdrv;microsoft network inspection system;c:\windows\system32\drivers\nisdrvwfp.sys [x]
r3 nissrv;microsoft network inspection;c:\program files\microsoft security client\antimalware\nissrv.exe [2011-04-27 288272]
r3 ose64;office 64 source engine;c:\program files\common files\microsoft shared\source engine\ose.exe [2010-01-09 174440]
r3 osppsvc;office software protection platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe [2010-01-09 4925184]
r3 sisgbelh;sis191/sis190 ethernet device ndis 6.0 driver;c:\windows\system32\drivers\sisg664.sys [x]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys [x]
r3 vwifimp;microsoft virtual wifi miniport service;c:\windows\system32\drivers\vwifimp.sys [x]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe [x]
r4 wlcrasvc;windows live mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-09-22 57184]
s1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys [x]
s1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [x]
s2 afbagent;afbagent;c:\windows\system32\fbagent.exe [x]
s2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe [x]
s2 asmmap64;asmmap64;c:\program files (x86)\asus\atk package\atkgfnex\asmmap64.sys [2009-07-03 15416]
s2 mbamservice;mbamservice;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2012-01-13 652360]
s2 naupdate;nero update;c:\program files (x86)\nero\update\nasvc.exe [2010-03-25 490280]
s2 tuneup.utilitiessvc;tuneup utilities service;c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesservice64.exe [2011-11-23 2118976]
s2 uns;intel(r) management & security application user notification service;c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe [2009-10-01 2314240]
s3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [x]
s3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [x]
s3 atihdaudioservice;amd function driver for hd audio service;c:\windows\system32\drivers\atihdw76.sys [x]
s3 etd;elan ps/2 port input device;c:\windows\system32\drivers\etd.sys [x]
s3 hecix64;intel(r) management engine interface;c:\windows\system32\drivers\hecix64.sys [x]
s3 l1c;ndis miniport driver for atheros ar813x/ar815x pci-e ethernet controller;c:\windows\system32\drivers\l1c62x64.sys [x]
s3 mbamprotector;mbamprotector;c:\windows\system32\drivers\mbam.sys [x]
s3 mpnwmon;microsoft malware protection network driver;c:\windows\system32\drivers\mpnwmon.sys [x]
s3 tuneuputilitiesdrv;tuneuputilitiesdrv;c:\program files (x86)\tuneup utilities 2012\tuneuputilitiesdriver64.sys [2011-11-09 11856]
.
.
inhoud van de 'gedeelde taken' map
.
2012-03-11 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 11:07]
.
2012-03-11 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files (x86)\google\update\googleupdate.exe [2010-10-08 11:07]
.
.
--------- x86-64 -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\asuswsshellext_b]
@="{6d4133e5-0742-4adc-8a8c-9303440f7190}"
[hkey_classes_root\clsid\{6d4133e5-0742-4adc-8a8c-9303440f7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\asuswsshellext_o]
@="{64174815-8d98-4ce6-8646-4c039977d808}"
[hkey_classes_root\clsid\{64174815-8d98-4ce6-8646-4c039977d808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\asus\asus webstorage\3.0.108.222\asuswsshellext64.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"etdware"=c:\program files\elantech\etdctrl.exe [2009-09-30 621440]
"systrayapp"=c:\program files\idt\wdm\sttray64.exe [2009-11-27 487424]
"amicosinglun64"=c:\program files (x86)\amicosinglun\amicosinglun64.exe [2009-09-01 323584]
"bcssync"=c:\program files\microsoft office\office14\bcssync.exe [2010-03-13 112512]
"msc"=c:\program files\microsoft security client\msseces.exe [2011-06-15 1436736]
.
------- bijkomende scan -------
.
ulocal page = c:\windows\system32\blank.htm
ustart page = hxxp://asus.msn.com
mlocal page = c:\windows\syswow64\blank.htm
ie: free youtube download - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
ie: free youtube to mp3 converter - c:\users\mmqi\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
lsp: c:\windows\system32\imon.dll
tcp: dhcpnameserver = 192.168.1.254
ff - profilepath - c:\users\mmqi\appdata\roaming\mozilla\firefox\profiles\9zj3c6wi.default\
ff - prefs.js: browser.search.defaulturl - hxxp://go.mail.ru/search?fr=fftb&utf8in&q=
ff - prefs.js: browser.search.selectedengine - yahoo
ff - prefs.js: keyword.url - hxxp://go.mail.ru/search?utf8in=1&fr=fftbufix&q=
ff - prefs.js: network.proxy.type - 0
ff - user.js: network.http.max-persistent-connections-per-server - 4
ff - user.js: nglayout.initialpaint.delay - 600
ff - user.js: content.notify.interval - 600000
ff - user.js: content.max.tokenizing.time - 1800000
ff - user.js: content.switch.threshold - 600000
.
- - - - orphans verwijderd - - - -
.
bho-{9bfba68e-e21b-458e-ae12-fe85e903d2c1} - c:\program files (x86)\altergeo\altergeo magic scanner\3.2.1.742\altergeo.browserplugin.dll
toolbar-locked - (no file)
.
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil11e_activex.exe,-101"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}\localserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flashutil11e_activex.exe
.
[hkey_local_machine\software\classes\wow6432node\clsid\{a483c63a-cdbc-426e-bf93-872502e8144e}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="shockwave flash object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
@="0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
@="shockwaveflash.shockwaveflash.10"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="shockwaveflash.shockwaveflash"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="macromedia flash factory object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
@="flashfactory.flashfactory.1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash11e.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="flashfactory.flashfactory"
.
[hkey_local_machine\software\classes\wow6432node\interface\{e3f2c3cb-5eb8-4a04-b22c-7e3b4b6af30f}]
@denied: (a 2) (everyone)
@="iflashbroker4"
.
[hkey_local_machine\software\classes\wow6432node\interface\{e3f2c3cb-5eb8-4a04-b22c-7e3b4b6af30f}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\wow6432node\interface\{e3f2c3cb-5eb8-4a04-b22c-7e3b4b6af30f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
voltooingstijd: 2012-03-11 12:41:28
combofix-quarantined-files.txt 2012-03-11 11:41
combofix2.txt 2012-03-10 21:39
.
pre-run: 50.560.442.368 bytes beschikbaar
post-run: 50.367.569.920 bytes beschikbaar
.
- - end of file - - e23b20caf6e34dc9884c3d9637f78b53

[/hjt]

Abraham54 · 11 mrt 2012

Re: Checkje.

We gaan zoeken.

Welk programma: Zoek.exe
Waarvoor/waarom: multifunktioneel tool
Moeilijkheidsgraad: geen.
Download: zoek.exe

"Zoek.exe" gebruiken:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start het tool middels dubbelklik op "Zoek.exe".
- Windows Vista en Windows 7: start het tool middels rechtsklik op "Zoek.exe" en dan kiezen voor Als Administrator uitvoeren.

Er start nu een zwart CMD/Opdrachtpromptvenster op.

Typ nu in dat venster B gevolgd door Enter om "Custom search" te starten.
Een kladblokdocument met de naam "input.txt" zal nu openen.
Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenster

Code:

[B][color=#0000FF]
go.mail.ru;
Search;
AlterEgo
[/COLOR][/B]

Wanneer je de blauwe gekleurde tekst in het lege kladblokvenster geplakt hebt, mag je input.txt sluiten, laat de wijzigingen opslaan.

Hierna begint de scan te lopen, wacht geduldig tot een log opent en post het resultaat in je volgende bericht.

yowaambie · 11 mrt 2012

Re: Checkje.

Tis trouwens wel echt een super grote log ...

Zoek.exe Version 2.0.0.9 Updated 04-March-2012
Tool run by mmqi on zo 11-03-2012 at 13:56:39,60.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running from: C:\Users\mmqi\Desktop\zoek.exe

==== Folders Found ======================

2010-12-12 23:13:35 2011-07-24 13:14:50 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-07 16:55:59 2012-03-01 14:13:22 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot\Search Settings
2010-12-06 23:19:12 2011-02-19 18:51:43 -------- d-----w- C:\Program Files (x86)\Microsoft\Search Enhancement Pack
2011-02-19 18:48:46 2011-02-19 18:48:46 -------- d-----w- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension
2010-12-06 23:21:14 2011-02-19 18:48:46 -------- d-----w- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper
2011-02-19 18:48:34 2011-02-19 18:48:34 -------- d-----w- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Installers\SearchEnhancementPack3.0.133
2011-02-19 18:48:46 2011-02-19 18:48:46 -------- d-----w- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
2010-12-07 13:17:24 2012-02-12 22:45:29 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox\searchplugins
2010-12-12 23:13:35 2011-07-24 13:15:06 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2010-12-06 23:15:07 2010-12-06 23:15:07 -------- d-----w- C:\ProgramData\Microsoft\Search
2010-12-06 23:21:14 2011-02-19 18:48:45 -------- d-----w- C:\ProgramData\Microsoft\Search Enhancement Pack
2011-02-19 18:48:45 2011-02-19 18:49:02 -------- d-----w- C:\ProgramData\Microsoft\Search Enhancement Pack\Search Box Extension
2010-12-06 19:22:15 2010-12-06 19:22:15 -------- d-----w- C:\ProgramData\Microsoft\Search Enhancement Pack\Search Helper
2010-12-12 23:13:35 2011-07-24 13:15:06 -------- d-----w- C:\Users\All Users\Spybot - Search & Destroy
2010-12-06 23:15:07 2010-12-06 23:15:07 -------- d-----w- C:\Users\All Users\Microsoft\Search
2010-12-06 23:21:14 2011-02-19 18:48:45 -------- d-----w- C:\Users\All Users\Microsoft\Search Enhancement Pack
2011-02-19 18:48:45 2011-02-19 18:49:02 -------- d-----w- C:\Users\All Users\Microsoft\Search Enhancement Pack\Search Box Extension
2010-12-06 19:22:15 2010-12-06 19:22:15 -------- d-----w- C:\Users\All Users\Microsoft\Search Enhancement Pack\Search Helper
2011-12-22 15:30:59 2012-02-18 02:18:03 -------- d-----r- C:\Users\mmqi\Searches
2012-02-07 16:56:11 2012-02-07 16:59:29 -------- d-----w- C:\Users\mmqi\AppData\LocalLow\Search Settings
2011-12-22 15:35:46 2011-12-22 15:35:46 -------- d-----w- C:\Users\mmqi\AppData\LocalLow\Microsoft\Search Enhancement Pack
2011-12-22 15:35:46 2011-12-22 15:35:46 -------- d-----w- C:\Users\mmqi\AppData\LocalLow\Microsoft\Search Enhancement Pack\Search Box Extension
2012-01-18 20:46:02 2012-01-27 00:22:29 -------- d-----w- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\searchplugins
2010-12-06 23:25:00 2012-03-09 13:18:56 -------- d-----r- C:\Users\Mmqi-Thabi\Searches
2011-02-22 22:52:55 2011-02-22 22:52:55 -------- d-----w- C:\Users\Mmqi-Thabi\AppData\Local\Research In Motion
2012-02-25 07:56:20 2012-02-25 07:56:20 -------- d-----w- C:\Users\Mmqi-Thabi\AppData\LocalLow\Search Settings
2010-12-07 00:48:44 2010-12-07 00:48:44 -------- d-----w- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Search Enhancement Pack
2010-12-07 00:48:44 2011-02-26 18:33:19 -------- d-----w- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Search Enhancement Pack\Search Box Extension
2010-12-07 13:23:05 2010-12-07 13:23:05 -------- d-----w- C:\Users\Mmqi-Thabi\AppData\Roaming\Google\Local Search History
2010-12-07 19:39:16 2012-03-01 14:39:38 -------- d-----w- C:\Users\Mmqi-Thabi\AppData\Roaming\Mozilla\Firefox\Profiles\mc5hymid.default\searchplugins
2009-07-14 05:32:38 2010-12-14 08:09:00 -------- d-----w- C:\Windows\diagnostics\system\Search
2009-07-14 05:32:38 2009-08-04 10:40:10 -------- d-----w- C:\Windows\inf\wsearchidxpi
2009-07-14 05:32:38 2009-07-14 05:32:40 -------- d-----w- C:\Windows\System32\migwiz\replacementmanifests\WindowsSearchEngine
2009-07-14 05:32:38 2009-07-14 05:32:40 -------- d-----w- C:\Windows\SysWOW64\migwiz\replacementmanifests\WindowsSearchEngine
2009-08-04 10:14:17 2009-08-04 10:14:17 -------- d-----w- C:\Windows\winsxs\amd64_desktop_shell-search-srchadmin.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_39668b264bed83dc
2009-07-14 05:30:30 2009-07-14 05:30:30 -------- d-----w- C:\Windows\winsxs\amd64_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7600.16385_none_a7bf97adb28bd7c2
2011-05-26 22:01:13 2011-05-26 22:01:13 -------- d-----w- C:\Windows\winsxs\amd64_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7601.17514_none_a9f0ab75af7a5b5c
2009-07-14 03:20:30 2009-07-14 03:20:30 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-bits-igdsearcher_31bf3856ad364e35_6.1.7600.16385_none_0d612eb0a8b155ff
2011-07-01 09:03:10 2011-07-01 09:03:10 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7600.16808_none_1b3c97835a989f39
2011-07-01 09:03:10 2011-07-01 09:03:10 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7600.20959_none_1b9124fc73dde40f
2011-07-01 09:03:09 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7601.17610_none_1d10224d57ce5c5e
2011-07-01 09:03:09 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7601.21720_none_1d8eef2c70f41819
2009-08-04 10:14:17 2009-08-04 10:14:17 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-search-adm.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_2ce8f709cc1e56d0
2009-07-14 05:30:30 2009-07-14 05:30:30 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-search-adm_31bf3856ad364e35_7.0.7600.16385_none_6f015050e39c93c8
2009-07-14 05:30:30 2009-07-14 05:30:30 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-search-profilenotify_31bf3856ad364e35_7.0.7600.16385_none_6c2fc3a30824c67e
2009-07-14 05:30:30 2009-07-14 05:30:30 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-searchdiagnostic_31bf3856ad364e35_6.1.7600.16385_none_8d9dc2260d0e1a98
2009-08-04 10:13:49 2009-08-04 10:13:49 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_925853f4aec06251
2009-07-14 03:20:38 2009-07-14 03:20:38 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_f6652b9de2fd8a41
2011-05-26 21:59:32 2011-05-26 21:59:32 -------- d-----w- C:\Windows\winsxs\amd64_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7601.17514_none_f8963f65dfec0ddb
2009-07-14 05:30:30 2009-07-14 05:30:30 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchcomponent_31bf3856ad364e35_6.1.7600.16385_none_35b2f9824cfb0f36
2009-07-14 03:20:42 2009-07-14 03:20:42 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16385_none_2c1b509073f8dc03
2010-12-08 08:00:50 2010-12-08 08:00:50 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16587_none_2c1d54f073f708ff
2010-12-08 08:00:50 2010-12-08 08:00:50 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.20707_none_2cfd73018cd3c668
2011-05-26 21:58:45 2011-05-26 21:58:45 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7601.17514_none_2e4c645870e75f9d
2009-08-04 10:14:17 2009-08-04 10:14:17 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_cd678b73b6d72d83
2009-07-14 05:30:30 2009-07-14 05:30:30 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_cf4f145f352676dd
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_cfa89e1b34e2d51d
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_cffd2b944e2819f3
2011-05-23 21:20:58 2011-05-26 22:01:13 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_d1faf5c44b3e4dfd
2009-08-04 10:14:17 2009-08-04 10:14:17 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_d7bc35c5eb37ef7e
2009-07-14 05:30:37 2009-07-14 05:30:37 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_d9fd486d69439718
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_da51d5e68288dbee
2011-05-23 21:21:53 2011-05-26 22:01:15 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_dbd0d3376679543d
2011-06-29 14:15:54 2011-07-01 09:03:09 -------- d-----w- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_dc4fa0167f9f0ff8
2009-08-04 10:14:17 2009-08-04 10:14:17 -------- d-----w- C:\Windows\winsxs\x86_desktop_shell-search-srchadmin.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_dd47efa2939012a6
2009-07-14 05:30:37 2009-07-14 05:30:37 -------- d-----w- C:\Windows\winsxs\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7600.16385_none_4ba0fc29fa2e668c
2011-05-26 22:01:15 2011-05-26 22:01:15 -------- d-----w- C:\Windows\winsxs\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7601.17514_none_4dd20ff1f71cea26
2009-08-04 10:13:52 2009-08-04 10:13:52 -------- d-----w- C:\Windows\winsxs\x86_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_3639b870f662f11b
2009-07-14 03:20:58 2009-07-14 03:21:09 -------- d-----w- C:\Windows\winsxs\x86_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_9a46901a2aa0190b
2011-05-26 21:57:51 2011-05-26 21:57:51 -------- d-----w- C:\Windows\winsxs\x86_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7601.17514_none_9c77a3e2278e9ca5
2009-07-14 05:30:37 2009-07-14 05:30:37 -------- d-----w- C:\Windows\winsxs\x86_windowssearchcomponent_31bf3856ad364e35_6.1.7600.16385_none_d9945dfe949d9e00
2009-07-14 03:21:01 2009-07-14 03:21:09 -------- d-----w- C:\Windows\winsxs\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16385_none_cffcb50cbb9b6acd
2010-12-08 08:00:50 2010-12-08 08:00:50 -------- d-----w- C:\Windows\winsxs\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16587_none_cffeb96cbb9997c9
2010-12-08 08:00:50 2010-12-08 08:00:50 -------- d-----w- C:\Windows\winsxs\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.20707_none_d0ded77dd4765532
2011-05-26 21:59:30 2011-05-26 21:59:30 -------- d-----w- C:\Windows\winsxs\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7601.17514_none_d22dc8d4b889ee67

==== Files Found ======================

--- C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHLTS.DLL ---
Company: Microsoft Corporation
File Description: Microsoft OneNote Audio Search East Asian Phonetic Parser
File Version: 14.0.6009.1000
Product Name: Microsoft OneNote
Copyright: 2010 Microsoft Corporation. All rights reserved.
Original Filename: AudioSearchLTS.dll
File type: ----a-w-
File size: 143800
Created time: 2010-10-20 10:33:30
Modified time: 2010-10-20 10:33:30
MD5: 3B5E1A6D562836E67EBF00AF973695D7
SHA1: 0459922BC7F6028D7559ACF57500582136106C3C

--- C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHMAIN.DLL ---
Company: Microsoft Corporation
File Description: Microsoft OneNote Audio Search
File Version: 14.0.6009.1000
Product Name: Microsoft OneNote
Copyright: 2010 Microsoft Corporation. All rights reserved.
Original Filename: AudioSearchMain.dll
File type: ----a-w-
File size: 1667960
Created time: 2010-10-20 10:33:34
Modified time: 2010-10-20 10:33:34
MD5: FC93C1BC4AFB2C0C6CA56124FE94BAB1
SHA1: 5649E2CC44BDF42729E0B7C20F6C89FA2C9D6227

--- C:\Program Files\Microsoft Office\Office14\AUDIOSEARCHSAPIFE.DLL ---
Company: Microsoft Corporation
File Description: Microsoft OneNote Audio Search API Front End
File Version: 14.0.6009.1000
Product Name: Microsoft OneNote
Copyright: 2010 Microsoft Corporation. All rights reserved.
Original Filename: AudioSearchSapiFe.dll
File type: ----a-w-
File size: 2242456
Created time: 2010-10-20 10:33:30
Modified time: 2010-10-20 10:33:30
MD5: AD540C883184F73B542E4CEEF9E4F98F
SHA1: FD96FB18101AE709AEBEE50E0091D7B4AD9A18BD

--- C:\Program Files\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\SEARCH.GIF ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1199
Created time: 2007-02-04 08:25:08
Modified time: 2007-02-04 08:25:08
MD5: 9B1C82E57D92D90FB55EB4E12A22D57B
SHA1: 748481E7DEC4F865E50667CC3768B49570A2B5C3

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3573
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: 6DD6B9EA723D75990FA36CA79B9E8732
SHA1: F25E26CFEB0762300F6EE6CB0687AC11726FDCBB

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3581
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: C04DB72ABB3CFDC44E0D503B96D82D7E
SHA1: 8911E9852C762733671474AD0ACA13CE76EC4530

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3559
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: 1CD0EEEA637FCC2E759C6A3BA5331E33
SHA1: 367BD0260E8569461060CBC9D86E8CFC776792AD

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3582
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: A76EF777CABDA865DB088BC1091164F7
SHA1: AA66AFEAC354B367FF23213A152AE0F3B1219DCF

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: C4FDC276ACE4129C8A9B3E79E8FC5103
SHA1: 268738FA7056C7A5C4C83B3A2647E947BF6A2093

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3456
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: B2547E1B4B133B1312D3D8ED999CEF72
SHA1: 0D67E5203A75C5A858EDE12694C19AE49948F231

--- C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 482
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:22
MD5: E34043F0378ACDD4E2F3FB1F76B8EC91
SHA1: 7BD0E52B9F7FAF988C0BF7FCDDF6A90DFBDE7847

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.api ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.4.6.252
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2010 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 398947
Created time: 2011-09-07 15:15:44
Modified time: 2011-09-07 15:15:44
MD5: DD282C62C5FBF42CD52D62C87D52789B
SHA1: 463AEC0988E38808B225ABB850D94B05F80A793A

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.CHS ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 45056
Created time: 2009-02-27 23:47:28
Modified time: 2009-02-27 23:47:28
MD5: 69E0A1736298FE5E4F69182BCAA3F179
SHA1: DAF146ED9AA3E907E43C9F79410519C7D50DB4E6

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.CHT ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 45056
Created time: 2009-02-27 23:50:44
Modified time: 2009-02-27 23:50:44
MD5: AC89C95C46B5BA9494AFFCF679FD3292
SHA1: 7CBAC005E865BC312C65356B4DC41CC3C4691D9F

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.DAN ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 53248
Created time: 2009-02-28 01:09:34
Modified time: 2009-02-28 01:09:34
MD5: C2748A8E67F739AC33B658CAE719D78B
SHA1: 662F70F990E749F42BA1829526EF175223636F00

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.DEU ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 57344
Created time: 2009-02-27 23:42:04
Modified time: 2009-02-27 23:42:04
MD5: DBD9AF6027B9AFBCBD84B961EE07EB66
SHA1: 3CBB08476C01A15A54B9419E8E58733C71E71B90

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.ESP ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 57344
Created time: 2009-02-28 01:36:38
Modified time: 2009-02-28 01:36:38
MD5: BA4FFB1406BAD9F52A5208100E959F40
SHA1: DBE5407E1B8CAA1C4636F28C5C87C33849D7E132

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.FRA ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 57344
Created time: 2009-02-27 23:38:26
Modified time: 2009-02-27 23:38:26
MD5: 6656CC0A22923963C01A3E3C71F9FC60
SHA1: 0B8532C4EA6963832BC5A9889E2304EFB85F80D9

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.ITA ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 57344
Created time: 2009-02-28 01:44:18
Modified time: 2009-02-28 01:44:18
MD5: 48B7547B933D7792F70FA7D11FDE4BED
SHA1: 6DE5C49322DB112809AEB8C3DC2F60F081620A3C

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.JPN ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 49152
Created time: 2009-02-27 23:44:46
Modified time: 2009-02-27 23:44:46
MD5: A6886E82A557BD279F813AF42EC54454
SHA1: AE8F1BC37D11C0A8C41EE4F2CB4A1E8ADA62287C

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.KOR ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 49152
Created time: 2009-02-28 01:03:46
Modified time: 2009-02-28 01:03:46
MD5: 21D7D9ADAF1063758AE5737D778F72CE
SHA1: D122D2EAE6D51A0EAE05BAB2361E3C2F7E11D67D

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.NLD ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 57344
Created time: 2009-02-28 01:14:28
Modified time: 2009-02-28 01:14:28
MD5: E714E7792E4FC4286956AF27112CCCB2
SHA1: 3AEDCB24BF314A40FE41C7408680A1037EAD5D66

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.NOR ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 53248
Created time: 2009-02-28 01:19:40
Modified time: 2009-02-28 01:19:40
MD5: B1E8E665C04CBFB7575C07BFACD6BF06
SHA1: F2C0AA9D7DD430E965623BAD025ED1DB25759E48

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.PTB ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 53248
Created time: 2009-02-28 01:50:06
Modified time: 2009-02-28 01:50:06
MD5: 2998BD95801186C361640B79F883485F
SHA1: 068C92C59DD17FC5412330DAFF74E2AC3770FAC2

---------- Bericht toegevoegd om 13:53 ---------- Vorige bericht geplaatst om 13:52 ----------

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.SUO ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 53248
Created time: 2009-02-28 01:31:32
Modified time: 2009-02-28 01:31:32
MD5: A6DB295442A307BF9965E59AAA37EE56
SHA1: D3FB638B0B2F06652C4D0A1AA99ED5D2009E66B2

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search.SVE ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 53248
Created time: 2009-02-28 01:26:20
Modified time: 2009-02-28 01:26:20
MD5: 614E8DA7C61C6FF95A1D59085031F8D9
SHA1: EC32CA6C37F2AF81A5D29B62358EE471CDF3CACD

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.api ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.4.6.252
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2010 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 86115
Created time: 2011-09-07 15:12:21
Modified time: 2011-09-07 15:12:21
MD5: 5D104B45F2DEF96ED6B15ACE40D4062B
SHA1: 275C624C67FC0D73696D5CDB012205FDB6C3E8C9

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.DEU ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 12288
Created time: 2009-02-27 23:42:04
Modified time: 2009-02-27 23:42:04
MD5: 21D7CB9729E4AC242BE0FC1FF3EF3B80
SHA1: 8B437499FC2F9AA6F24221C7934297853E35226F

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.ESP ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 11776
Created time: 2009-02-28 01:36:44
Modified time: 2009-02-28 01:36:44
MD5: BB4AD036E5C07BA67E8B8969F6C096A9
SHA1: 59038BEF8B96B8513A7CBC73FB39CBB09683E5A6

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.FRA ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 12288
Created time: 2009-02-27 23:38:34
Modified time: 2009-02-27 23:38:34
MD5: 5C0C2CE154C76A649EB5F19BF765E872
SHA1: F0C0C4C562E1B2CF1B0C9E87A1328A5C67BBF169

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.ITA ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 11776
Created time: 2009-02-28 01:44:30
Modified time: 2009-02-28 01:44:30
MD5: 33C4D1329E5ADEDA1DBE35531BCE38BA
SHA1: 48926C457FEC01E87333F70C6CFC1A5A0D466F32

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.NLD ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 12288
Created time: 2009-02-28 01:14:34
Modified time: 2009-02-28 01:14:34
MD5: 190AD72AB9DA2BB2EA09280F85B8204C
SHA1: 8F64E2F86B1DBD811719AD80CDEEC00149210616

--- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Search5.SVE ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-w-
File size: 11264
Created time: 2009-02-28 01:26:22
Modified time: 2009-02-28 01:26:22
MD5: 1F5A46B2A83926FF1F204037ADD86098
SHA1: E96E82116913C723072DE9C3A939BF34A0095A71

--- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ICON\savedsearch.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 171340
Created time: 2010-09-15 10:01:38
Modified time: 2010-09-15 10:01:38
MD5: 745C7C4D8C0FBC9CF4D79216C5AA9478
SHA1: 15C57D3026DF5E4E3CF69255469C0BF5AE945C06

--- C:\Program Files (x86)\Common Files\Windows Live\.cache\407600d61cb9e2d1d\InstallerService\brands\WLE\WLE\DistribConfigs\SearchAppDistribConfig.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 34130
Created time: 2010-09-22 12:25:50
Modified time: 2010-09-22 12:25:50
MD5: 42BF15B70EACC0F357FCDC1DBBB2CB70
SHA1: 10BD996C64EBC70FE6606CBA9DD4CAC0658DAB58

--- C:\Program Files (x86)\Common Files\Windows Live\.cache\407600d61cb9e2d1d\OEM\Packages\default\SearchEnhancementPackSetup.EXE ---
Company: Microsoft Corporation
File Description: Win32 Cabinet Self-Extractor
File Version: 7.0.6436.1 (fbl_tools_build(chipc).070521-1224)
Product Name: Microsoft Windows Operating System
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WEXTRACT.EXE
File type: ----a-w-
File size: 825640
Created time: 2010-09-22 12:11:04
Modified time: 2010-09-22 12:11:04
MD5: 51ADC5DE31075E2E3804725C78A9987B
SHA1: 6A9F81F3D3A23B3BE1F16A590CF4C3986BFD460C

--- C:\Program Files (x86)\CyberLink\Power2Go\Image\search.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3593
Created time: 2009-07-03 20:40:22
Modified time: 2009-07-03 20:40:22
MD5: 330A3E33365FDA4EC528D34FB6922AA3
SHA1: D1ECC99940409DDE0BCB060D7072ABC9D35DA18A

--- C:\Program Files (x86)\CyberLink\Power2Go\Image\HDPI\search.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 4062
Created time: 2009-07-06 17:09:50
Modified time: 2009-07-06 17:09:50
MD5: 5D5175CCC0C20AB024540F8D3D236CE5
SHA1: 42022E87D9221ED129CC6AE7395509B109D711DD

--- C:\Program Files (x86)\Foxit Software\Foxit Reader\Advertisement\Fastest PDF Index and Search.bmp ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12056
Created time: 2012-02-27 00:29:18
Modified time: 2011-11-24 09:26:40
MD5: 1C37FCFC32029208EAE5DC66E7D9B282
SHA1: E7F48BBB72F027534EA86852DFC5CF838CCED041

--- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Installers\SearchEnhancementPack3.0.133\SearchEnhancementPack.msi ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 867840
Created time: 2011-02-19 18:48:34
Modified time: 2010-09-22 11:06:52
MD5: 3433E0BA56934A4B78672EC2BD88E2B6
SHA1: CD79A572C60A61091F7BE04FF0048AECB28694D6

--- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SearchOptionsFlyout.xap ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 22105
Created time: 2010-09-22 11:03:40
Modified time: 2010-09-22 11:03:40
MD5: 514FF0C51BD34396485BFA9940164CCB
SHA1: 28D1FB8A057068A5FD8EFA27500FD470A53ED8F4

--- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SearchOptionsFlyoutLoc.xap ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 85427
Created time: 2010-09-22 11:03:38
Modified time: 2010-09-22 11:03:38
MD5: 29974849FE7E52B1DA8921CCEEBF2CBD
SHA1: 88BCA23B143326F84FA19D7E6791B2D746FAF7AA

--- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll ---
Company: Microsoft Corp.
File Description: Microsoft Search Helper Extention
File Version: 1.2.118.0
Product Name: Microsoft Search Helper Extention
Copyright: Copyright 1995-2006 Microsoft Corp.
Original Filename: SearchHelper.dll
File type: ----a-w-
File size: 92504
Created time: 2008-12-04 14:59:06
Modified time: 2008-12-04 14:59:06
MD5: C5700CD3293E88BE85C73ECCCE772E9E
SHA1: BD1828D59C4406C0219AD959372ED33635B2DC41

--- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll ---
Company: Microsoft Corporation
File Description: Search Helper for Internet Explorer
File Version: 3.0.133.0
Product Name: Microsoft Search Enhancement Pack
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchHelper.dll
File type: ----a-w-
File size: 191792
Created time: 2010-09-22 11:03:38
Modified time: 2010-09-22 11:03:38
MD5: A4AD1AA4C57409480C1D84BBCA6BECF0
SHA1: 2F95B5EF177A166D0BB58B0B69521634F6127674

--- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll ---
Company: Microsoft Corporation
File Description: Microsoft Search Helper for Firefox
File Version: 3.0.133.0
Product Name: Microsoft Search Enhancement Pack
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SEPsearchhelperff.dll
File type: ----a-w-
File size: 231728
Created time: 2010-09-22 11:03:38
Modified time: 2010-09-22 11:03:38
MD5: 4471CCB0C0C2069E254657EE56787561
SHA1: 6B002D128578615C083110207ECB0B0BB056C4CE

--- C:\Program Files (x86)\PokerStars\gx\lobby\search-header.a.bmp ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 394
Created time: 2012-02-21 15:24:27
Modified time: 2012-02-21 15:24:27
MD5: E6FA973E442E0652D43E287A04B9890D
SHA1: 2269E0D7F9C0B8C49E0C0CAA4E1A1966BF1C1D48

--- C:\Program Files (x86)\PokerStars\gx\lobby\search-header.bmp ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1066
Created time: 2012-02-21 15:24:27
Modified time: 2012-02-21 15:24:27
MD5: E0E0E2097B2280E423090D3D007F54BC
SHA1: B0D66E1C470B44E9F461BC84841687C82D82B806

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\FileSearch.avi ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 6144
Created time: 2012-02-07 16:51:46
Modified time: 2009-09-25 13:00:00
MD5: 22F29CB467B009A4F312ABBA06173014
SHA1: 594AD780FA14E3C0E504A70FFA47688DE3643918

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\icon_web-search_16.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 963
Created time: 2012-02-07 16:51:46
Modified time: 2009-09-25 13:00:00
MD5: 3A0C884990314F4F997E71440A4AF125
SHA1: 87258F5F1857FE284CCEB9D1C53CC96081037402

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\icon_web-search_24.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1758
Created time: 2012-02-07 16:51:46
Modified time: 2009-09-25 13:00:00
MD5: 426A21D0FCB6CBCF8F78B99C353FBA45
SHA1: 2E43F9E2F33378D6CC9AFAA0744F4DBC1BEF090D

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_foldersearch_16x16.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 2862
Created time: 2012-02-07 16:51:46
Modified time: 2009-09-25 13:00:00
MD5: 921E7B247D9FF328049D450BFF3F071F
SHA1: F218F5683B891AC661F6BB04A3AE08DE3079AD13

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_foldersearch_16x16.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 590
Created time: 2012-02-07 16:51:46
Modified time: 2009-09-25 13:00:00
MD5: AC846F42F6F6EA7398EF816DCF4F4110
SHA1: 51496236D779664FEA843E40C256D4292D178979

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\Ico_alpha_OperaSpeedDialSearch_32x32.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 2832
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: A5BC1FA4A1AFAC00A210253DDE8D9418
SHA1: 9E7A27630BD13400C229AC170EC3FD797146477F

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_SearchFile_32x32.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1478
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: 26AFDC24D424152B98A8EA235DF07EE4
SHA1: 4AD39C28C9D4962CD1F78D5161828DFF556F3F92

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_SearchIndex_16x16.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 742
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: DC1E4B6E8D726013EFBB5F6634B40694
SHA1: 5F6FE4C9C169D923D63A0BBC75845BC45ECFA242

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\Ico_alpha_SearchIndex_32x32.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 2103
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: 5928F7C0E7E984BBD42F99D6B35EB19B
SHA1: 22752AC59C85365C99C8B540D1D86969B61DE5F1

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\Ico_alpha_SearchIndex_48x48.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 3737
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: B879D9351A85CCDCD4D7C1A1CE54EB14
SHA1: 09967D94D5D9D0D8F4472F6C9A1F491A86409349

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_16x16.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 2862
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: 5F10F61A682CC5FEB2B88E2D77408CC7
SHA1: 44E048E9A2215C17D4951AD1BFF30F8AB2C3EFC3

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_16x16.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 691
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: 5A6AF2BB36F447BED90089AC202E11F5
SHA1: 0441C37780D97A032C24918ABBB6D26FE0AA0040

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_16x16_small.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1150
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: DD58998AE713C6EEF309196491FBEA4B
SHA1: 8C84470B962320ED607DE4CA8474C7C636F3FF3A

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_16x16_small_ani1.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1150
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: 7EE8DC48839604986F20169BA6421510
SHA1: 9D5719AF7B737E41946681C42F826C33548ABD18

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_16x16_small_ani2.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1150
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: A765F6CDFA4F5CCAB1F26AFEED389528
SHA1: 28DFFAE992EF5FA911AA6A3F9E18D01B322B2D19

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_16x16_small_grey.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 2550
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: D99597B5D1673CE0BBBCE1B327F4A8BF
SHA1: 542979284B00A9FE0CBCDD723B0D511EB69742DE

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_24x24.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1805
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: F0BFB68AD08DD73910EA863ED53AF0CD
SHA1: 63EB7B19746EB6F70EBE9CED3B5D69306A4FC404

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\ico_alpha_Search_32x32.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1912
Created time: 2012-02-07 16:51:47
Modified time: 2009-09-25 13:00:00
MD5: 068C8DE3BF4E2693700E48FDFF8F1AA8
SHA1: D8AC99D91539793B1EECC420395EFD8E7229A19B

--- C:\Program Files (x86)\TuneUp Utilities 2012\data\StartUpManager\icon_web-search_16.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 963
Created time: 2012-02-07 16:51:53
Modified time: 2009-09-25 13:00:00
MD5: 3A0C884990314F4F997E71440A4AF125
SHA1: 87258F5F1857FE284CCEB9D1C53CC96081037402

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3573
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: 6DD6B9EA723D75990FA36CA79B9E8732
SHA1: F25E26CFEB0762300F6EE6CB0687AC11726FDCBB

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3581
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: C04DB72ABB3CFDC44E0D503B96D82D7E
SHA1: 8911E9852C762733671474AD0ACA13CE76EC4530

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3559
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: 1CD0EEEA637FCC2E759C6A3BA5331E33
SHA1: 367BD0260E8569461060CBC9D86E8CFC776792AD

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3582
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: A76EF777CABDA865DB088BC1091164F7
SHA1: AA66AFEAC354B367FF23213A152AE0F3B1219DCF

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: C4FDC276ACE4129C8A9B3E79E8FC5103
SHA1: 268738FA7056C7A5C4C83B3A2647E947BF6A2093

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3456
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: B2547E1B4B133B1312D3D8ED999CEF72
SHA1: 0D67E5203A75C5A858EDE12694C19AE49948F231

--- C:\Program Files (x86)\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 482
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: E34043F0378ACDD4E2F3FB1F76B8EC91
SHA1: 7BD0E52B9F7FAF988C0BF7FCDDF6A90DFBDE7847

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\content\searchbox.js ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 25319
Created time: 2012-02-06 17:03:48
Modified time: 2012-02-06 17:03:48
MD5: ED951561C7B0A02250EA78AA72EC4FB6
SHA1: 12DAF857BBC96D28BDA075EC2E4BDEA9FD2C3B82

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\content\searchbox.xul ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1232
Created time: 2012-02-06 17:03:48
Modified time: 2012-02-06 17:03:48
MD5: 6837D83151C3099CF19157E7F777A1E6
SHA1: 84223006AA0FE92850D3345EFDF0E523A8E1715A

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\searchbox.dtd ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 210
Created time: 2012-02-06 17:03:48
Modified time: 2012-02-06 17:03:48
MD5: 191B52AE52EB3FD75712A9B6D0F73684
SHA1: FA0437A5C4429BC745F7344EC1007DD18F4EF9B0

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-button-hover.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1029
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 4922C75F4D9975F847E2CAE95D69BC09
SHA1: 17FF194465ACB2228582E8AD507FC7145F3C70D6

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-button.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1037
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 4950662A97FB05D1C5DCE6A2192ADB8E
SHA1: A7D6E05A80BF151B352C612795D9DF9EA0BE66BD

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-chevron-hover.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 948
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 03D6C15A2D04370DB72FC1D43F92B3E6
SHA1: 80C4E24710EEB8FC342BE6698759D53168801F1C

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-chevron.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 846
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 4FE6D25A5D981847730E75DA391B66DC
SHA1: 88D165AEC6CA1BA4EE0A56A877CB16987DA9B0DC

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-baidu.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1259
Created time: 2011-08-31 09:46:02
Modified time: 2011-08-31 09:46:02
MD5: A2E91E3B248057B231B1493409D8953C
SHA1: F22A23C222E00B270C343A8739E833BDB580E6A5

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-yahoo.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 560
Created time: 2011-08-31 09:46:02
Modified time: 2011-08-31 09:46:02
MD5: B91B62F6569680EB66C0720F77A981E8
SHA1: A1B99489932F8CEED1CCFBEBB8E2B6B2397EE1B6

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-yandex.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 576
Created time: 2011-08-31 09:46:02
Modified time: 2011-08-31 09:46:02
MD5: 81E726D703BC5860BA3DAE654BE89560
SHA1: 17105D7A974DA8EABB544CF0912B8F5F15BAB446

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\searchbox.css ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1455
Created time: 2012-02-06 17:03:48
Modified time: 2012-02-06 17:03:48
MD5: 77896054267B62A14404BF4033B4FC8C
SHA1: 3124904C0D186487220FC28C23297AD7B9C2408F

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search_amazon.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1004
Created time: 2010-01-26 15:42:44
Modified time: 2010-01-26 15:42:44
MD5: 2329A190840620B30D80C7E8F4B4C51C
SHA1: 608BC0069EA0041E70E8D62BC8970A115D52B0AC

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search_baidu.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 614
Created time: 2011-08-31 10:02:06
Modified time: 2011-08-31 10:02:06
MD5: 35413285571F6052D773CFE59C1DF7E9
SHA1: AC8CE8A7E602A266F3CD8B4C503EE8478501D152

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search_ebay.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 929
Created time: 2010-01-26 15:42:44
Modified time: 2010-01-26 15:42:44
MD5: 69286ABD58F84241A321A06D14A3B1BE
SHA1: 46D35D1573CF615C79070D6290F9BA6C665B8B5C

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search_yahoo.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 941
Created time: 2010-01-26 15:42:44
Modified time: 2010-01-26 15:42:44
MD5: 7C8E1580C8FFDD48909C6BE4FAABE2DA
SHA1: 315C1573D166267223CF5059ECFA2860CD6C4866

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search_yandex.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 327
Created time: 2011-08-31 10:02:06
Modified time: 2011-08-31 10:02:06
MD5: 615699B55309FC7B68FA25F4E679B9D5
SHA1: D9EAA6DEAED485E4F424AC7BDE97E09659B60394

--- C:\Program Files (x86)\YouTube Downloader Toolbar\FF\chrome\skin\search_youtube.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 996
Created time: 2010-02-01 11:27:58
Modified time: 2010-02-01 11:27:58
MD5: 49D99EDDB7BCB1EB9A3BCEAF6DDB8F53
SHA1: 70EF64AEF8F1B36B630BFA1C179D43F21632DC85

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search-button-hover.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1029
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 4922C75F4D9975F847E2CAE95D69BC09
SHA1: 17FF194465ACB2228582E8AD507FC7145F3C70D6

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search-button.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1037
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 4950662A97FB05D1C5DCE6A2192ADB8E
SHA1: A7D6E05A80BF151B352C612795D9DF9EA0BE66BD

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search-chevron-hover.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 948
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 03D6C15A2D04370DB72FC1D43F92B3E6
SHA1: 80C4E24710EEB8FC342BE6698759D53168801F1C

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search-chevron.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 846
Created time: 2008-12-30 10:22:36
Modified time: 2008-12-30 10:22:36
MD5: 4FE6D25A5D981847730E75DA391B66DC
SHA1: 88D165AEC6CA1BA4EE0A56A877CB16987DA9B0DC

yowaambie · 11 mrt 2012

Re: Checkje.

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search_amazon.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1004
Created time: 2010-01-26 15:42:44
Modified time: 2010-01-26 15:42:44
MD5: 2329A190840620B30D80C7E8F4B4C51C
SHA1: 608BC0069EA0041E70E8D62BC8970A115D52B0AC

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search_baidu.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 614
Created time: 2011-08-31 10:02:06
Modified time: 2011-08-31 10:02:06
MD5: 35413285571F6052D773CFE59C1DF7E9
SHA1: AC8CE8A7E602A266F3CD8B4C503EE8478501D152

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search_ebay.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 929
Created time: 2010-01-26 15:42:44
Modified time: 2010-01-26 15:42:44
MD5: 69286ABD58F84241A321A06D14A3B1BE
SHA1: 46D35D1573CF615C79070D6290F9BA6C665B8B5C

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search_yahoo.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 941
Created time: 2010-01-26 15:42:44
Modified time: 2010-01-26 15:42:44
MD5: 7C8E1580C8FFDD48909C6BE4FAABE2DA
SHA1: 315C1573D166267223CF5059ECFA2860CD6C4866

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search_yandex.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 327
Created time: 2011-08-31 10:02:06
Modified time: 2011-08-31 10:02:06
MD5: 615699B55309FC7B68FA25F4E679B9D5
SHA1: D9EAA6DEAED485E4F424AC7BDE97E09659B60394

--- C:\Program Files (x86)\YouTube Downloader Toolbar\Res\search_youtube.gif ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 996
Created time: 2010-02-01 11:27:58
Modified time: 2010-02-01 11:27:58
MD5: 49D99EDDB7BCB1EB9A3BCEAF6DDB8F53
SHA1: 70EF64AEF8F1B36B630BFA1C179D43F21632DC85

--- C:\ProgramData\Microsoft\Search Enhancement Pack\SeaPort\SearchBoxExt.cab ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 48122
Created time: 2010-09-22 11:03:38
Modified time: 2010-09-22 11:03:38
MD5: 5B45C957CB3C746CB327AF712A2D12E2
SHA1: 19887143BD83EF3B73EEA04B207CE5BAC9E455E8

--- C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\searchRequest.xslt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 654
Created time: 2010-03-15 10:33:54
Modified time: 2010-03-15 10:33:54
MD5: AF8FD8236853FB445D59795E4B4562B6
SHA1: 97A6D6685C78C56048BF5EDF4754B91F8D8BBBC8

--- C:\ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\searchList.xslt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 338
Created time: 2010-03-15 10:33:54
Modified time: 2010-03-15 10:33:54
MD5: EB4FB84FA928975B8BFE07B63C358BF5
SHA1: 4773C8D045045FFB2759F4D10D57F5F320AB2C1E

--- C:\ProgramData\TuneUp Software\TuneUp Utilities 2012\nl-NL\TUSearchScopes.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5608
Created time: 2011-11-09 08:20:16
Modified time: 2011-11-09 08:20:16
MD5: 62D03CF79D3926EBB74CF3BF992302D7
SHA1: C13102CE3F7439F0EB39CCC68D8D0BB15C2CF9BF

--- C:\ProgramData\TuneUp Software\TuneUp Utilities 2012\Web\gsearch.htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1053
Created time: 2011-11-09 08:21:18
Modified time: 2011-11-09 08:21:18
MD5: DE414A57BB66DA2D33419937722C83B1
SHA1: A68D9756B38E6AB15A3132D5D2CF95610E15F661

--- C:\Users\All Users\Microsoft\Search Enhancement Pack\SeaPort\SearchBoxExt.cab ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 48122
Created time: 2010-09-22 11:03:38
Modified time: 2010-09-22 11:03:38
MD5: 5B45C957CB3C746CB327AF712A2D12E2
SHA1: 19887143BD83EF3B73EEA04B207CE5BAC9E455E8

--- C:\Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MyNero\searchRequest.xslt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 654
Created time: 2010-03-15 10:33:54
Modified time: 2010-03-15 10:33:54
MD5: AF8FD8236853FB445D59795E4B4562B6
SHA1: 97A6D6685C78C56048BF5EDF4754B91F8D8BBBC8

--- C:\Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\YouTube\searchList.xslt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 338
Created time: 2010-03-15 10:33:54
Modified time: 2010-03-15 10:33:54
MD5: EB4FB84FA928975B8BFE07B63C358BF5
SHA1: 4773C8D045045FFB2759F4D10D57F5F320AB2C1E

--- C:\Users\All Users\TuneUp Software\TuneUp Utilities 2012\nl-NL\TUSearchScopes.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5608
Created time: 2011-11-09 08:20:16
Modified time: 2011-11-09 08:20:16
MD5: 62D03CF79D3926EBB74CF3BF992302D7
SHA1: C13102CE3F7439F0EB39CCC68D8D0BB15C2CF9BF

--- C:\Users\All Users\TuneUp Software\TuneUp Utilities 2012\Web\gsearch.htm ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1053
Created time: 2011-11-09 08:21:18
Modified time: 2011-11-09 08:21:18
MD5: DE414A57BB66DA2D33419937722C83B1
SHA1: A68D9756B38E6AB15A3132D5D2CF95610E15F661

--- C:\Users\mmqi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{E5990EBF-D6B9-48B9-9A1D-7DB9501871D8}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 318
Created time: 2012-02-15 16:08:15
Modified time: 2012-02-15 16:08:15
MD5: 7B10E6D43DE9352EAEFA58D9490BEAEE
SHA1: 6140599407F1DB90F0AFB41657CA10A83DAF3438

--- C:\Users\mmqi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{F50720DB-B337-428A-A4B3-CEC8D8AA18FC}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 318
Created time: 2012-02-07 16:56:11
Modified time: 2012-02-07 16:56:11
MD5: 7B10E6D43DE9352EAEFA58D9490BEAEE
SHA1: 6140599407F1DB90F0AFB41657CA10A83DAF3438

--- C:\Users\mmqi\AppData\LocalLow\Microsoft\Search Enhancement Pack\Search Box Extension\searchhs.dat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1000000
Created time: 2011-12-22 15:35:46
Modified time: 2011-12-22 15:35:46
MD5: E194B869A342E133E0ED7729596482FB
SHA1: 1AB22C5CA0203F1990600F6F9CBA3ED3A756104C

--- C:\Users\mmqi\AppData\Roaming\Azureus\metasearch.config ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2052
Created time: 2011-12-25 13:34:59
Modified time: 2012-03-10 18:34:48
MD5: 01DB9A67AD5CF5AE15873F874AA57DE2
SHA1: DD19A5D53294440752A7D4231CE8562A9404B453

--- C:\Users\mmqi\AppData\Roaming\Azureus\metasearch.config.bak ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2052
Created time: 2011-12-25 13:35:01
Modified time: 2012-03-10 18:34:48
MD5: 429582757E3135404F88BBA033E12D3A
SHA1: 6C4E59BCAE158C8D13A93C0AEC50198BC98CFB87

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\search.json ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 16840
Created time: 2012-02-28 23:00:40
Modified time: 2012-03-01 01:58:06
MD5: 6DB96E12B73BE478A6BF92C5131D2F6F
SHA1: 37495A790C1810EDF08F4DFC84B90AED6C51B21F

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\search.sqlite ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 65536
Created time: 2011-12-23 21:27:44
Modified time: 2012-02-18 20:48:39
MD5: 8698A82343684E9AA695E009F808CCE6
SHA1: 8E29FA72D6C31F24BD548E4E6A89958E1691BF5E

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\content\search.js ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 6206
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: D8B71BAD10B617BC4BE3780D8A860ED6
SHA1: 61931818FD7EC88836B70F2C90091C441B27F1B6

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\content\search.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 26201
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: 92A19A9BC451DAE569C80B961D354324
SHA1: 125B59139C90748401F6FA48622E9F5D94852D31

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\locale\ru-RU\mail.ru.searchtools.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1460
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: 8E4F6D96A66B7C950EB3D1CAA9220477
SHA1: 84B2CEF21E1C8C252D2029EFDB47368B906B26A7

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\locale\ru-RU\mail.ru.search_provider.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1451
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: 7325356DCFB35CF820162038ACFEC24A
SHA1: DF353B0541B72A03265FE1711007E53DD922FACB

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\locale\ru-RU\sputnik\mail.ru.search.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 4273
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: F48CDA5EB1AA088DD256A4CA741E5D1F
SHA1: 2BBDFFB64B9E7D384367CBFE9D729DC7E79A6ECA

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\mail.ru.search.css ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 190
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: DEB2D096C995D3A50EEFF1F8B064F2B7
SHA1: 326CAE3AD631E85A182C29FE9DDC57E1398C7D35

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\search_discuss.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1243
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: 1A50FDD568C8C75405B3294343EF4A25
SHA1: BCC213FBE99254FDEE59F1FD1ED4D56836B23687

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\search_page.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 746
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: 6B1B9A2C30F1CAC6EB5EB8233B14CCC4
SHA1: E119FA75B051D9B55858E40051A9AB4538E9F7E4

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\search_text.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 612
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: 61E35C5A505973F004E7DED761AB2B7B
SHA1: EFF329EE4D0444BCF624C9FC93ED3E6EBC910C48

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\start_search.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 834
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: C41B991A601BB2938BFF5D53E9371038
SHA1: 4159364990C30B5B84ADF0B6B6CEA48317A36E1E

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\chrome\skin\services\search.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 736
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: EA004FC75A8A44A126AEF8C4D9284865
SHA1: 69FDD4C50BDF8604E316482FE524CBE80191CE31

--- C:\Users\mmqi\AppData\Roaming\Mozilla\Firefox\Profiles\9zj3c6wi.default\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}\lib\searchControl.js ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 31488
Created time: 2012-01-26 22:04:03
Modified time: 2012-01-25 15:44:40
MD5: A3247E2C9D951AABA750B40A8A538966
SHA1: 031076B2C117655FEAA7C24FC36DC10B7BB5833B

--- C:\Users\mmqi\Searches\Everywhere.search-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ---ha-r-
File size: 248
Created time: 2011-12-22 15:30:59
Modified time: 2011-12-22 15:30:59
MD5: 0FA26B6C98419B5E7C00EFFFB5835612
SHA1: D904D6683A548B03950D94DA33CDFCCBB55A9BC7

--- C:\Users\mmqi\Searches\Indexed Locations.search-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ---ha-r-
File size: 248
Created time: 2011-12-22 15:30:59
Modified time: 2011-12-22 15:30:59
MD5: B6ACBEB59959AA5412A7565423EA7BAB
SHA1: 4905F02DBEF69C830B807A32E9A4B6206BD01DC6

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 894
Created time: 2010-12-07 00:48:52
Modified time: 2011-07-15 12:09:13
MD5: D4D935BD8F4185EDC8D96901890BA391
SHA1: 8E7BADC5DA1198B97C32D7D0B6A16EF79E249F80

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1150
Created time: 2010-12-09 17:38:32
Modified time: 2010-12-09 17:38:32
MD5: 3A2621535E6A482B2783AA692B103D04
SHA1: DA713269297ACB71BA5485FACA76AA9D670315F3

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{2DF8D558-9315-41C0-BDA8-DA58C7246A65}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 318
Created time: 2012-02-25 07:56:27
Modified time: 2012-02-25 07:56:27
MD5: 7B10E6D43DE9352EAEFA58D9490BEAEE
SHA1: 6140599407F1DB90F0AFB41657CA10A83DAF3438

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{5F987689-7600-46EA-8EF0-C678BDA7A7FE}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 318
Created time: 2012-02-25 08:02:12
Modified time: 2012-02-25 08:02:12
MD5: 7B10E6D43DE9352EAEFA58D9490BEAEE
SHA1: 6140599407F1DB90F0AFB41657CA10A83DAF3438

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{60CBDA63-0A3F-43AE-8696-E4170076195D}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1150
Created time: 2011-07-16 00:13:49
Modified time: 2011-07-16 11:29:30
MD5: 0A01E086572973EC65551406610425E2
SHA1: 6100F4562F5B9B0EAD8A6953BB765AC6ED318BBF

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{67A2568C-7A0A-4EED-AECC-B5405DE63B64}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1150
Created time: 2011-07-26 21:05:50
Modified time: 2011-07-26 21:05:50
MD5: 09B565A51E14B721A323F0BA44B2982A
SHA1: B7435D5BEB367D7876322E2F167E505DCAE704EE

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{6A1806CD-94D4-4689-BA73-E35EA1EA9990}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1150
Created time: 2011-05-22 19:14:20
Modified time: 2011-07-26 21:05:50
MD5: 09B565A51E14B721A323F0BA44B2982A
SHA1: B7435D5BEB367D7876322E2F167E505DCAE704EE

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{7CDDDF66-354B-4918-A83E-5B7BC3844615}.ico ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 318
Created time: 2012-02-26 13:15:16
Modified time: 2012-02-26 13:15:16
MD5: 7B10E6D43DE9352EAEFA58D9490BEAEE
SHA1: 6140599407F1DB90F0AFB41657CA10A83DAF3438

--- C:\Users\Mmqi-Thabi\AppData\LocalLow\Microsoft\Search Enhancement Pack\Search Box Extension\searchhs.dat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1000000
Created time: 2011-02-26 18:33:03
Modified time: 2011-02-26 18:33:03
MD5: 354245FB5F39728151D9F003212891CF
SHA1: E11167210607518067A55AE38AD14ABDC72FB2FF

--- C:\Users\Mmqi-Thabi\AppData\Roaming\Azureus\metasearch.config ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2052
Created time: 2010-12-08 15:19:47
Modified time: 2012-03-10 17:40:55
MD5: 7C7A9CA505CAAA1DA2F7AA4A7CBCFD6B
SHA1: 1D4A1E86FB614BDC0610BCB24949A1AEA759EA8C

--- C:\Users\Mmqi-Thabi\AppData\Roaming\Azureus\metasearch.config.bak ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2052
Created time: 2010-12-08 15:19:47
Modified time: 2012-03-10 17:40:55
MD5: 0363813503EE19AA0F6B2AFFE354BC22
SHA1: 26F6F8F1C02EBECDCE3C66DFEBCE459EB5F72C9B

--- C:\Users\Mmqi-Thabi\AppData\Roaming\Microsoft\Windows\Cookies\mmqi-thabi@scorecardresearch[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 114
Created time: 2011-08-09 01:08:08
Modified time: 2011-08-09 01:08:08
MD5: 7356CC6ED8CD30A080A2DB4077D0584B
SHA1: 634AB04769C1719D4BFB74931C06ACE9129A33BB

--- C:\Users\Mmqi-Thabi\AppData\Roaming\Mozilla\Firefox\Profiles\mc5hymid.default\search.json ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 17628
Created time: 2010-12-07 13:17:41
Modified time: 2012-03-01 14:39:39
MD5: 7E1E47253FF0D4169CE4F27B753B3193
SHA1: 69F135D921BE3C517BED3781C74646C4AD5AE6DE

--- C:\Users\Mmqi-Thabi\AppData\Roaming\Mozilla\Firefox\Profiles\mc5hymid.default\search.sqlite ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2048
Created time: 2010-12-07 13:17:41
Modified time: 2012-03-01 14:39:40
MD5: E4AF0A7CCE432FA85E898B36520AFF99
SHA1: BB0EFEE7387EA57014B2F6ED58D41C2E3E9A5FBC

--- C:\Users\Mmqi-Thabi\Searches\Everywhere.search-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ---ha-r-
File size: 248
Created time: 2010-12-06 23:25:00
Modified time: 2010-12-06 23:25:00
MD5: 0FA26B6C98419B5E7C00EFFFB5835612
SHA1: D904D6683A548B03950D94DA33CDFCCBB55A9BC7

--- C:\Users\Mmqi-Thabi\Searches\Indexed Locations.search-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ---ha-r-
File size: 248
Created time: 2010-12-06 23:25:00
Modified time: 2010-12-06 23:25:00
MD5: B6ACBEB59959AA5412A7565423EA7BAB
SHA1: 4905F02DBEF69C830B807A32E9A4B6206BD01DC6

--- C:\Windows\diagnostics\index\SearchDiagnostic.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1840
Created time: 2009-07-13 23:31:39
Modified time: 2009-06-10 20:48:53
MD5: 75188C296F5FC53489D0084386D62CB4
SHA1: AB353C6B89F35E78EEA6441264EFE0E803C5F11F

--- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB7449A0100000010\9.1.0\Search.api ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-r-
File size: 397923
Created time: 2009-02-27 23:32:26
Modified time: 2009-02-27 23:32:26
MD5: 9FD454FACEE470494C4CB91F62A31AAA
SHA1: EEBE3330D1A86D3804E2BB484714692AE9DAF509

--- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB7449A0100000010\9.1.0\Search5.api_NON_OPT ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat Search5 Plug-in
File Version: 9.1.0.2009022700
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2009 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: Search.api
File type: ----a-r-
File size: 85603
Created time: 2009-02-27 23:34:18
Modified time: 2009-02-27 23:34:18
MD5: 1A43FE3CDD53391B086664CF6B8CFC78
SHA1: F69345AA42CE1EB5C882E25126C4C156E7DC5B7B

--- C:\Windows\PolicyDefinitions\Search.admx ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 43882
Created time: 2009-06-10 20:34:07
Modified time: 2009-06-10 20:34:07
MD5: D85CAA39823EC4C39391B65122D436E0
SHA1: 29DD42762BC6A6A69F29E450137E0C811E73E253

--- C:\Windows\PolicyDefinitions\nl-NL\Search.adml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 63986
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: 072513F172CDE5ED049A8FDFC9781C9B
SHA1: 61EF3789FB3CC68812058491DA5AFD7CB124BC3E

yowaambie · 11 mrt 2012

Re: Checkje.

--- C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 16898
Created time: 2010-12-06 23:18:51
Modified time: 2012-02-08 21:00:34
MD5: 32FF0C1B2481B01BA461352B8B5F95D2
SHA1: 2437CA84785FEA815777705FFBF3628F862C540F

--- C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 134134
Created time: 2010-12-06 23:18:51
Modified time: 2012-02-08 21:00:34
MD5: D87A7ACB8B461DBE895E72A909DAC4A5
SHA1: 80F11314B60BF859AA0317416F5E3F8D9B7D24B0

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~nl-NL~6.1.7600.16385.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 16141
Created time: 2009-08-04 10:13:24
Modified time: 2009-07-13 14:16:32
MD5: 415E6B450A34EFDC535FE17F9D78A80A
SHA1: BAFD9D4AE376DFD6BA6D7B2F2308FF5C5420CF83

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~nl-NL~6.1.7600.16385.mum ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1621
Created time: 2009-08-04 10:13:24
Modified time: 2009-07-13 11:01:08
MD5: 10CC48CF0BB27E141181430E7A18ABC0
SHA1: DC03377D57AACD45775B2BC4AADE4781F29B2B01

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~nl-NL~6.1.7601.17514.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 17414
Created time: 2011-05-23 21:25:29
Modified time: 2010-11-20 15:59:24
MD5: 7306E55E66B8407F224CABA5170C60E1
SHA1: 45A1CCCC1FE63BD64BD05742E73A7BC65E4C8B63

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~nl-NL~6.1.7601.17514.mum ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1622
Created time: 2011-05-23 21:25:29
Modified time: 2010-11-20 15:37:22
MD5: 27B0DAB350EE2A5748D069F23EDAB092
SHA1: B9AB4EE220C684989B479E494CE67B854594C135

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 29883
Created time: 2009-07-14 05:29:35
Modified time: 2009-07-14 03:00:33
MD5: 16CC10B20EC44125C787D775BB56CE90
SHA1: E26BF84A8B03DC1DA149BC78178FB103CA105520

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.mum ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1610
Created time: 2009-07-14 05:29:35
Modified time: 2009-07-13 20:52:04
MD5: BEA74D558D605C57B7EE29A035C52D2A
SHA1: D46F3F8A0917DB1651BF3C453169F87C626BB0C1

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36166
Created time: 2011-05-23 21:24:26
Modified time: 2010-11-20 14:38:30
MD5: 09A1F53E281BE898C427BA67FD2240E1
SHA1: C906FA5354F6777A65076A491AEC6A2896276D2C

--- C:\Windows\servicing\Packages\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.mum ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1621
Created time: 2011-05-23 21:24:26
Modified time: 2010-11-20 14:22:56
MD5: 39B91F70CEF13C176E5B9A2F68860C60
SHA1: 1D24F632305215E0E760C210683ADD264C99A8B4

--- C:\Windows\System32\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:28:31
MD5: A6CD6B3F71E13E2E45B727FB8A47EA87
SHA1: C662BB3DA0DD5FDAE9A7661226F13689786777FD

--- C:\Windows\System32\SearchFolder.dll ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 646144
Created time: 2011-05-23 21:47:37
Modified time: 2010-11-20 12:21:06
MD5: 6581B52E133CC6D00661C58968C7E212
SHA1: A6318DC4D9EE7633F2295D448E158A23CA4160F2

--- C:\Windows\System32\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 427520
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:28:31
MD5: 236F286E103FD44BD85FDD93097FD5DD
SHA1: 855DF07D843BEBC54597F29E028CCFA5B45FBE22

--- C:\Windows\System32\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:28:31
MD5: E1AC89F6C5252057E6062843E36A6701
SHA1: 7B0C202950B157AE68AFF26DC68B4F843C17AA18

--- C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~nl-NL~6.1.7600.16385.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 16141
Created time: 2009-08-04 10:13:24
Modified time: 2009-07-13 14:16:32
MD5: 415E6B450A34EFDC535FE17F9D78A80A
SHA1: BAFD9D4AE376DFD6BA6D7B2F2308FF5C5420CF83

--- C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~nl-NL~6.1.7601.17514.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: --s---w-
File size: 17414
Created time: 2011-05-23 21:25:28
Modified time: 2010-11-20 15:59:24
MD5: 7306E55E66B8407F224CABA5170C60E1
SHA1: 45A1CCCC1FE63BD64BD05742E73A7BC65E4C8B63

--- C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~~6.1.7600.16385.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 29883
Created time: 2009-07-14 05:29:35
Modified time: 2009-07-14 03:00:33
MD5: 16CC10B20EC44125C787D775BB56CE90
SHA1: E26BF84A8B03DC1DA149BC78178FB103CA105520

--- C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SearchEngine-Client-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: --s---w-
File size: 36166
Created time: 2011-05-23 21:24:26
Modified time: 2010-11-20 14:38:30
MD5: 09A1F53E281BE898C427BA67FD2240E1
SHA1: C906FA5354F6777A65076A491AEC6A2896276D2C

--- C:\Windows\System32\migration\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\System32\migwiz\dlmanifests\WindowsSearchEngine-DL.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5748
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 119875F76AF9D11ED66D829094A2C965
SHA1: 014D08964B07937DC0F6B989AAC008018FCE20E3

--- C:\Windows\System32\migwiz\replacementmanifests\WindowsSearchEngine-replacement.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5929
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 9EAB0B79260A3EAC1A330239847FC19D
SHA1: 3C4FADA3C4DA4BA70D37D4C6D402379C6D06B588

--- C:\Windows\System32\migwiz\replacementmanifests\WindowsSearchEngine\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:03
Modified time: 2009-07-14 01:16:14
MD5: 92B5E225D669CB5A61D1CF57E92E8778
SHA1: 611A255765453C9ED2ABBEE44DF646454E44D32F

--- C:\Windows\System32\nl-NL\searchfolder.dll.mui ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 153600
Created time: 2009-08-04 10:13:51
Modified time: 2009-08-04 10:13:51
MD5: 72BADE5B342F922CBCA921BBD46B668D
SHA1: E08D4E7DD4002875C49F00C79BCC589B231C0DDE

--- C:\Windows\System32\nl-NL\SearchIndexer.exe.mui ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 7680
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: F9CF313855CD7B27E9A26B889D8CED0A
SHA1: 6119B32C74A63E16669AD65D6E78726CA685B7E8

--- C:\Windows\System32\spp\tokens\ppdlic\WindowsSearchComponent-ppdlic.xrm-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3028
Created time: 2009-07-14 01:25:38
Modified time: 2009-07-14 01:25:38
MD5: 006419122B2C2C2A655A9EDBD11CDC89
SHA1: 5AFDD2940ABF8AADFAB394032B428DC05542E18D

--- C:\Windows\SysWOW64\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:28:31
MD5: A6CD6B3F71E13E2E45B727FB8A47EA87
SHA1: C662BB3DA0DD5FDAE9A7661226F13689786777FD

--- C:\Windows\SysWOW64\SearchFolder.dll ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 646144
Created time: 2011-05-23 21:47:37
Modified time: 2010-11-20 12:21:06
MD5: 6581B52E133CC6D00661C58968C7E212
SHA1: A6318DC4D9EE7633F2295D448E158A23CA4160F2

--- C:\Windows\SysWOW64\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 427520
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:28:31
MD5: 236F286E103FD44BD85FDD93097FD5DD
SHA1: 855DF07D843BEBC54597F29E028CCFA5B45FBE22

--- C:\Windows\SysWOW64\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:28:31
MD5: E1AC89F6C5252057E6062843E36A6701
SHA1: 7B0C202950B157AE68AFF26DC68B4F843C17AA18

--- C:\Windows\SysWOW64\migration\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\SysWOW64\migwiz\dlmanifests\WindowsSearchEngine-DL.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5748
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 119875F76AF9D11ED66D829094A2C965
SHA1: 014D08964B07937DC0F6B989AAC008018FCE20E3

--- C:\Windows\SysWOW64\migwiz\replacementmanifests\WindowsSearchEngine-replacement.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5929
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 9EAB0B79260A3EAC1A330239847FC19D
SHA1: 3C4FADA3C4DA4BA70D37D4C6D402379C6D06B588

--- C:\Windows\SysWOW64\migwiz\replacementmanifests\WindowsSearchEngine\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:03
Modified time: 2009-07-14 01:16:14
MD5: 92B5E225D669CB5A61D1CF57E92E8778
SHA1: 611A255765453C9ED2ABBEE44DF646454E44D32F

--- C:\Windows\SysWOW64\nl-NL\searchfolder.dll.mui ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 153600
Created time: 2009-08-04 10:13:51
Modified time: 2009-08-04 10:13:51
MD5: 72BADE5B342F922CBCA921BBD46B668D
SHA1: E08D4E7DD4002875C49F00C79BCC589B231C0DDE

--- C:\Windows\SysWOW64\nl-NL\SearchIndexer.exe.mui ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 7680
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: F9CF313855CD7B27E9A26B889D8CED0A
SHA1: 6119B32C74A63E16669AD65D6E78726CA685B7E8

--- C:\Windows\SysWOW64\spp\tokens\ppdlic\WindowsSearchComponent-ppdlic.xrm-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3028
Created time: 2009-07-14 01:25:38
Modified time: 2009-07-14 01:25:38
MD5: 006419122B2C2C2A655A9EDBD11CDC89
SHA1: 5AFDD2940ABF8AADFAB394032B428DC05542E18D

--- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7600.16808_none_1b3c97835a989f39\rebuildSearchIndex.exe ---
Company: Microsoft Corporation
File Description: Rebuild Search Index Generic Command
File Version: 6.1.7600.16808 (win7_gdr.110503-1506)
Product Name: Microsoft Windows Operating System
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: rebuildSearchIndex.exe
File type: ----a-w-
File size: 7680
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:23:56
MD5: 6CB231EFAE80803BF1B2893D79E55A66
SHA1: 7BE99141978036B5300662EA7833A97B316B07C1

--- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7600.20959_none_1b9124fc73dde40f\rebuildSearchIndex.exe ---
Company: Microsoft Corporation
File Description: Rebuild Search Index Generic Command
File Version: 6.1.7600.20959 (win7_ldr.110503-1502)
Product Name: Microsoft Windows Operating System
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: rebuildSearchIndex.exe
File type: ----a-w-
File size: 7680
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:14:11
MD5: 02D2E8F11E9D5907BEFF45DBFE852A44
SHA1: EF0F1BAE8F43C12D90E5334EBF30C613725B0766

--- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7601.17610_none_1d10224d57ce5c5e\rebuildSearchIndex.exe ---
Company: Microsoft Corporation
File Description: Rebuild Search Index Generic Command
File Version: 6.1.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Microsoft Windows Operating System
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: rebuildSearchIndex.exe
File type: ----a-w-
File size: 7680
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:19:17
MD5: BB88D7BF8B6D3FAD2459A6E70105228A
SHA1: 78BA2E78A72F7C6DC2F4CAC847E2C25A19F93A12

--- C:\Windows\winsxs\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7601.21720_none_1d8eef2c70f41819\rebuildSearchIndex.exe ---
Company: Microsoft Corporation
File Description: Rebuild Search Index Generic Command
File Version: 6.1.7601.21720 (win7sp1_ldr.110503-1503)
Product Name: Microsoft Windows Operating System
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: rebuildSearchIndex.exe
File type: ----a-w-
File size: 7680
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:18:37
MD5: 3CCED287EC7DF84CEC633A9A4E03DD62
SHA1: AFE6C85B7461A50F2CB356910FAA9BE1510E6B46

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\btn_search_down.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3573
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: 6DD6B9EA723D75990FA36CA79B9E8732
SHA1: F25E26CFEB0762300F6EE6CB0687AC11726FDCBB

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\btn_search_down_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3581
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: C04DB72ABB3CFDC44E0D503B96D82D7E
SHA1: 8911E9852C762733671474AD0ACA13CE76EC4530

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\btn_search_over.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3559
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: 1CD0EEEA637FCC2E759C6A3BA5331E33
SHA1: 367BD0260E8569461060CBC9D86E8CFC776792AD

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\btn_search_over_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3582
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: A76EF777CABDA865DB088BC1091164F7
SHA1: AA66AFEAC354B367FF23213A152AE0F3B1219DCF

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\btn_search_up.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: C4FDC276ACE4129C8A9B3E79E8FC5103
SHA1: 268738FA7056C7A5C4C83B3A2647E947BF6A2093

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\btn_search_up_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3456
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:12
MD5: B2547E1B4B133B1312D3D8ED999CEF72
SHA1: 0D67E5203A75C5A858EDE12694C19AE49948F231

--- C:\Windows\winsxs\amd64_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_a9cf548d21b86a2f\search_background.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 482
Created time: 2009-07-13 21:47:33
Modified time: 2009-06-10 20:58:22
MD5: E34043F0378ACDD4E2F3FB1F76B8EC91
SHA1: 7BD0E52B9F7FAF988C0BF7FCDDF6A90DFBDE7847

--- C:\Windows\winsxs\amd64_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.1.7600.16385_none_5e6da7259d4ac682\WindowsSearchEngine-DL.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5748
Created time: 2009-06-10 20:42:50
Modified time: 2009-06-10 20:42:50
MD5: 119875F76AF9D11ED66D829094A2C965
SHA1: 014D08964B07937DC0F6B989AAC008018FCE20E3

--- C:\Windows\winsxs\amd64_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.1.7601.17514_none_609ebaed9a394a1c\WindowsSearchEngine-DL.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5748
Created time: 2009-06-10 20:42:50
Modified time: 2009-06-10 20:42:50
MD5: 119875F76AF9D11ED66D829094A2C965
SHA1: 014D08964B07937DC0F6B989AAC008018FCE20E3

--- C:\Windows\winsxs\amd64_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7600.16385_none_57e94db50528923a\WindowsSearchEngine-replacement.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5929
Created time: 2009-06-10 20:42:50
Modified time: 2009-06-10 20:42:50
MD5: 9EAB0B79260A3EAC1A330239847FC19D
SHA1: 3C4FADA3C4DA4BA70D37D4C6D402379C6D06B588

--- C:\Windows\winsxs\amd64_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7600.16385_none_57e94db50528923a\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:55
Modified time: 2009-07-14 01:41:54
MD5: 9C0BEE8EE15BE9F7AD570BBEF2B50E53
SHA1: F29DE1469FC3D7BB98128D1B83C2678C43E4D12B

--- C:\Windows\winsxs\amd64_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7601.17514_none_5a1a617d021715d4\WindowsSearchEngine-replacement.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5929
Created time: 2009-06-10 20:42:50
Modified time: 2009-06-10 20:42:50
MD5: 9EAB0B79260A3EAC1A330239847FC19D
SHA1: 3C4FADA3C4DA4BA70D37D4C6D402379C6D06B588

--- C:\Windows\winsxs\amd64_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7601.17514_none_5a1a617d021715d4\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:55
Modified time: 2009-07-14 01:41:54
MD5: 9C0BEE8EE15BE9F7AD570BBEF2B50E53
SHA1: F29DE1469FC3D7BB98128D1B83C2678C43E4D12B

--- C:\Windows\winsxs\amd64_microsoft-windows-search-adm.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_2ce8f709cc1e56d0\Search.adml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 63986
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: 072513F172CDE5ED049A8FDFC9781C9B
SHA1: 61EF3789FB3CC68812058491DA5AFD7CB124BC3E

--- C:\Windows\winsxs\amd64_microsoft-windows-search-adm_31bf3856ad364e35_7.0.7600.16385_none_6f015050e39c93c8\Search.admx ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 43882
Created time: 2009-06-10 20:34:07
Modified time: 2009-06-10 20:34:07
MD5: D85CAA39823EC4C39391B65122D436E0
SHA1: 29DD42762BC6A6A69F29E450137E0C811E73E253

--- C:\Windows\winsxs\amd64_microsoft-windows-searchdiagnostic_31bf3856ad364e35_6.1.7600.16385_none_8d9dc2260d0e1a98\SearchDiagnostic.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1840
Created time: 2009-07-13 23:31:39
Modified time: 2009-06-10 20:48:53
MD5: 75188C296F5FC53489D0084386D62CB4
SHA1: AB353C6B89F35E78EEA6441264EFE0E803C5F11F

--- C:\Windows\winsxs\amd64_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_925853f4aec06251\searchfolder.dll.mui ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 153600
Created time: 2009-08-04 10:13:48
Modified time: 2009-08-04 10:13:48
MD5: 75170EE29D911F114CE4F9CC3A3237F8
SHA1: 96D9B51929FB801748A2781438C90EEF815CE959

--- C:\Windows\winsxs\amd64_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_f6652b9de2fd8a41\SearchFolder.dll ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 865280
Created time: 2009-07-13 23:59:22
Modified time: 2009-07-14 01:41:53
MD5: D2CB14499799E196CB034448BDD898DD
SHA1: 810AF354AF52997343A98F8E61CFAD886B1F8D47

--- C:\Windows\winsxs\amd64_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7601.17514_none_f8963f65dfec0ddb\SearchFolder.dll ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 867840
Created time: 2011-05-23 21:47:43
Modified time: 2010-11-20 13:27:25
MD5: B0F69B9DE0AEBFD7E4CEADE6758DF627
SHA1: 6A4CC306D15CAFF5F1B94F722CF4AA057F6E5073

--- C:\Windows\winsxs\amd64_microsoft-windows-stickynotes-app_31bf3856ad364e35_6.1.7600.16385_none_493ba8a4d2fc9697\SNTSearch.dll ---
Company: Microsoft Corporation
File Description: Sticky Notes Search DLL
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Microsoft Windows Operating System
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SNTSearch.dll
File type: ----a-w-
File size: 229376
Created time: 2009-07-13 23:58:20
Modified time: 2009-07-14 01:41:54
MD5: 0A8BEC706DBC33BEA9A919BEDA137A2D
SHA1: FECB1530A423DC1638D695E51E4A3B8EEF69FC09

--- C:\Windows\winsxs\amd64_microsoft-windows-stickynotes.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_0f8b5fe3e36d8909\sntsearch.dll.mui ---
Company: Microsoft Corporation
File Description: Zoek-DLL van Plaknotities
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SNTSearch.dll.mui
File type: ----a-w-
File size: 2560
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: 7E38637D93912A6AD2BB1A9FA11ECC54
SHA1: 57DEF5297E86005EB46950344FAEA1DFE0743C75

--- C:\Windows\winsxs\amd64_microsoft-windows-w..ilter-adm.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_bb33ae1536ec90d6\SearchOCR.adml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 7926
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: E2C1DDC2AC1AE503402B352FC3DEDA00
SHA1: 75D10D2B98B9892E7B9C5D28A7BECD7F679F9976

--- C:\Windows\winsxs\amd64_microsoft-windows-winocr-tifffilter-adm_31bf3856ad364e35_6.1.7600.16385_none_51e1fd8a288646da\SearchOCR.admx ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 11602
Created time: 2009-06-10 21:08:29
Modified time: 2009-06-10 21:08:29
MD5: BC73AF941203896EECBECEEF2A9B98BE
SHA1: 3B71FCBB186D4719BB716B467DA44AF3737D6BED

--- C:\Windows\winsxs\amd64_windowssearchcomponent_31bf3856ad364e35_6.1.7600.16385_none_35b2f9824cfb0f36\WindowsSearchComponent-ppdlic.xrm-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3028
Created time: 2009-07-14 01:53:34
Modified time: 2009-07-14 01:53:34
MD5: F7FD9D94E44F0214FA75D526321092E8
SHA1: BC4816C9AADC4E7581179F71D4A4D088BD45642C

--- C:\Windows\winsxs\amd64_windowssearchengine.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_cd678b73b6d72d83\SearchIndexer.exe.mui ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 7680
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: 619792859487D0E1CE3F48A946CFD70E
SHA1: CE0DFECBFF127F12E6EC98AF264FFC2A2098BEEE

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_cf4f145f352676dd\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 113664
Created time: 2009-07-14 00:29:59
Modified time: 2009-07-14 01:39:37
MD5: 52D56D1013D4F1B99102679314CC5325
SHA1: 904A3B130E3DB7CEA97F31CC40D64D9026FF6E41

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_cf4f145f352676dd\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 593408
Created time: 2009-07-14 00:32:27
Modified time: 2009-07-14 01:39:37
MD5: AD31942BDF3D594C404874613BC2FE4D
SHA1: 7BCC04348145501294745D58A2F9F702A76E794F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_cf4f145f352676dd\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 249856
Created time: 2009-07-14 00:30:48
Modified time: 2009-07-14 01:39:37
MD5: 42EC9065D9BF266ADE924B066C783A56
SHA1: A8DCF7D63A8BB5ABEF8787775957A5BB6C0F3F77

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_cf4f145f352676dd\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:53
Modified time: 2009-07-14 01:41:58
MD5: 63F42733DD7B102D8CA3E615AC8A58E6
SHA1: 8592D0405E923F13DDB7294D8F7DA1BD5BF0A58F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_cfa89e1b34e2d51d\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.16808 (win7_gdr.110503-1506)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 113664
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 05:24:09
MD5: F024058C391B99397EC3CCF6F77B7189
SHA1: C7507ECF36B420F2C996960402CF5F60E32588CB

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_cfa89e1b34e2d51d\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 593408
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 05:24:09
MD5: 8CD2A697B18069A62A035E756E51E934
SHA1: A27F8D8C3AABE69BC09FFC9E23EED2523AF61F1E

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_cfa89e1b34e2d51d\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.16808 (win7_gdr.110503-1506)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 249856
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 05:24:09
MD5: BDDCD13F341CBA21775FF66A5C27F59E
SHA1: E344F49BAADC3F69AA74079C4341C6047FEC76CB

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_cfa89e1b34e2d51d\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:53
Modified time: 2009-07-14 01:41:58
MD5: 63F42733DD7B102D8CA3E615AC8A58E6
SHA1: 8592D0405E923F13DDB7294D8F7DA1BD5BF0A58F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_cffd2b944e2819f3\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.20959 (win7_ldr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 113664
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 05:14:18
MD5: AA276B2A268B7B1E033F4B2BEF120137
SHA1: AD13EFBE613A32DA4CB7630EAEA062684C351DB1

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_cffd2b944e2819f3\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 593408
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 05:14:18
MD5: C4C0779BC5CF45F91ABB29325B9E8371
SHA1: F96262D9DDB0C4F7FD927D18C9366234543B2BFA

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_cffd2b944e2819f3\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.20959 (win7_ldr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 249856
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 05:14:19
MD5: 4317B61CBDEA8EE7220BCF3596756272
SHA1: 353BBAC6DC96F7EEB571EA1B86A94E587D49FB2F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_cffd2b944e2819f3\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:53
Modified time: 2009-07-14 01:41:58
MD5: 63F42733DD7B102D8CA3E615AC8A58E6
SHA1: 8592D0405E923F13DDB7294D8F7DA1BD5BF0A58F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 113664
Created time: 2009-07-14 00:29:59
Modified time: 2009-07-14 01:39:37
MD5: 52D56D1013D4F1B99102679314CC5325
SHA1: 904A3B130E3DB7CEA97F31CC40D64D9026FF6E41

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 593408
Created time: 2009-07-14 00:32:27
Modified time: 2009-07-14 01:39:37
MD5: AD31942BDF3D594C404874613BC2FE4D
SHA1: 7BCC04348145501294745D58A2F9F702A76E794F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 249856
Created time: 2009-07-14 00:30:48
Modified time: 2009-07-14 01:39:37
MD5: 42EC9065D9BF266ADE924B066C783A56
SHA1: A8DCF7D63A8BB5ABEF8787775957A5BB6C0F3F77

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:53
Modified time: 2009-07-14 01:41:58
MD5: 63F42733DD7B102D8CA3E615AC8A58E6
SHA1: 8592D0405E923F13DDB7294D8F7DA1BD5BF0A58F

yowaambie · 11 mrt 2012

Re: Checkje.

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 113664
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 05:19:28
MD5: 49A3AD5CE578CD77F445F3D244AEAB2D
SHA1: A136DCF156975D8B60B438F19977A3052F9752D0

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 591872
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:19:28
MD5: E0B340996A41C9A75DFA3B99BBA9C500
SHA1: 949C8E32491890CD916F39D787DB246362CFE0CE

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 249856
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:19:28
MD5: D9E21CBF9E6A87847AFFD39EA3FA28EE
SHA1: FD8F3226267F506E3CF0341044275AA5419E537D

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:53
Modified time: 2009-07-14 01:41:58
MD5: 63F42733DD7B102D8CA3E615AC8A58E6
SHA1: 8592D0405E923F13DDB7294D8F7DA1BD5BF0A58F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_d1faf5c44b3e4dfd\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7601.21720 (win7sp1_ldr.110503-1503)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 113664
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 05:18:51
MD5: D43F8D7442F676E8BDDD0BB2B9FF833A
SHA1: E12B389392D476165B99D80B7CDC973AD404490F

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_d1faf5c44b3e4dfd\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 591872
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:18:51
MD5: E0779417540301DB5BDB74B784FC310C
SHA1: 7F0A5AB2AD9752ADD2638B43DBD48039E72AB8ED

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_d1faf5c44b3e4dfd\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7601.21720 (win7sp1_ldr.110503-1503)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 249856
Created time: 2011-06-29 14:16:25
Modified time: 2011-05-04 05:18:51
MD5: 31014BFCA1C6BAE4BFC33311B9E9F579
SHA1: CB80580D9B9AA2A7450A293F5B0AC34F965BCF89

--- C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_d1faf5c44b3e4dfd\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 78336
Created time: 2009-07-14 00:29:53
Modified time: 2009-07-14 01:41:58
MD5: 63F42733DD7B102D8CA3E615AC8A58E6
SHA1: 8592D0405E923F13DDB7294D8F7DA1BD5BF0A58F

--- C:\Windows\winsxs\Backup\amd64_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_925853f4aec06251.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2490
Created time: 2009-08-04 10:14:43
Modified time: 2009-08-04 10:14:27
MD5: 0E1B0362B3DF74914FD4BC4CE8A924FB
SHA1: 8B9C64D2797D7CC10DEA00CE0B9A35E9C070DCAF

--- C:\Windows\winsxs\Backup\amd64_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_925853f4aec06251_searchfolder.dll.mui_8c30bdaf ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 153600
Created time: 2009-08-04 10:14:43
Modified time: 2009-08-04 10:14:27
MD5: 75170EE29D911F114CE4F9CC3A3237F8
SHA1: 96D9B51929FB801748A2781438C90EEF815CE959

--- C:\Windows\winsxs\Backup\x86_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_3639b870f662f11b.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2488
Created time: 2009-08-04 10:14:44
Modified time: 2009-08-04 10:14:29
MD5: C828D1D4228F2E25B8B0AD4B30CF685A
SHA1: D01386207F3C79A1ABD470438F386E489299826A

--- C:\Windows\winsxs\Backup\x86_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_3639b870f662f11b_searchfolder.dll.mui_8c30bdaf ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 153600
Created time: 2009-08-04 10:14:44
Modified time: 2009-08-04 10:14:29
MD5: 72BADE5B342F922CBCA921BBD46B668D
SHA1: E08D4E7DD4002875C49F00C79BCC589B231C0DDE

--- C:\Windows\winsxs\FileMaps\$$_diagnostics_system_search_9d4b5385ff8f1ef3.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1640
Created time: 2009-07-14 05:32:38
Modified time: 2011-05-26 22:04:12
MD5: A8F537CB911D460972F8B32616201511
SHA1: 99C96B4B87EA7FA73B5C41007A8A10F1910F4459

--- C:\Windows\winsxs\FileMaps\$$_diagnostics_system_search_nl-nl_09dfdf11881e7e3a.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 868
Created time: 2009-08-04 10:14:45
Modified time: 2011-05-26 22:04:12
MD5: 1B34FF4FD9D279EEC426FFAAE1299329
SHA1: 64B49118C076B64C041ABB1AF44BC82708148B11

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0000_2e6e3f1caf9fca20.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 736
Created time: 2009-07-14 05:32:38
Modified time: 2009-07-14 05:32:31
MD5: 86A0C1A644E98D79951165BBDA96D3B9
SHA1: 6B6D67B750396ADE9444D3133C6051B68F0FF719

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0404_2e6e3e8caf9fcb68.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 10:21:40
Modified time: 2010-12-14 01:55:25
MD5: 4E04B7A7997E11FF6E019BDA2589476D
SHA1: 00874F327CE37EF82235A25C8EF0211D925047EA

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0407_2e6e3e8caf9fcb6b.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 09:50:50
Modified time: 2010-12-14 01:56:19
MD5: 91F9589979875B855D45D361DCD247F4
SHA1: 73A6CD193B49A99A0BB0CB501CE18003AB77013C

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0408_2e6e3e8caf9fcb6c.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 10:33:58
Modified time: 2010-12-14 02:02:21
MD5: D8878671E2DB6752535A37C7BE4381EA
SHA1: BA0A8CE5F9DB9F55CD8C247CF9147BA4606BEB02

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0409_2e6e3e8caf9fcb6d.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-07-14 05:37:44
Modified time: 2010-12-14 01:58:58
MD5: 72D54610FBA8608280D5DFAA0A3D70D9
SHA1: BA39425EF5D0A4093A0EABCD1A73FC1BBD1245CB

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_040c_2e6e3e8caf9fcb77.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 10:02:43
Modified time: 2010-12-14 02:00:31
MD5: 3BCC5046560C9C7E4B40DF901A1DB149
SHA1: 36F63399DCA6AA45F8BE509EA58C3A6833CEAE1D

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_040d_2e6e3e8caf9fcb78.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 10:40:05
Modified time: 2010-12-14 02:04:25
MD5: 6DB73A4394F47F5574DDB32765EC082F
SHA1: 443BAABF55AA1611FFE0D0C20D12C6D698B6361C

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0410_2e6e3e8eaf9fcb5b.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 10:08:38
Modified time: 2010-12-14 02:06:48
MD5: 94B42E64A6005D43444155CE278F94CD
SHA1: 5B57022AE1E204E4D782C8553C13B2B6F44DED84

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0413_2e6e3e8eaf9fcb5e.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 704
Created time: 2009-08-04 10:14:45
Modified time: 2009-08-04 10:14:31
MD5: B03A33E08CC50EE6714CEC3D96BB2B0D
SHA1: 20887C310F57D05B9D1639BF945F90D371ABBE69

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0816_2e6e3dfeaf9fcca5.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 10:27:48
Modified time: 2010-12-14 02:09:31
MD5: 73051BC8340A0484C45F169BCD0AFFB7
SHA1: 5ED736CB228CE80C17011438A731B760F8629861

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_0c0a_2e6e3c70af9fd034.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 632
Created time: 2009-08-04 09:56:43
Modified time: 2010-12-14 02:12:29
MD5: E600BDB699DBBA3FCE748F69B1FD4B94
SHA1: CC79E83B4220ED0698F921EE41E7EB14A7CCADED

--- C:\Windows\winsxs\FileMaps\$$_inf_wsearchidxpi_a2c41dc1731a4204.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 728
Created time: 2009-07-14 05:32:38
Modified time: 2010-12-14 02:12:29
MD5: D2A5CEB11CFCA1BC08CCD3F0EB8E016B
SHA1: D9EB79AA8669F38EB15EFCE063FD51D7DAC87ABD

--- C:\Windows\winsxs\FileMaps\$$_system32_migwiz_replacementmanifests_windowssearchengine_145004789b880a4a.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 708
Created time: 2009-07-14 05:32:38
Modified time: 2009-07-14 05:32:31
MD5: ACA985EEA43D89C54AB6F82384D6CD68
SHA1: C909AB25FE28727D2CD6D4ED9C2AA69748DEB763

--- C:\Windows\winsxs\FileMaps\$$_syswow64_migwiz_replacementmanifests_windowssearchengine_940baeaeeced0416.cdf-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 704
Created time: 2009-07-14 05:32:38
Modified time: 2009-07-14 05:32:31
MD5: 12CEEC619A839397E78FC9FB1C1B2670
SHA1: 6D763381ECE3F7B785FC40DD62BB12774E3A52AD

--- C:\Windows\winsxs\Manifests\amd64_desktop_shell-search-srchadmin.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_39668b264bed83dc.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2157
Created time: 2009-08-04 10:13:15
Modified time: 2009-08-04 10:13:15
MD5: D75793A4163AEDD55876CF23DEFBD6CB
SHA1: A576E5FCC5394D80FF68B8BB538346A5B16D946D

--- C:\Windows\winsxs\Manifests\amd64_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7600.16385_none_a7bf97adb28bd7c2.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 19560
Created time: 2009-07-14 02:22:14
Modified time: 2009-07-14 02:22:14
MD5: DEA4C5049FEB448EB6DBE21A895D14DE
SHA1: C3D1AC64E71A72878D02E78EAC682489B231492B

--- C:\Windows\winsxs\Manifests\amd64_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7601.17514_none_a9f0ab75af7a5b5c.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 19560
Created time: 2011-05-23 21:08:36
Modified time: 2010-11-20 04:19:12
MD5: 532CF25F0F1372A4757B487BF79930D1
SHA1: B825C1F12BDE2390EBA3482EE8844358C54B2AAE

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-bits-igdsearcher_31bf3856ad364e35_6.1.7600.16385_none_0d612eb0a8b155ff.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2376
Created time: 2009-07-14 02:33:47
Modified time: 2009-07-14 02:18:04
MD5: 4BA02FA44AD0996FC807B74AC52E9830
SHA1: 827053EBFA6772E5F449DA704EB7931F66E04940

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7600.16808_none_1b3c97835a989f39.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1597
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-04 06:26:58
MD5: E21F57CA66B19BD81D3EE671910FBD8C
SHA1: 3EC4DEA509130D1A5398CC03143D715AB1DEE9FA

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7600.20959_none_1b9124fc73dde40f.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1597
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-04 06:07:10
MD5: ED511D6327BD6508C295FCEEB6680164
SHA1: 76A94B3366CB87033DCBAF72F0A3F06E8635AE6F

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7601.17610_none_1d10224d57ce5c5e.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1597
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-04 05:57:33
MD5: A71BA83C46D3F1749969D829A173FCCC
SHA1: B206F9926A23564C2BB60F045573DFE5A4C48D35

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-g..ebuild-search-index_31bf3856ad364e35_6.1.7601.21720_none_1d8eef2c70f41819.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1597
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-04 05:59:50
MD5: 06688488A7A66C577032E67300C04C05
SHA1: B12A630C871695390ACA4074BA00A2A8FF22D6F7

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-adm.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_2ce8f709cc1e56d0.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2448
Created time: 2009-08-04 10:13:15
Modified time: 2009-08-04 10:13:15
MD5: 3C8C483FDE974F7632F4285BF673A6B8
SHA1: 5204F81040B7DE15C68107808C3AD9B31C5ED1EF

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-adm_31bf3856ad364e35_7.0.7600.16385_none_6f015050e39c93c8.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2749
Created time: 2009-07-14 02:25:57
Modified time: 2009-07-14 02:25:57
MD5: 896BF08A52347BB29051598F7FF42625
SHA1: AE943745B016EF461E4884AF6E750E7BE1AA457F

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-events_31bf3856ad364e35_7.0.7600.16385_none_8fc43339419add89.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 45299
Created time: 2009-07-14 02:16:00
Modified time: 2009-07-14 02:11:50
MD5: 7DD301033640C12F5B555FF5B60E4AC5
SHA1: 644DB27AEB3BE4631088672746F8C23DCB6CE3E2

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-explorer_31bf3856ad364e35_6.1.7600.16385_none_ef7a36f86b2159cd.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5899
Created time: 2009-07-14 02:23:58
Modified time: 2009-07-14 02:12:08
MD5: 981483174E4E74F4031877198BBC35E6
SHA1: B9D2DA5681118B92E5FA921D5BD9A7E7906AC55D

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-profilenotify_31bf3856ad364e35_7.0.7600.16385_none_6c2fc3a30824c67e.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 7676
Created time: 2009-07-14 02:25:57
Modified time: 2009-07-14 02:25:57
MD5: 64E6E8B433F17A0AFBD4E44BF1CA9162
SHA1: 66CC6FBD8DB2372BF74B88EC4E9BF910C8A54E40

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_b10f2856eef5909c.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3475
Created time: 2009-07-14 02:27:02
Modified time: 2009-07-14 02:12:08
MD5: 06D7006CE52D4CA104169076D6330251
SHA1: 2E04B06D39FB99522A6F1C16ABD4036A1DF673D5

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-search-shell32_31bf3856ad364e35_6.1.7600.16385_none_fc43fdd433050e4b.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 22298
Created time: 2009-07-14 02:17:07
Modified time: 2009-07-14 02:12:08
MD5: D57718743B7EA13C37C833438F072975
SHA1: 1AB9A2DFE05472EE60750086BDDFF5DA4BED4880

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-searchdiagnostic_31bf3856ad364e35_6.1.7600.16385_none_8d9dc2260d0e1a98.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 13563
Created time: 2009-07-14 02:24:58
Modified time: 2009-07-14 02:24:58
MD5: 05735A6FBB4D5DCC35E15793F85B635C
SHA1: 6CF3FF78BA1318519AD578F5EDA6CD7F8DC5348A

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_925853f4aec06251.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2490
Created time: 2009-08-04 10:11:44
Modified time: 2009-08-04 10:11:44
MD5: 0E1B0362B3DF74914FD4BC4CE8A924FB
SHA1: 8B9C64D2797D7CC10DEA00CE0B9A35E9C070DCAF

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_f6652b9de2fd8a41.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 47159
Created time: 2009-07-14 02:33:58
Modified time: 2009-07-14 02:26:32
MD5: 568424CE4E5A4CAD4C78C7BA58379410
SHA1: 16D9E9896ABB9CDF90B535E33D253EA550DC93EE

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7601.17514_none_f8963f65dfec0ddb.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 47159
Created time: 2011-05-23 21:09:09
Modified time: 2010-11-20 04:21:30
MD5: BF3E6C3B30390ED76EA02E22B95DFC73
SHA1: 99CC77AFA0E16208C3A47950CB4F552C455E2C83

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-shell-search_31bf3856ad364e35_6.1.7600.16385_none_accc235ea3de0e8e.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1062
Created time: 2009-07-14 02:15:59
Modified time: 2009-07-14 02:11:54
MD5: A140B3DF92C73B5E93146D2526E1BB7A
SHA1: 134A1FB3050A923C811B2A13888E9F4FC44E6B57

--- C:\Windows\winsxs\Manifests\amd64_microsoft-windows-shell-search_31bf3856ad364e35_6.1.7601.17514_none_aefd3726a0cc9228.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1065
Created time: 2011-05-23 21:09:09
Modified time: 2010-11-20 08:42:52
MD5: 49C1F31378E8BB578F5729F2E3421F1A
SHA1: 7ADE3ECBC4EFEC003AD9A151BC5D9DA309F85EFB

--- C:\Windows\winsxs\Manifests\amd64_windowssearchcomponent_31bf3856ad364e35_6.1.7600.16385_none_35b2f9824cfb0f36.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2079
Created time: 2009-07-14 02:14:31
Modified time: 2009-07-14 02:14:31
MD5: 5BE33A2FB1E761ACB70799EADE2E0E15
SHA1: 21EE4331BA5898F3124F5607C51FA9A3973BF2FA

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16385_none_2c1b509073f8dc03.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36507
Created time: 2009-07-14 02:33:39
Modified time: 2009-07-14 02:19:05
MD5: 492B3F46D2F147655EA873C66F808AF3
SHA1: 06DFE088BDECA5F593907492FFE18D5790B0660B

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16587_none_2c1d54f073f708ff.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 36507
Created time: 2010-12-07 12:15:36
Modified time: 2010-05-05 08:22:27
MD5: B160D39E498F184C1518E8194B75FCCE
SHA1: 74BEE2F41A760C37E5FD423FD718C6FBA9AEED98

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.20707_none_2cfd73018cd3c668.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 36507
Created time: 2010-12-07 12:15:36
Modified time: 2010-05-05 08:41:48
MD5: B3EF70869D5BD9BE1EFA7821B179C058
SHA1: 3E66741CA766769F4AF1FDB65BAB854FAAAF647E

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7601.17514_none_2e4c645870e75f9d.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 36507
Created time: 2011-05-23 21:08:51
Modified time: 2010-11-20 04:17:56
MD5: DA43807B4463427CAB54F3E1CDF5A794
SHA1: FCA641C255E3CB125F1EECF014AFBA8969D8E5FB

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_cd678b73b6d72d83.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9183
Created time: 2009-08-04 10:13:15
Modified time: 2009-08-04 10:13:15
MD5: 9784D92BD85352B6FD934D9621823607
SHA1: 1826CA6EC43A90AC9A091D54FEA947AD9A0C0468

--- C:\Windows\winsxs\Manifests\amd64_windowssearchenginesku_31bf3856ad364e35_7.0.7600.16385_none_4701b58f43bf95e0.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3843
Created time: 2009-07-14 02:18:24
Modified time: 2009-07-14 02:12:08
MD5: E7671A73F316EB4927C0FE555C00CC9A
SHA1: C6A83C2B0C979DA2147FAE18698D0EA7962EFACA

--- C:\Windows\winsxs\Manifests\amd64_windowssearchenginesku_31bf3856ad364e35_7.0.7601.17514_none_4932c95740ae197a.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 3846
Created time: 2011-05-23 21:08:51
Modified time: 2010-11-20 08:42:54
MD5: 7DDAAF8FF755D1781A81F4DEB339BEC1
SHA1: A1DB5835AE2B360A7E9880FE917451225A3CBC63

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_cf4f145f352676dd.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 334660
Created time: 2009-07-14 02:27:36
Modified time: 2009-07-14 02:27:37
MD5: AFB154A41215807F3EDBFACB7C24E24D
SHA1: DFFB48BB1CFA887F0F922A94F0617163D67645BC

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_cfa89e1b34e2d51d.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 357514
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-05 10:19:15
MD5: F8E1311DEDB555D1EAF640D043BE0288
SHA1: FB803F5508CB60CB637E3154870BF8CF4E5B7976

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_cffd2b944e2819f3.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 357514
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-05 10:19:14
MD5: 2C5B25F1AAA41FF2494700A528DE8F0E
SHA1: 67F44AE070EA796CA6D93EEB3BBD32CDC3139AC2

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 334231
Created time: 2011-05-23 21:08:51
Modified time: 2010-11-20 04:40:36
MD5: 696D657A40C3C3BF9F4537025A37B4D9
SHA1: 39369AEA7245509931123DDF3E0562DAB33AC4BB

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 357514
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-05 10:19:15
MD5: 64DA00DD0D049F723C8E2D5F849CC4FE
SHA1: 2A3E8FA24D80D14F0B829935F0363CB8C6A7150A

--- C:\Windows\winsxs\Manifests\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_d1faf5c44b3e4dfd.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 357514
Created time: 2011-06-29 14:15:51
Modified time: 2011-05-05 10:19:15
MD5: 19010F913942A0415856A4E571D318AC
SHA1: F2BFEE3758D699A3077E8AFB0B25649A2DD81DD7

--- C:\Windows\winsxs\Manifests\wow64_microsoft-windows-bits-igdsearcher_31bf3856ad364e35_6.1.7600.16385_none_17b5d902dd1217fa.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 706
Created time: 2009-07-14 02:33:47
Modified time: 2009-07-14 01:41:58
MD5: 83C823928774AB42955D5E018F270125
SHA1: 4254DE4B0D598A89FC23A0B050C227C43F345EAA

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_d7bc35c5eb37ef7e.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 6674
Created time: 2009-08-04 10:13:15
Modified time: 2009-08-04 10:13:15
MD5: A353393886DB11146BCEBB279EDB4317
SHA1: 10763808F40EFB217750373402EB8FED91BC9E4F

--- C:\Windows\winsxs\Manifests\wow64_windowssearchenginesku_31bf3856ad364e35_7.0.7600.16385_none_51565fe1782057db.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2097
Created time: 2009-07-14 01:43:24
Modified time: 2009-07-14 01:42:21
MD5: 5736D5F126A6F46781F128F6B8BAB43D
SHA1: 2FE84DED2416E2C8CC5D1BCC96872D8740357CC8

--- C:\Windows\winsxs\Manifests\wow64_windowssearchenginesku_31bf3856ad364e35_7.0.7601.17514_none_538773a9750edb75.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 2100
Created time: 2011-05-23 21:08:12
Modified time: 2010-11-20 08:42:54
MD5: 7E639D0F914F73E6433A9BB2F1EB7162
SHA1: 82B054DE87E02A557A3DC22649C7FBA4250B14E2

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 331513
Created time: 2009-07-14 01:43:44
Modified time: 2009-07-14 01:43:46
MD5: D94261CE81D1625EDD71E181FB8CF639
SHA1: D97DCE9DCA4ADE2B7A7921ED82B3DEF6C646BB79

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_d9fd486d69439718.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 355128
Created time: 2011-06-29 14:15:50
Modified time: 2011-05-05 10:19:14
MD5: CC5E87926D71938B252E3AB79B8D8C6F
SHA1: 6E34F79DEB160974BA3C467252CDCF06A5477318

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_da51d5e68288dbee.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 355128
Created time: 2011-06-29 14:15:50
Modified time: 2011-05-05 10:19:14
MD5: 939C0807C7B053603CDB14619C884065
SHA1: 4880A38BE04800DB0535CF97F5488D8392216635

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 331084
Created time: 2011-05-23 21:08:12
Modified time: 2010-11-20 03:27:50
MD5: 44878D0A999518B987970CBAA5707F29
SHA1: 974EB1AD82F30621B7D4E16B6045D8D50171FAAE

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_dbd0d3376679543d.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 355128
Created time: 2011-06-29 14:15:50
Modified time: 2011-05-05 10:19:15
MD5: D3F64821EB5F1AAA0C2E81E8CCD98F18
SHA1: C29B69A0170925C930C640D289BF6036214FCBB8

--- C:\Windows\winsxs\Manifests\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_dc4fa0167f9f0ff8.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 355128
Created time: 2011-06-29 14:15:50
Modified time: 2011-05-05 10:19:15
MD5: 96776D529E2CABBC8E09C3F674D11031
SHA1: 0413C3964BC7C9ACE461CD2832A7909EAB10C7D5

--- C:\Windows\winsxs\Manifests\x86_desktop_shell-search-srchadmin.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_dd47efa2939012a6.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2155
Created time: 2009-08-04 10:13:15
Modified time: 2009-08-04 10:13:15
MD5: 7AE7EAF8C62178FDD374B16EC6901743
SHA1: 287E1514CC3780FACED12540AF4984074B2BA45D

--- C:\Windows\winsxs\Manifests\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7600.16385_none_4ba0fc29fa2e668c.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 19556
Created time: 2009-07-14 01:54:38
Modified time: 2009-07-14 01:54:38
MD5: 63C8D5CAB5C6CC09DE42618C8FC23865
SHA1: F9AB25BA5C401C0FED9007227FD5589B2B578C2E

--- C:\Windows\winsxs\Manifests\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.7601.17514_none_4dd20ff1f71cea26.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 19556
Created time: 2011-05-23 21:08:12
Modified time: 2010-11-20 03:07:58
MD5: C1AB49767DC24F2537FF849279913728
SHA1: 6939B223877E7C94D4FF02651FC0A4574B0F2D52

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-search-explorer_31bf3856ad364e35_6.1.7600.16385_none_935b9b74b2c3e897.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5897
Created time: 2009-07-14 01:55:08
Modified time: 2009-07-14 01:46:33
MD5: 92E83409F5961DD50ACB2CE7A7C1359A
SHA1: 98F755F5065A61721825C15F0659BFE17D945370

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-search-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_54f08cd336981f66.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3473
Created time: 2009-07-14 01:57:46
Modified time: 2009-07-14 01:46:33
MD5: 4CFAAE5E6D5C74BD19DFD4962C6DAD94
SHA1: 033F598B52CD62ACC4B9A670AB41F782BEE91EFB

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-search-shell32_31bf3856ad364e35_6.1.7600.16385_none_a02562507aa79d15.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 22296
Created time: 2009-07-14 01:51:14
Modified time: 2009-07-14 01:46:33
MD5: 32D6C34F6BAD9987D8FB6FB7D04AF5F5
SHA1: AB9B9CA8B2B9310D7553CF07E06613E0B4138796

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_3639b870f662f11b.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2488
Created time: 2009-08-04 10:12:04
Modified time: 2009-08-04 10:12:04
MD5: C828D1D4228F2E25B8B0AD4B30CF685A
SHA1: D01386207F3C79A1ABD470438F386E489299826A

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_9a46901a2aa0190b.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 47155
Created time: 2009-07-14 02:33:58
Modified time: 2009-07-14 01:57:09
MD5: ED331AEADEFE2A8C4D3E6278D2048483
SHA1: 6CB4582FBE35CD8D156770D3905CA0D61C7C5F41

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7601.17514_none_9c77a3e2278e9ca5.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 47155
Created time: 2011-05-23 21:07:59
Modified time: 2010-11-20 03:10:10
MD5: 903A6CE83804A27AA7ECD43777C44A70
SHA1: 0BF26D999A0C21CFA1A3F8633EA059B9C4172F34

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-shell-search_31bf3856ad364e35_6.1.7600.16385_none_50ad87daeb809d58.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1058
Created time: 2009-07-14 01:50:11
Modified time: 2009-07-14 01:46:07
MD5: AC8B4C218FA601A74906B46C729F7FCB
SHA1: 1F2453D22751C4F5BFC5A07BE554F031B7B7A461

--- C:\Windows\winsxs\Manifests\x86_microsoft-windows-shell-search_31bf3856ad364e35_6.1.7601.17514_none_52de9ba2e86f20f2.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 1061
Created time: 2011-05-23 21:07:57
Modified time: 2010-11-20 08:42:52
MD5: E2A7E96A5D00A273D3974BDBCE7B746E
SHA1: 0B1419FC1EF719ED5400DF21F38D75F8D60547E4

--- C:\Windows\winsxs\Manifests\x86_windowssearchcomponent_31bf3856ad364e35_6.1.7600.16385_none_d9945dfe949d9e00.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2077
Created time: 2009-07-14 01:48:20
Modified time: 2009-07-14 01:48:20
MD5: 1DE5D7B03E5B9F8BD48162A5D870D5A0
SHA1: CCE1C5947B7116BE4B5D71725D9A96C46F7A68E4

--- C:\Windows\winsxs\Manifests\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16385_none_cffcb50cbb9b6acd.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36505
Created time: 2009-07-14 02:33:39
Modified time: 2009-07-14 01:53:17
MD5: DEF368A92F200981531E3FBED8FC7D45
SHA1: 019A976DCE873B6A0A0846918A9520B193517F81

--- C:\Windows\winsxs\Manifests\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.16587_none_cffeb96cbb9997c9.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 36505
Created time: 2010-12-07 12:15:36
Modified time: 2010-05-05 07:32:36
MD5: 4CE7782556A88978A76DD829049A1AAC
SHA1: 2EBC57B8F12BA6F8A3A43E57B958B6858915ECD3

--- C:\Windows\winsxs\Manifests\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7600.20707_none_d0ded77dd4765532.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 36505
Created time: 2010-12-07 12:15:36
Modified time: 2010-05-05 07:52:24
MD5: 86C6B52CA553B7B32F065C2AC7033F70
SHA1: 547DF4F9B2ADA25123F73B5312F68E06606CE490

---------- Bericht toegevoegd om 13:55 ---------- Vorige bericht geplaatst om 13:54 ----------

--- C:\Windows\winsxs\Manifests\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.7601.17514_none_d22dc8d4b889ee67.manifest ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ------w-
File size: 36505
Created time: 2011-05-23 21:08:51
Modified time: 2010-11-20 03:06:52
MD5: 8F444A6552157093F3A657CEC90C36C3
SHA1: C38826C6220A46546EFE7E341F18C3AF56D79810

--- C:\Windows\winsxs\wow64_windowssearchengine.resources_31bf3856ad364e35_7.0.7600.16385_nl-nl_d7bc35c5eb37ef7e\SearchIndexer.exe.mui ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 7680
Created time: 2009-08-04 10:14:17
Modified time: 2009-08-04 10:14:17
MD5: F9CF313855CD7B27E9A26B889D8CED0A
SHA1: 6119B32C74A63E16669AD65D6E78726CA685B7E8

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2009-07-14 00:13:15
Modified time: 2009-07-14 01:14:35
MD5: 8A674F9AB20B4937357BF6F5A0938EBF
SHA1: 0C81247718D241D2F58E7515C3B06443256ACBE9

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 428032
Created time: 2009-07-14 00:14:13
Modified time: 2009-07-14 01:14:35
MD5: 622D95520182F6D3D05310D5810CA8B3
SHA1: 3CD4818CEDB6C619263085C3D27026798B867FF9

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2009-07-14 00:14:11
Modified time: 2009-07-14 01:14:35
MD5: 89ED7C028A487340B7D93D5A38FDCB54
SHA1: 55081A83FCC55C4D2A664BC416576CDB2E150E70

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_d9fd486d69439718\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.16808 (win7_gdr.110503-1506)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:52:12
MD5: 7FFE38A9BCE22AED21A0CEA1E6EAD1B5
SHA1: 5646E1DE42882454341CC73995C0E5218577C0E3

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_d9fd486d69439718\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 428032
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:52:12
MD5: 71402C7923F6B7F8ACB48E50F35463E7
SHA1: 0D3AC92D582041B2F0DDF7E3AAA4ECABAFA9478A

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_d9fd486d69439718\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.16808 (win7_gdr.110503-1506)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:52:12
MD5: 5D66CBCDA60ECCE893B8E69BD5F23F92
SHA1: 5CF1BDB63453268E54D31D7570A13797837C8251

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16808_none_d9fd486d69439718\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_da51d5e68288dbee\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.20959 (win7_ldr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:32:15
MD5: 37C0BE2962C89EC1886D89C95420E065
SHA1: F197D14874A0D98E400DC15296542B130D780989

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_da51d5e68288dbee\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 428032
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:32:15
MD5: 9914FAC167B4B753B4B0954CE5D826DF
SHA1: BF87678C9CA1487A01E3D1A4056BF5E8B2677386

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_da51d5e68288dbee\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.20959 (win7_ldr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:32:16
MD5: 19E79A36732EA27F7060A6B12D3E91EE
SHA1: 103AECDBEFB46E8331089783D1843679D9508CF5

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.20959_none_da51d5e68288dbee\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2009-07-14 00:13:15
Modified time: 2009-07-14 01:14:35
MD5: 8A674F9AB20B4937357BF6F5A0938EBF
SHA1: 0C81247718D241D2F58E7515C3B06443256ACBE9

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 428032
Created time: 2009-07-14 00:14:13
Modified time: 2009-07-14 01:14:35
MD5: 622D95520182F6D3D05310D5810CA8B3
SHA1: 3CD4818CEDB6C619263085C3D27026798B867FF9

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2009-07-14 00:14:11
Modified time: 2009-07-14 01:14:35
MD5: 89ED7C028A487340B7D93D5A38FDCB54
SHA1: 55081A83FCC55C4D2A664BC416576CDB2E150E70

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_dbd0d3376679543d\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:28:31
MD5: A6CD6B3F71E13E2E45B727FB8A47EA87
SHA1: C662BB3DA0DD5FDAE9A7661226F13689786777FD

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_dbd0d3376679543d\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 427520
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:28:31
MD5: 236F286E103FD44BD85FDD93097FD5DD
SHA1: 855DF07D843BEBC54597F29E028CCFA5B45FBE22

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_dbd0d3376679543d\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7601.17610 (win7sp1_gdr.110503-1502)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:28:31
MD5: E1AC89F6C5252057E6062843E36A6701
SHA1: 7B0C202950B157AE68AFF26DC68B4F843C17AA18

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_dbd0d3376679543d\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_dc4fa0167f9f0ff8\SearchFilterHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Filter Host
File Version: 7.00.7601.21720 (win7sp1_ldr.110503-1503)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchFilterHost.exe
File type: ----a-w-
File size: 86528
Created time: 2011-06-29 14:16:23
Modified time: 2011-05-04 04:25:57
MD5: E403826E539E8A02FFBF8C53E55DA736
SHA1: 4C27ACB5BC6414EA246448C0A82EE40167DBE2F9

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_dc4fa0167f9f0ff8\SearchIndexer.exe ---
Company: Microsoft Corporation
File Description: Indexeerfunctie van Microsoft Windows Search
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchIndexer.exe.mui
File type: ----a-w-
File size: 427520
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:25:57
MD5: EAABB1781F0CC738C0257DA799C43986
SHA1: AD3DBEDD125ECDD765BE37EFD4E9FDEACDBDD2EC

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_dc4fa0167f9f0ff8\SearchProtocolHost.exe ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Protocol Host
File Version: 7.00.7601.21720 (win7sp1_ldr.110503-1503)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: SearchProtocolHost.exe
File type: ----a-w-
File size: 164352
Created time: 2011-06-29 14:16:24
Modified time: 2011-05-04 04:25:57
MD5: A2171001C7B7BAE85B70685E234E7340
SHA1: 71DD13A1024BA9A7F3F35AC3A14B3185C9163E87

--- C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_dc4fa0167f9f0ff8\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:00
Modified time: 2009-07-14 01:16:20
MD5: 7103B95BEDA0B04C68C74A39BEAE9699
SHA1: DAFD1DEB837676B0169540B07A5F8C89B5B30623

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\btn_search_down.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3573
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: 6DD6B9EA723D75990FA36CA79B9E8732
SHA1: F25E26CFEB0762300F6EE6CB0687AC11726FDCBB

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\btn_search_down_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3581
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: C04DB72ABB3CFDC44E0D503B96D82D7E
SHA1: 8911E9852C762733671474AD0ACA13CE76EC4530

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\btn_search_over.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3559
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: 1CD0EEEA637FCC2E759C6A3BA5331E33
SHA1: 367BD0260E8569461060CBC9D86E8CFC776792AD

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\btn_search_over_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3582
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: A76EF777CABDA865DB088BC1091164F7
SHA1: AA66AFEAC354B367FF23213A152AE0F3B1219DCF

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\btn_search_up.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: C4FDC276ACE4129C8A9B3E79E8FC5103
SHA1: 268738FA7056C7A5C4C83B3A2647E947BF6A2093

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\btn_search_up_BIDI.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3456
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: B2547E1B4B133B1312D3D8ED999CEF72
SHA1: 0D67E5203A75C5A858EDE12694C19AE49948F231

--- C:\Windows\winsxs\x86_microsoft-windows-gadgets-weather_31bf3856ad364e35_6.1.7600.16385_none_4db0b909695af8f9\search_background.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 482
Created time: 2009-07-13 21:56:13
Modified time: 2009-06-10 21:38:06
MD5: E34043F0378ACDD4E2F3FB1F76B8EC91
SHA1: 7BD0E52B9F7FAF988C0BF7FCDDF6A90DFBDE7847

--- C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.1.7600.16385_none_024f0ba1e4ed554c\WindowsSearchEngine-DL.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5748
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 119875F76AF9D11ED66D829094A2C965
SHA1: 014D08964B07937DC0F6B989AAC008018FCE20E3

--- C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.1.7601.17514_none_04801f69e1dbd8e6\WindowsSearchEngine-DL.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5748
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 119875F76AF9D11ED66D829094A2C965
SHA1: 014D08964B07937DC0F6B989AAC008018FCE20E3

--- C:\Windows\winsxs\x86_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7600.16385_none_fbcab2314ccb2104\WindowsSearchEngine-replacement.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5929
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 9EAB0B79260A3EAC1A330239847FC19D
SHA1: 3C4FADA3C4DA4BA70D37D4C6D402379C6D06B588

--- C:\Windows\winsxs\x86_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7600.16385_none_fbcab2314ccb2104\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:03
Modified time: 2009-07-14 01:16:14
MD5: 92B5E225D669CB5A61D1CF57E92E8778
SHA1: 611A255765453C9ED2ABBEE44DF646454E44D32F

--- C:\Windows\winsxs\x86_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7601.17514_none_fdfbc5f949b9a49e\WindowsSearchEngine-replacement.man ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5929
Created time: 2009-06-10 21:25:03
Modified time: 2009-06-10 21:25:03
MD5: 9EAB0B79260A3EAC1A330239847FC19D
SHA1: 3C4FADA3C4DA4BA70D37D4C6D402379C6D06B588

--- C:\Windows\winsxs\x86_microsoft-windows-m..eplacementmanifests_31bf3856ad364e35_6.1.7601.17514_none_fdfbc5f949b9a49e\WSearchMigPlugin.dll ---
Company: Microsoft Corporation
File Description: Microsoft Windows Search Migration Plugin
File Version: 7.00.7600.16385 (win7_rtm.090713-1255)
Product Name: Windows Search
Copyright: Microsoft Corporation. All rights reserved.
Original Filename: WSearchMigPlugin.dll
File type: ----a-w-
File size: 57344
Created time: 2009-07-14 00:13:03
Modified time: 2009-07-14 01:16:14
MD5: 92B5E225D669CB5A61D1CF57E92E8778
SHA1: 611A255765453C9ED2ABBEE44DF646454E44D32F

--- C:\Windows\winsxs\x86_microsoft-windows-searchfolder.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_3639b870f662f11b\searchfolder.dll.mui ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 153600
Created time: 2009-08-04 10:13:51
Modified time: 2009-08-04 10:13:51
MD5: 72BADE5B342F922CBCA921BBD46B668D
SHA1: E08D4E7DD4002875C49F00C79BCC589B231C0DDE

--- C:\Windows\winsxs\x86_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7600.16385_none_9a46901a2aa0190b\SearchFolder.dll ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 643072
Created time: 2009-07-13 23:43:28
Modified time: 2009-07-14 01:16:13
MD5: 47098E5D669470801621AC09C7C77CC0
SHA1: E39653AACDAD91B221D8B4ED5104608FD8C2860A

--- C:\Windows\winsxs\x86_microsoft-windows-searchfolder_31bf3856ad364e35_6.1.7601.17514_none_9c77a3e2278e9ca5\SearchFolder.dll ---
Company: Microsoft Corporation
File Description: SearchFolder
File Version: 6.1.7600.16385 (win7_rtm.090713-1255)
Product Name: Besturingssysteem Microsoft Windows
Copyright: Microsoft Corporation. Alle rechten voorbehouden.
Original Filename: SearchFolder.dll.mui
File type: ----a-w-
File size: 646144
Created time: 2011-05-23 21:47:37
Modified time: 2010-11-20 12:21:06
MD5: 6581B52E133CC6D00661C58968C7E212
SHA1: A6318DC4D9EE7633F2295D448E158A23CA4160F2

--- C:\Windows\winsxs\x86_windowssearchcomponent_31bf3856ad364e35_6.1.7600.16385_none_d9945dfe949d9e00\WindowsSearchComponent-ppdlic.xrm-ms ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3028
Created time: 2009-07-14 01:25:38
Modified time: 2009-07-14 01:25:38
MD5: 006419122B2C2C2A655A9EDBD11CDC89
SHA1: 5AFDD2940ABF8AADFAB394032B428DC05542E18D

[Opgelost] Checkje.

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Bekend gezicht

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Abraham54

Gast

Bekend gezicht

Bekend gezicht

Bekend gezicht

Bekend gezicht

Wij waarderen jouw privacy