BoukeM
-
Items
7 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door BoukeM
-
-
E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014
Downloaded @ E Dev
Run at do 30 okt 2014 22:33
.
Windows 7 Home Premium SP 1 (64 bits)
C:\Windows [NTFS - Fixed]
Default Browser: Internet Explorer
Boot mode: Normal boot
User logged in: bas
.
Java x86: n/a
Java x64: n/a
.
AV : AVG Internet Security 2015 [updated - Not Running]
AS : Windows Defender [updated - Running]
AS : AVG Internet Security 2015 [updated - Not Running]
FW : FW : AVG Internet Security 2015 [updated - Running]
.
==================== Files and Folders history =================================
Folders Created Last 7 days :
30-10-2014 ##### r-h-s-d+a- C:\rsit
30-10-2014 ##### r-h-s-d+a- C:\ProgramData\Brother
30-10-2014 ##### r-h-s-d+a- C:\Program Files\trend micro
30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\trend micro
30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware2
30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
30-10-2014 ##### r-h-s-d+a- C:\AdwCleaner
30-10-2014 ##### r-h+s+d+a- C:\Config.Msi
30-10-2014 ##### r+h-s-d+a- C:\Users\bas\AppData\Roaming\Brother
29-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{AAF58843-34AF-4447-9799-48D655E0FFBB}
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG2015
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg2015
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Adobe
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\PCSettings
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab Setup Files
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG
28-10-2014 ##### r-h+s-d+a- C:\$AVG
25-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Comodo
24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{D2BC4465-67B0-45F6-9989-A6BAC87EE217}
24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{4F7C91D6-11CD-4BF4-98B7-EDC3F3CC9ACB}
Files Modified Last 7 days :
30-10-2014 01701720 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI
30-10-2014 00743606 r-h-s-d-a+ C:\Windows\system32\perfh013.dat
30-10-2014 00662098 r-h-s-d-a+ C:\Windows\system32\perfh009.dat
30-10-2014 00352176 r-h-s-d-a+ C:\Windows\system32\FNTCACHE.DAT
30-10-2014 00153432 r-h-s-d-a+ C:\Windows\system32\perfc013.dat
30-10-2014 00122310 r-h-s-d-a+ C:\Windows\system32\perfc009.dat
30-10-2014 00045056 r-h-s-d-a+ C:\Windows\system32\acovcnt.exe
30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
30-10-2014 00000741 r-h-s-d-a+ C:\Windows\system32\log.txt
30-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt
28-10-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe
28-10-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
28-10-2014 00003048 r-h-s-d-a+ C:\Windows\system32\AutoRunFilter.ini
28-10-2014 00001783 r-h-s-d-a+ C:\Windows\system32\ServiceFilter.ini
Files Created Last 7 days :
30-10-2014 00536576 r-h-s-d-a+ C:\Windows\SysWOW64\sqlite3.dll
30-10-2014 00006257 r-h-s-d-a+ C:\ProgramData\hpzinstall.log
30-10-2014 00000741 r-h-s-d-a+ C:\Windows\system32\log.txt
30-10-2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
28-10-2014 05666024 r-h+s-d-a+ C:\Users\bas\AppData\Local\IconCache.db
25-10-2014 00000262 r+h+s+d-a+ C:\ProgramData\ntuser.pol
==================== RUNNING PROCESSES =========================================
[ACEngSvr] -bas- C:\Windows\SysWOW64\ACEngSvr.exe - (ASUSTeK)
[ACMON] -bas- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - (ASUS)
[ACService] -SYSTEM- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - (ArcSoft Inc.)
[AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Atheros Commnucations)
[ALU] -bas- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ()
[armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)
[AsLdrSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe - (ASUS)
[AsScrPro] -bas- C:\Windows\AsScrPro.exe - (ASUS)
[Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros)
[AthBtTray] -bas- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - (Atheros Commnucations)
[ATKOSD2] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - (ASUS)
[avgfws] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe - (AVG Technologies CZ, s.r.o.)
[avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.)
[batteryLife] -bas- C:\Program Files\P4G\BatteryLife.exe - (ASUS)
[btvStack] -bas- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Atheros Communications)
[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)
[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)
[ctfmon] -bas- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation)
[DMedia] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - (ASUS)
[dwm] -bas- C:\Windows\system32\Dwm.exe - (Microsoft Corporation)
[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)
[ETDCtrl] -bas- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronic Corp.)
[explorer] -bas- C:\Windows\Explorer.EXE - (Microsoft Corporation)
[FBAgent] -SYSTEM- C:\Windows\system32\FBAgent.exe - (ASUSTeK Computer Inc.)
[FLxHCIm] -bas- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - (Windows ® Win 7 DDK provider)
[GFNEXSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - (ASUS)
[GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - (Google Inc.)
[GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - (Google Inc.)
[HControlUser] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - (ASUS)
[hkcmd] -bas- C:\Windows\System32\hkcmd.exe - (Intel Corporation)
[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)
[iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation)
[igfxpers] -bas- C:\Windows\System32\igfxpers.exe - (Intel Corporation)
[igfxtray] -bas- C:\Windows\System32\igfxtray.exe - (Intel Corporation)
[LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - (Intel Corporation)
[lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation)
[lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation)
[nvtray] -bas- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation)
[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)
[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)
[NvXDSync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation)
[PresentationFontCache] -LOCAL SERVICE- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation)
[psi_tray] -bas- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe - (Secunia)
[psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia)
[RAVBg64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor)
[RAVCpl64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
[searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation)
[services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation)
[smartlogon] -SYSTEM- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - (ASUS)
[smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation)
[sonicMasterTray] -bas- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - (Virage Logic Corporation / Sonic Focus)
[spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation)
[sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe - (Secunia)
[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
[taskhost] -bas- C:\Windows\system32\taskhost.exe - (Microsoft Corporation)
[TurboBoost] -LOCAL SERVICE- C:\Program Files\Intel\TurboBoost\TurboBoost.exe - (Intel® Corporation)
[uNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - (Intel Corporation)
[VAWinAgent] -bas- C:\ExpressGateUtil\VAWinAgent.exe - ()
[VAWinService] -SYSTEM- C:\ExpressGateUtil\VAWinService.exe - ()
[wcourier] -bas- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ()
[wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation)
[winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation)
[WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.)
[WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.)
[WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
[wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)
[WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation)
==================== IE PAGES ==================================================
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com
IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE10 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE10 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE12 - HKLM\..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com
IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE10 x64 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE10 x64 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
==================== Auto Load =================================================
AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe,
AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,
AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
==================== Windows Host File =========================================
127.0.0.1 localhost
==================== BHO =======================================================
BHO - [CIESpeechBHO Class] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO - [Windows Live Messenger Companion Helper] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} @ Default = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO x64 - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
==================== Auto Start Programs =======================================
ASP01 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
ASP01 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
ASP01 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ASP01 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
ASP01 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
ASP01 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
ASP01 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe
ASP01 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
ASP01 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
ASP01 x64 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
ASP01 x64 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
ASP01 x64 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ASP01 x64 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
ASP01 x64 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
ASP01 x64 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
ASP01 x64 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe
ASP01 x64 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
ASP01 x64 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
==================== Extra Items IE ============================================
EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {54739D49-AC03-4C57-9264-C5195596B3A1} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {CD1A63BA-A08C-431B-9A34-F240AADC728D} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} =
==================== Internet Default Prefix ===================================
IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
==================== Default Settings IE - DSIE ================================
DSIE - ieuinit.inf: START_PAGE= "Microsoft Corporation
DSIE - ieuinit.inf: SEARCH_PAGE_URL= "Microsoft Corporation
==================== Protocol Hijackers - PH ===================================
PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [f70d4a14ab747bac68b559c046d6fbff]
PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown
PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown
==================== Automatic Started DLL's (AS) ==============================
AS00 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll
AS00 x64 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll
==================== ShellServiceObjectDelayLoad - SSODL =======================
SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
==================== Extra items - EXT (Torpig/ConduitSearch) ==================
EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity
EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}
EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll
EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity
EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll
==================== DRIVERS and SERVICES ======================================
*** Win32OwnProcess ***
SERV - R2 - [ACDaemon] - ArcSoft Connect Daemon - c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe
SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
SERV - R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe
SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
SERV - R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe
SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe
SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
SERV - R2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe
SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe
SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
SERV - R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe
SERV - R2 - [secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe
SERV - R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe
SERV - R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe
SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
SERV - R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe
SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe
SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
SERV - S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
SERV - S3 - [gusvc] - Google Updater Service - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe
SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe
*** Win32ShareProcess ***
SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe
SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe
SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
*** Others ***
SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
SERV - S2 - [vsmon] - TrueVector Internet Monitor - c:\program files (x86)\checkpoint\zonealarm\vsmon.exe
SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe
*** File System Driver ***
DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys
DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys
DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys
DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys
DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys
DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys
*** Kernel Driver ***
DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys
DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys
DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys
DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys
DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys
DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys
DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys
DRV - R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys
DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys
DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys
DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys
DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys
DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys
DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
==================== SvcHost - White Listed ====================================
All Ok
WOW - All Ok
==================== SigCheck x86 Fast =========================================
Fast Scan All ok
==================== SigCheck x64 Fast =========================================
Fast Scan All ok
==================== Job tasks =================================================
There are no .job files found.
==================== End scanning at do 30 okt 2014 22:34 (1 Min 7 Sec ) =======
- - - Updated - - -
Ik word steeds blijer, ik denk ook dat mijn twee problemen in een keer worden opgelost.
Het geen meldingen meer van kapotte of ontbrekende .dll files meer.
-
Log van del.bat
Deleting Registry Keys
"HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}" deleted successfully
"HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" deleted successfully
"HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" not deleted
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5432F822-EA6F-4742-B162-A3291DFC8F75}" not deleted
"HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" not deleted
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}" deleted successfully
-
Malwarebytes Anti-Malware
Scan Date: 30-10-2014
Scan Time: 15:50:18
Logfile: malwarelog30-10-14.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.10.30.08
Rootkit Database: v2014.10.22.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: bas
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 642343
Time Elapsed: 2 hr, 31 min, 15 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v3.311 - Rapport aangemaakt 30/10/2014 op 18:36:22
# Laatste Update 30/09/2014 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruikersnaam : bas - BAS-PC
# Gestart vanuit : C:\Users\bas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TU0TFAPV\adwcleaner_3.311.exe
# Optie : Scannen
***** [ Services ] *****
***** [ Bestanden / Mappen ] *****
Bestand Gevonden : C:\END
Bestand Gevonden : C:\Users\bas\AppData\Roaming\LiveSupport.exe_log.txt
Bestand Gevonden : C:\Users\bas\AppData\Roaming\Mozilla\Firefox\Profiles\qtr3f2al.default\user.js
Bestand Gevonden : C:\Users\bas\AppData\Roaming\regsvr32.exe_log.txt
Bestand Gevonden : C:\Users\bas\daemonprocess.txt
Bestand Gevonden : C:\Users\bas\Desktop\AppSafe.lnk
Map Gevonden : C:\Program Files (x86)\AppSafe
Map Gevonden : C:\Program Files (x86)\AskPartnerNetwork
Map Gevonden : C:\Program Files (x86)\FinalTorrent
Map Gevonden : C:\Program Files (x86)\FlvPlayer
Map Gevonden : C:\Program Files (x86)\Movies Toolbar
Map Gevonden : C:\Program Files (x86)\MyPC Backup
Map Gevonden : C:\Program Files (x86)\Settings Manager
Map Gevonden : C:\ProgramData\apn
Map Gevonden : C:\ProgramData\Babylon
Map Gevonden : C:\ProgramData\BitGuard
Map Gevonden : C:\ProgramData\Browser Manager
Map Gevonden : C:\ProgramData\BrowserProtect
Map Gevonden : C:\ProgramData\Computer Updater
Map Gevonden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent
Map Gevonden : C:\ProgramData\Systweak
Map Gevonden : C:\ProgramData\Trusted Publisher
Map Gevonden : C:\ProgramData\wincert
Map Gevonden : C:\ProgramData\WPM
Map Gevonden : C:\Users\Administrator\AppData\Local\Chromatic Browser
Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Administrator\AppData\Local\torch
Map Gevonden : C:\Users\bas\AppData\Local\Astromenda
Map Gevonden : C:\Users\bas\AppData\Local\Chromatic Browser
Map Gevonden : C:\Users\bas\AppData\Local\genienext
Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Map Gevonden : C:\Users\bas\AppData\Local\Linkey
Map Gevonden : C:\Users\bas\AppData\Local\Mobogenie
Map Gevonden : C:\Users\bas\AppData\Local\torch
Map Gevonden : C:\Users\bas\AppData\LocalLow\HPAppData
Map Gevonden : C:\Users\bas\AppData\LocalLow\iac
Map Gevonden : C:\Users\bas\AppData\LocalLow\SimplyTech
Map Gevonden : C:\Users\bas\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
Map Gevonden : C:\Users\bas\AppData\Roaming\0V1L2Z2Z1T1I1L1T
Map Gevonden : C:\Users\bas\AppData\Roaming\1H1Q
Map Gevonden : C:\Users\bas\AppData\Roaming\AppCloudUpdater
Map Gevonden : C:\Users\bas\AppData\Roaming\BabSolution
Map Gevonden : C:\Users\bas\AppData\Roaming\FinalTorrent
Map Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppSafe
Map Gevonden : C:\Users\bas\AppData\Roaming\PerformerSoft
Map Gevonden : C:\Users\bas\AppData\Roaming\SecureSearch
Map Gevonden : C:\Users\bas\AppData\Roaming\SimplyTech
Map Gevonden : C:\Users\bas\AppData\Roaming\Systweak
Map Gevonden : C:\Users\bas\Documents\Mobogenie
Map Gevonden : C:\Users\bas\Documents\Optimizer Pro
Map Gevonden : C:\Users\Gast\AppData\Local\Chromatic Browser
Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\Gast\AppData\Local\torch
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\HomeGroupUser$\AppData\Local\torch
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\llanodmhmembedcjcjilamalmphmjflk
Map Gevonden : C:\Users\UpdatusUser\AppData\Local\torch
***** [ Taken ] *****
Taak Gevonden : AppCloudUpdater
Taak Gevonden : ASP
Taak Gevonden : BitGuard
Taak Gevonden : DealPlyUpdate
Taak Gevonden : FinalTorrent Update Checker
Taak Gevonden : LaunchSignup
***** [ Snelkoppelingen ] *****
Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )
Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )
Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )
Snelkoppeling Gevonden : C:\Users\bas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1414246359&from=wpc&uid=ST9500325AS_S2W6VTXBXXXXS2W6VTXB )
***** [ Register ] *****
Gegevens Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\mgrldr.dll,
Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll,
Gegevens Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\wincert\win64c~1.dll
Sleutel Gevonden : HKCU\Software\AppCloudUpdater
Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Sleutel Gevonden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Sleutel Gevonden : HKCU\Software\AppSafe
Sleutel Gevonden : HKCU\Software\BRS
Sleutel Gevonden : HKCU\Software\Conduit
Sleutel Gevonden : HKCU\Software\ilivid
Sleutel Gevonden : HKCU\Software\Linkey
Sleutel Gevonden : HKCU\Software\LiveSupport
Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A836234-186C-41A0-9863-40BECDEDED9F}
Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppCloudUpdater
Sleutel Gevonden : HKCU\Software\Optimizer Pro
Sleutel Gevonden : HKCU\Software\qtrax
Sleutel Gevonden : HKCU\Software\RegisteredApplicationsEx
Sleutel Gevonden : HKCU\Software\simplytech
Sleutel Gevonden : HKCU\Software\Vittalia
Sleutel Gevonden : HKCU\Software\VuuPC
Sleutel Gevonden : HKCU\Software\WSE Rocket
Sleutel Gevonden : [x64] HKCU\Software\AppCloudUpdater
Sleutel Gevonden : [x64] HKCU\Software\AppSafe
Sleutel Gevonden : [x64] HKCU\Software\BRS
Sleutel Gevonden : [x64] HKCU\Software\Conduit
Sleutel Gevonden : [x64] HKCU\Software\ilivid
Sleutel Gevonden : [x64] HKCU\Software\Linkey
Sleutel Gevonden : [x64] HKCU\Software\LiveSupport
Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Sleutel Gevonden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Sleutel Gevonden : [x64] HKCU\Software\Optimizer Pro
Sleutel Gevonden : [x64] HKCU\Software\qtrax
Sleutel Gevonden : [x64] HKCU\Software\RegisteredApplicationsEx
Sleutel Gevonden : [x64] HKCU\Software\simplytech
Sleutel Gevonden : [x64] HKCU\Software\Vittalia
Sleutel Gevonden : [x64] HKCU\Software\VuuPC
Sleutel Gevonden : [x64] HKCU\Software\WSE Rocket
Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Sleutel Gevonden : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Sleutel Gevonden : HKLM\SOFTWARE\AppSafe
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{5B6E533F-F78F-4525-B316-312BAF1295D1}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{FD58258C-84A6-4DEF-9793-019BE7F491A7}
Sleutel Gevonden : HKLM\SOFTWARE\Conduit
Sleutel Gevonden : HKLM\SOFTWARE\InstallCore
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88E44198-D164-4EC0-B2C0-F679D866C6DA}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F671C1B3-9776-426D-A350-55FB2D9B53F7}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppSafe
Sleutel Gevonden : HKLM\SOFTWARE\systweak
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{2A836234-186C-41A0-9863-40BECDEDED9F}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{2D017725-74A0-4513-913D-2939ADF6D0F3}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{3061B3C3-8B7F-4DBD-82DF-0B6CE9AA60E8}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{806ED5AF-3ED0-454C-BE4E-6644DD7BEDD1}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9275FE6D-8F84-4CA5-97E7-DD3AFD5E4BDE}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9ADA5C62-B227-45A9-9D77-E5609A43E943}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A37DD83A-DABA-4EF0-98AA-CDDA88839172}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{A70CA55D-8EE5-4997-8BC3-B341E36ACBBA}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B5445928-B77D-474B-84F6-6F1323CA5701}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{BE6C7021-0352-4A7E-8A5B-46126353049E}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2AA22AE-2103-4D78-9C0D-46DE64EE0ED7}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{D94BA844-0355-4F02-97F2-6856CD94FE66}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{DFBED68E-BBF6-454A-940F-C84C7E7B4CE6}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4F96034-2761-4BAF-B906-E4B59E5D50EA}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\Interface\{FE42F7F2-D931-40CD-ACE7-7B47383ACE25}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Conduit
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A836234-186C-41A0-9863-40BECDEDED9F}
Sleutel Gevonden : [x64] HKLM\SOFTWARE\Speedchecker Limited
Waarde Gevonden : HKCU\Software\Mozilla\Firefox\Extensions [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}]
Waarde Gevonden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Waarde Gevonden : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Waarde Gevonden : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v
[ Bestand : C:\Users\bas\AppData\Roaming\Mozilla\Firefox\Profiles\qtr3f2al.default\prefs.js ]
Regel gevonden : user_pref("browser.search.defaultengine", "Web Search");
Regel gevonden : user_pref("browser.search.defaultenginename", "Web Search");
Regel gevonden : user_pref("browser.search.order.1", "Web Search");
Regel gevonden : user_pref("browser.search.selectedEngine", "Web Search");
-\\ Google Chrome v
[ Bestand : C:\Users\bas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gevonden [search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=NL&ver=21&locale=nl_NL&gct=sb&qsrc=2869
Gevonden [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
Gevonden [Extension] : llanodmhmembedcjcjilamalmphmjflk
*************************
AdwCleaner[R0].txt - [27946 octets] - [30/10/2014 18:36:22]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [28007 octets] ##########
E-Peek v 1.0.5.4 © Emphyrio/Onsia Patrick 2013-2014
Downloaded @ E Dev
Run at do 30 okt 2014 20:12
.
Windows 7 Home Premium SP 1 (64 bits)
C:\Windows [NTFS - Fixed]
Default Browser: Internet Explorer
Boot mode: Normal boot
User logged in: bas
.
Java x86: 1.7.0_71
Java x64: 1.7.0_65
.
AV : AVG Internet Security 2015 [updated - Not Running]
AS : Windows Defender [updated - Not Running]
AS : AVG Internet Security 2015 [updated - Not Running]
FW : FW : AVG Internet Security 2015 [updated - Not Running]
.
==================== Files and Folders history =================================
Folders Created Last 7 days :
30-10-2014 ##### r-h-s-d+a- C:\rsit
30-10-2014 ##### r-h-s-d+a- C:\Program Files\trend micro
30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\trend micro
30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware2
30-10-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
30-10-2014 ##### r-h-s-d+a- C:\AdwCleaner
29-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{AAF58843-34AF-4447-9799-48D655E0FFBB}
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG2015
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Roaming\AVG
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg2015
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Avg
28-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Adobe
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\PCSettings
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab Setup Files
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\Kaspersky Lab
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG2015
28-10-2014 ##### r-h-s-d+a- C:\ProgramData\AVG
28-10-2014 ##### r-h+s-d+a- C:\$AVG
25-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\Comodo
24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{D2BC4465-67B0-45F6-9989-A6BAC87EE217}
24-10-2014 ##### r-h-s-d+a- C:\Users\bas\AppData\Local\{4F7C91D6-11CD-4BF4-98B7-EDC3F3CC9ACB}
Files Modified Last 7 days :
30-10-2014 01701720 r-h-s-d-a+ C:\Windows\system32\PerfStringBackup.INI
30-10-2014 00743606 r-h-s-d-a+ C:\Windows\system32\perfh013.dat
30-10-2014 00662098 r-h-s-d-a+ C:\Windows\system32\perfh009.dat
30-10-2014 00153432 r-h-s-d-a+ C:\Windows\system32\perfc013.dat
30-10-2014 00122310 r-h-s-d-a+ C:\Windows\system32\perfc009.dat
30-10-2014 00045056 r-h-s-d-a+ C:\Windows\system32\acovcnt.exe
30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
30-10-2014 00018736 r-h+s-d-a+ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
30-10-2014 00000018 r-h-s-d-a+ C:\Windows\SysWOW64\log.txt
28-10-2014 00701104 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerApp.exe
28-10-2014 00071344 r-h-s-d-a+ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
28-10-2014 00003048 r-h-s-d-a+ C:\Windows\system32\AutoRunFilter.ini
28-10-2014 00001783 r-h-s-d-a+ C:\Windows\system32\ServiceFilter.ini
Files Created Last 7 days :
30-10-2014 00536576 r-h-s-d-a+ C:\Windows\SysWOW64\sqlite3.dll
30-10-2014 00000109 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
28-10-2014 05020177 r-h+s-d-a+ C:\Users\bas\AppData\Local\IconCache.db
25-10-2014 00000262 r+h+s+d-a+ C:\ProgramData\ntuser.pol
==================== RUNNING PROCESSES =========================================
[ACEngSvr] -bas- C:\Windows\SysWOW64\ACEngSvr.exe - (ASUSTeK)
[ACMON] -bas- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - (ASUS)
[ACService] -SYSTEM- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - (ArcSoft Inc.)
[AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Atheros Commnucations)
[ALU] -bas- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ()
[armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)
[AsLdrSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe - (ASUS)
[AsScrPro] -bas- C:\Windows\AsScrPro.exe - (ASUS)
[Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros)
[AthBtTray] -bas- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - (Atheros Commnucations)
[ATKOSD2] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - (ASUS)
[avgui] -bas- C:\Program Files (x86)\AVG\AVG2015\avgui.exe - (AVG Technologies CZ, s.r.o.)
[avgwdsvc] -SYSTEM- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe - (AVG Technologies CZ, s.r.o.)
[batteryLife] -bas- C:\Program Files\P4G\BatteryLife.exe - (ASUS)
[btvStack] -bas- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Atheros Communications)
[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)
[csrss] -SYSTEM- C:\Windows\system32\csrss.exe - (Microsoft Corporation)
[ctfmon] -bas- C:\Windows\SysWOW64\ctfmon.exe - (Microsoft Corporation)
[DMedia] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - (ASUS)
[dwm] -bas- C:\Windows\system32\Dwm.exe - (Microsoft Corporation)
[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)
[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)
[E-Peek 1.0.5] -bas- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.0.5.exe - (E Dev)
[ETDCtrl] -bas- C:\Program Files\Elantech\ETDCtrl.exe - (ELAN Microelectronic Corp.)
[explorer] -bas- C:\Windows\explorer.exe - (Microsoft Corporation)
[FBAgent] -SYSTEM- C:\Windows\system32\FBAgent.exe - (ASUSTeK Computer Inc.)
[FLxHCIm] -bas- C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - (Windows ® Win 7 DDK provider)
[GFNEXSrv] -SYSTEM- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - (ASUS)
[GoogleCrashHandler] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe - (Google Inc.)
[GoogleCrashHandler64] -SYSTEM- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe - (Google Inc.)
[HControlUser] -bas- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - (ASUS)
[hkcmd] -bas- C:\Windows\System32\hkcmd.exe - (Intel Corporation)
[HpqSRmon] -bas- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe - (Hewlett-Packard)
[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)
[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)
[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)
[iexplore] -bas- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE - (Microsoft Corporation)
[iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation)
[iexplore] -bas- C:\Program Files\Internet Explorer\iexplore.exe - (Microsoft Corporation)
[igfxpers] -bas- C:\Windows\System32\igfxpers.exe - (Intel Corporation)
[igfxtray] -bas- C:\Windows\System32\igfxtray.exe - (Intel Corporation)
[LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - (Intel Corporation)
[lpksetup] -SYSTEM- C:\Windows\System32\lpksetup.exe - (Microsoft Corporation)
[lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation)
[lsm] -SYSTEM- C:\Windows\system32\lsm.exe - (Microsoft Corporation)
[mbam] -bas- C:\Program Files (x86)\Malwarebytes Anti-Malware2\mbam.exe - (Malwarebytes Corporation)
[MsSpellCheckingFacility] -bas- C:\Windows\System32\MsSpellCheckingFacility.exe - (Microsoft Corporation)
[notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation)
[notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation)
[notepad] -bas- C:\Windows\system32\NOTEPAD.EXE - (Microsoft Corporation)
[notepad] -bas- C:\Windows\System32\notepad.exe - (Microsoft Corporation)
[nvtray] -bas- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation)
[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)
[nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)
[NvXDSync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation)
[PresentationFontCache] -LOCAL SERVICE- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe - (Microsoft Corporation)
[psia] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\PSIA.exe - (Secunia)
[RAVBg64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor)
[RAVCpl64] -bas- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
[searchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation)
[services] -SYSTEM- C:\Windows\system32\services.exe - (Microsoft Corporation)
[sIGNAL~1] -bas- C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe - (Intel® Corporation)
[smartlogon] -SYSTEM- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - (ASUS)
[smss] -SYSTEM- C:\Windows\system32\smss.exe - (Microsoft Corporation)
[sonicMasterTray] -bas- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - (Virage Logic Corporation / Sonic Focus)
[spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation)
[sua] -SYSTEM- C:\Program Files (x86)\Secunia\PSI\sua.exe - (Secunia)
[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
[taskeng] -bas- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
[taskeng] -SYSTEM- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
[taskhost] -bas- C:\Windows\system32\taskhost.exe - (Microsoft Corporation)
[TurboBoost] -LOCAL SERVICE- C:\Program Files\Intel\TurboBoost\TurboBoost.exe - (Intel® Corporation)
[uNS] -SYSTEM- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - (Intel Corporation)
[VAWinAgent] -bas- C:\ExpressGateUtil\VAWinAgent.exe - ()
[VAWinService] -SYSTEM- C:\ExpressGateUtil\VAWinService.exe - ()
[wcourier] -bas- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ()
[wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation)
[winlogon] -SYSTEM- C:\Windows\system32\winlogon.exe - (Microsoft Corporation)
[WLIDSVC] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - (Microsoft Corp.)
[WLIDSVCM] -SYSTEM- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe - (Microsoft Corp.)
[WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
[wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)
[WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation)
==================== IE PAGES ==================================================
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE04 - HKCU\..\SearchScopes {5432F822-EA6F-4742-B162-A3291DFC8F75} @ DisplayName: [Ask Search] @ URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5ENL&gct=&itbv=12.15.1.20&apn_uid=B785BD9D-1330-4307-82B1-22D745E8EDB1&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5ENL&apn_dbr=ie_11.0.9600.17207&doi=2014-07-21&trgb=IE&q={searchTerms}&psv=&pt=tb
IE04 - HKCU\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms}
IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\SysWOW64\ieframe.dll
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\SysWOW64\blank.htm
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com
IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com
IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE10 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE10 - HKLM\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms}
IE10 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE12 - HKLM\..\Toolbar{2318C2B1-4965-11d4-9B18-009027A5CD4F} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://www.startpagina.nl/
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE02 x64 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE04 x64 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE04 x64 - HKCU\..\SearchScopes {5432F822-EA6F-4742-B162-A3291DFC8F75} @ DisplayName: [Ask Search] @ URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5ENL&gct=&itbv=12.15.1.20&apn_uid=B785BD9D-1330-4307-82B1-22D745E8EDB1&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5ENL&apn_dbr=ie_11.0.9600.17207&doi=2014-07-21&trgb=IE&q={searchTerms}&psv=&pt=tb
IE04 x64 - HKCU\..\SearchScopes {75b4241f-171e-44a3-bf44-23613b6e3e03} @ DisplayName: [Ask Web Search] @ URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=15B52139-7139-4E91-BCCE-EC7AB185DE0E&ind=2014102207&n=780cc2bf&psa=&st=sb&searchfor={searchTerms}
IE05 x64 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = www.google.com
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = www.google.com
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = www.google.com
IE08 x64 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = www.google.com
IE10 x64 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE10 x64 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE10 x64 - HKLM\..\SearchScopes {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ DisplayName: [Google] @ URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE10 x64 - HKLM\..\SearchScopes {80c554b9-c7f8-4a21-9471-06d606da78a2} @ DisplayName: [bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
==================== Auto Load =================================================
AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = userinit.exe,
AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe,
AL00 x64 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe
==================== Windows Host File =========================================
127.0.0.1 localhost
==================== BHO =======================================================
BHO - [HP Print Enhancer] - {0347C33E-8762-4905-BF09-768834316C61} @ Default = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO - [Java Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO - [CIESpeechBHO Class] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} @ Default = C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO - [Aanmeldhulp voor Windows Live ID] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO - [Windows Live Messenger Companion Helper] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} @ Default = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO - [Java Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO - [HP Smart BHO Class] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} @ Default = C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO x64 - [Java Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files\Java\jre7\bin\ssv.dll
BHO x64 - [Windows Live ID Sign-in Helper] - {9030D464-4C02-4ABF-8ECC-5164760863C6} @ Default = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO x64 - [Google Toolbar Helper] - {AA58ED58-01DD-4d91-8333-CF10577473F7} @ Default = C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO x64 - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO x64 - [Java Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files\Java\jre7\bin\jp2ssv.dll
==================== Auto Start Programs =======================================
ASP01 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
ASP01 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
ASP01 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
ASP01 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ASP01 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
ASP01 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
ASP01 - HKLM\..\Run @ hpqSRMon = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
ASP01 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
ASP01 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe
ASP01 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
ASP01 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
ASP01 x64 - HKLM\..\Run @ ASUSWebStorage = C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
ASP01 x64 - HKLM\..\Run @ ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
ASP01 x64 - HKLM\..\Run @ ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
ASP01 x64 - HKLM\..\Run @ AVG_UI = "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ASP01 x64 - HKLM\..\Run @ FLxHCIm = "C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
ASP01 x64 - HKLM\..\Run @ HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
ASP01 x64 - HKLM\..\Run @ hpqSRMon = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
ASP01 x64 - HKLM\..\Run @ SonicMasterTray = C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
ASP01 x64 - HKLM\..\Run @ VAWinAgent = C:\ExpressGateUtil\VAWinAgent.exe
ASP01 x64 - HKLM\..\Run @ Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
ASP01 x64 - HKLM\..\Run @ ZoneAlarm = "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
ASP - Startup - C:\Users\bas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk
ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
==================== Extra Items IE ============================================
EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
EI04 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
EI04 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files (x86)\Java\jre7\bin\ssv.dll
EI04 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International
EI03 x64 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {18DF081C-E8AD-4283-A596-FA578C2EBDC3} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {54739D49-AC03-4C57-9264-C5195596B3A1} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files\Java\jre7\bin\ssv.dll
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {A4C2FB10-84C3-44EB-9F9E-860FA1D9A797} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {CD1A63BA-A08C-431B-9A34-F240AADC728D} =
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files\Java\jre7\bin\jp2ssv.dll
EI04 x64 - App Ext - HKCU\..\Approved Extensions @ {FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D} =
==================== Internet Default Prefix ===================================
IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
IDP00 x64 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http://
IDP01 x64 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http://
==================== Default Settings IE - DSIE ================================
DSIE - ieuinit.inf: START_PAGE= "Microsoft Corporation
DSIE - ieuinit.inf: SEARCH_PAGE_URL= "Microsoft Corporation
==================== Protocol Hijackers - PH ===================================
PH00 - Handler:wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} @ = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [f70d4a14ab747bac68b559c046d6fbff]
PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown
PH01 x64 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown
==================== Automatic Started DLL's (AS) ==============================
AS00 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll
AS00 x64 - @ AppInit_DLLs = C:\Windows\Jaksta\AC\x64\jaudcap.dll
==================== ShellServiceObjectDelayLoad - SSODL =======================
SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
SSODL x64 - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ =
==================== Extra items - EXT (Torpig/ConduitSearch) ==================
EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Unity
EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}
EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll
EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft
EXT01 x64 - HKCU\SOFTWARE\AppDataLow\Software\Unity
EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}= C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll
EXT02 x64 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll
==================== DRIVERS and SERVICES ======================================
*** Win32OwnProcess ***
SERV - R2 - [ACDaemon] - ArcSoft Connect Daemon - c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe
SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
SERV - R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe
SERV - R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
SERV - R2 - [Atheros Bt&Wlan Coex Agent] - Atheros Bt&Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe
SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe
SERV - R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
SERV - R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\avg2015\avgwdsvc.exe
SERV - R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
SERV - R2 - [NVSvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
SERV - R2 - [secunia PSI Agent] - Secunia PSI Agent - c:\program files (x86)\secunia\psi\psia.exe
SERV - R2 - [secunia Update Agent] - Secunia Update Agent - c:\program files (x86)\secunia\psi\sua.exe
SERV - R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe
SERV - R2 - [VideAceWindowsService] - VideAceWindowsService - c:\expressgateutil\vawinservice.exe
SERV - R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
SERV - R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
SERV - R3 - [TurboBoost] - Intel® Turbo Boost Technology Monitor 2.0 - c:\program files\intel\turboboost\turboboost.exe
SERV - S2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\avg2015\avgfws.exe
SERV - S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\avg2015\avgidsagent.exe
SERV - S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
SERV - S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
SERV - S2 - [nvUpdatusService] - NVIDIA Update Service Daemon - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
SERV - S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
SERV - S3 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
SERV - S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
SERV - S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe
SERV - S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe
SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
SERV - S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
SERV - S3 - [gusvc] - Google Updater Service - c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
SERV - S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
SERV - S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
SERV - S3 - [WatAdminSvc] - Windows Activation Technologies-service - c:\windows\system32\wat\watadminsvc.exe
SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
SERV - S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
SERV - S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
SERV - S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe
*** Win32ShareProcess ***
SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
SERV - R2 - [samSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
SERV - R3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
SERV - S3 - [idsvc] - Windows CardSpace - c:\windows\microsoft.net\framework64\v3.0\windows communication foundation\infocard.exe
SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
SERV - S3 - [ProtectedStorage] - Protected Storage - c:\windows\system32\lsass.exe
SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
SERV - S4 - [NetMsmqActivator] - Net.Msmq Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
SERV - S4 - [NetPipeActivator] - Net.Pipe Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
SERV - S4 - [NetTcpActivator] - Net.Tcp Listener Adapter - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
*** Others ***
SERV - R2 - [spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
SERV - S2 - [vsmon] - TrueVector Internet Monitor - c:\program files (x86)\checkpoint\zonealarm\vsmon.exe
SERV - S3 - [uI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe
*** File System Driver ***
DRV - R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys
DRV - R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys
DRV - R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys
DRV - R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys
DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
DRV - R3 - [srv] - Stuurprogramma Server SMB 1.xxx - C:\Windows\system32\Drivers\srv.sys
DRV - R3 - [srv2] - Stuurprogramma Server SMB 2.xxx - C:\Windows\system32\Drivers\srv2.sys
*** Kernel Driver ***
DRV - R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
DRV - R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys
DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
DRV - R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys
DRV - R0 - [Disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\Disk.sys
DRV - R0 - [fvevol] - Filterstuurprogramma Bitlocker-stationsvergrendeling - C:\Windows\system32\Drivers\fvevol.sys
DRV - R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
DRV - R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys
DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
DRV - R0 - [mountmgr] - Koppelpuntbeheer - C:\Windows\system32\Drivers\mountmgr.sys
DRV - R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
DRV - R0 - [NDIS] - NDIS-systeemstuurprogramma - C:\Windows\system32\Drivers\NDIS.sys
DRV - R0 - [nvpciflt] - nvpciflt - C:\Windows\system32\Drivers\nvpciflt.sys
DRV - R0 - [partmgr] - Partitiebeheer - C:\Windows\system32\Drivers\partmgr.sys
DRV - R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
DRV - R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys
DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
DRV - R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys
DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
DRV - R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
DRV - R0 - [volmgrx] - Dynamisch Volumebeheer - C:\Windows\system32\Drivers\volmgrx.sys
DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys
DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
DRV - R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys
DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
==================== SvcHost - White Listed ====================================
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt
hpqcxs08 = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [1dae5c46d42b02a6d5862e1482efb390]
hpqddsvc = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [99e8eef42fe2f4af29b08c3355dd7685]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt
hpqcxs08 = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [1dae5c46d42b02a6d5862e1482efb390]
hpqddsvc = ServiceDll = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [99e8eef42fe2f4af29b08c3355dd7685]
==================== SigCheck x86 Fast =========================================
Fast Scan All ok
==================== SigCheck x64 Fast =========================================
Fast Scan All ok
==================== Job tasks =================================================
There are no .job files found.
==================== End scanning at do 30 okt 2014 20:13 (0 Min 18 Sec ) ======
-
dank emphyrio.
Zou je wel verwachten maar dit .dll probleem deed zich veel eerder voor.
Desondanks wacht ik al.
groet
bas
-
Hallo
Sinds een poosje krijg ik bij het starten van mijn pc een aantal venstermededelingen dat het betrokken opstartbestand ongeldig is of een fout bevat.
bijvoorbeeld het bestand iexplore.exe. De win64~-1.dll zou niet goed zijn.
Windows verkenner werkt maar even en dan geeft ie er de brui aan.
Iemand een idee wat dit kan zijn en hoe ik dit kan verhelpen.
graag reactie
groet
bas Meester
-
Hallo,
Mijn standaard browser startpagina is over genomen door istart.webssearches.com en ik krijg het niet voor elkaar dit ongedaan te maken.
Kunnen jullie mij helpen.
groet
Bas Meester
istart.webssearches.com heeft mijn browser overgenomen
in Archief Bestrijding malware & virussen
Geplaatst:
Emphyrio,
Ik zal de problemen op opgelost zetten maar niet nadat ik u heel hartelijk wil bedanken.
Jullie doen goed werk.
groet
Bas Meester