Mededeling

Collapse
No announcement yet.

detectiemeldingen maar geen toegang antivirus

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • detectiemeldingen maar geen toegang antivirus

    Goedenavond,

    Mijn laptop heeft hetvolgende probleem:
    Ik krijg voortdurend detectiemeldingen van mijn antivirus (Avira). Maar zodra ik de antivirus wil openen om bijvoorbeeld een scan te starten, gebeurt er niks, het programma gaat gewoon niet open als ik erop klik.

    Ook gaat niet meer open: startmenu, kalender, volume, netwerkverbindingen, en alle andere icoontjes in de taakbalk --> er gebeurt niks als ik erop klik.
    Microsoft Edge webbrowser valt na openen direct uit. en Windows store ook.
    Verder is Chrome browser gekaapt door ene Trotux. Malwarebytes heeft hem een week geleden vernietigd, maar gisteren dook Trotux weer op. De nieuwe scan van Malwarebytes heeft hem opnieuw vernietigd, maar Chrome is niet meer de ouwe, bijv traag, beveiligingswaarschuwingen bij vertrouwde websites.

    Bij het aansluiten van de laptop aan de oplader, springt er vanzelf een random website (meestal AdF.ly) open.
    De laptop is niet meer kosher, vele functies en instellingen van Windows reageren gewoon niet.

    Ik waardeer het enorm als iemand mij kan helpen. Hieronder logjes van Malwarebytes, DDS en Gmer. Alvast bedankt.

    PS1: Ik wil enkel mijn documenten en bestanden naar een externe harde schijf kopieëren. Indien ik dit veilig kan doen, zonder het risico dat bestanden met besmetting op de harde schijf komen, dan doe ik dat en kunnen we wat mij betreft het probleem laten zitten. De laptop gaat namelijk naar de fabriek voor reparatie van de hardware en mogelijk wordt hij in zijn geheel vervangen, zoniet dan reset ik hem handmatig.

    PS2: De downloadlink van Defrogger en die van Adwcleaner gaan niet open, vandaar geen logjes. Indien ze noodzakelijk zijn, hoor ik graag waar ik alsnog kan downloaden.


    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 24-Jan-17
    Scantijd: 02:20
    Logboekbestand: scanlog malw 24 jan.txt
    Beheerder: Ja

    Versie: 2.2.1.1043
    Malware-database: v2017.01.23.09
    Rootkit-database: v2016.11.20.01
    Licentie: Gratis
    Malware-bescherming: Uitgeschakeld
    Bescherming tegen kwaadaardige websites: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 10
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Mohammed

    Scantype: Aangepaste scan
    Resultaat: Voltooid
    Objecten gescand: 654465
    Verstreken tijd: 19 u., 44 min, 59 sec

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 9
    Adware.Elex, HKLM\SOFTWARE\jhdbca, In quarantaine, [7bda6a15c6e29e987143f5b2bf41a759],
    PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F96416C8-8F2E-4DA1-B1B0-422AF2821375}, Verwijder-bij-herstart, [78ddec9312961b1bf25cf41c718f6c94],
    PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Stkersethafige Verfier, Verwijder-bij-herstart, [41141a652e7a6bcb0701f222d42c1fe1],
    Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\jhdbca, In quarantaine, [2b2af788c9dfbb7bc6ee9413e41c8d73],
    PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, In quarantaine, [88cd027d8b1dbd79752cd451f111e020],
    PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3AEA100A-4A6E-4887-B276-22D62746A952}, In quarantaine, [fe5708774a5edd596971fdb804fe8c74],
    Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\UQ17E1YY, In quarantaine, [63f2eb9430789e982f4af98de11fef11],
    Adware.Elex, HKU\.DEFAULT\SOFTWARE\jhdbca, In quarantaine, [7adb4837bcec3afce5f7ddc99d6332ce],
    Adware.Elex, HKU\S-1-5-18\SOFTWARE\jhdbca, In quarantaine, [3b1a9ee1cfd94aec794feabd10f0c43c],

    Registerwaarden: 3
    PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F96416C8-8F2E-4DA1-B1B0-422AF2821375}|Path, \Stkersethafige Verfier, Verwijder-bij-herstart, [78ddec9312961b1bf25cf41c718f6c94]
    PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3AEA100A-4A6E-4887-B276-22D62746A952}|DisplayName, trotux - Uninstall, In quarantaine, [fe5708774a5edd596971fdb804fe8c74]
    Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\uq17e1yy|Name, C:\Program Files (x86)\Stkersethafige Verfier\local64spl.dll, In quarantaine, [63f2eb9430789e982f4af98de11fef11]

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 8
    Adware.Elex.Generic, C:\Program Files (x86)\Stkersethafige Verfier, Verwijder-bij-herstart, [074eea95bbed7bbbe8c11d8d47b9748c],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.FakeFFProfile, C:\Users\Mohammed\AppData\Roaming\Mozilla\Firefox\naweriweentcofise, In quarantaine, [2b2a87f828804ee8813809af738d44bc],
    PUP.Optional.FakeFFProfile, C:\Users\Mohammed\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles, In quarantaine, [2b2a87f828804ee8813809af738d44bc],
    PUP.Optional.FakeFFProfile, C:\Users\Mohammed\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\xWeViSl3.default, In quarantaine, [2b2a87f828804ee8813809af738d44bc],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\icons, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],

    Bestanden: 23
    Adware.Elex, C:\Program Files (x86)\Stkersethafige Verfier\local64spl.dll, Verwijder-bij-herstart, [193cc0bffdab06305cb2ccf3d42c9a66],
    PUP.Optional.Elex, C:\Users\Mohammed\AppData\Local\Temp\of101.exe, In quarantaine, [c1946b14099fc86ecf2b691cdf21c13f],
    Adware.Elex, C:\Users\Mohammed\AppData\Local\Temp\4e89401b-c10d-4889-baf8-3f8337c5b224.exe, In quarantaine, [262f3c43feaa4de9fd3719a341bf05fb],
    Adware.Elex.Generic, C:\Users\Mohammed\AppData\Roaming\Tudomclutother\Nazilefenertion.dll.VIR, Verwijder-bij-herstart, [2c29c1bec2e659dd3492f4e60cf4e21e],
    PUP.Optional.HohoSearch, C:\Windows\System32\Tasks\Stkersethafige Verfier, In quarantaine, [db7ab3cc83259d99480f7b969769d32d],
    Adware.Elex.Generic, C:\Program Files (x86)\Stkersethafige Verfier\local64spl.dll.ini, In quarantaine, [074eea95bbed7bbbe8c11d8d47b9748c],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\checksum.txt, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\perfchecker.exe, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\perfchecker.exe.config, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\unins000.dat, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\unins000.exe, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\unins001.dat, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.GeoLocator, C:\Users\Mohammed\AppData\Local\GeoLocator\unins001.exe, In quarantaine, [6ee7116eacfc43f3db2a2885e41c8d73],
    PUP.Optional.FakeFFProfile, C:\Users\Mohammed\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\xWeViSl3.default\profil es.ini, In quarantaine, [2b2a87f828804ee8813809af738d44bc],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\content.js, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\001d4648, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\background.js, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\manifest.json, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\icons\icon128.png, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\icons\icon18.png, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.FastSearch, C:\Users\Mohammed\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3\icons\icon48.png, In quarantaine, [91c48af58127c96dd3c31f82e51b26da],
    PUP.Optional.Trotux, C:\Users\Mohammed\AppData\Roaming\Mozilla\Firefox\Profiles\xWeViSl3.default\searchplugins\uq17e1yy.x ml, In quarantaine, [391cb7c8990fdb5bccf428e67f85fa06],
    PUP.Optional.Trotux, C:\Users\Mohammed\AppData\Roaming\Profiles\Shimerle.default\searchplugins\uq17e1yy.xml, In quarantaine, [381da1de5a4e0036abd0e32726dad927],

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)

  • #2
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.14393.0
    Run by Mohammed at 23:36:02 on 2017-01-24
    ‏‏Microsoft Windows 10 Home 10.0.14393.0.1252.1.1043.18.4017.1785 [GMT 1:00]
    .
    AV: Avira Antivirus *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Avira Antivirus *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k RPCSS
    C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\WINDOWS\system32\dwm.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\igfxCUIService.exe
    C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\[email protected]
    C:\WINDOWS\System32\spoolsv.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Avira\Antivirus\sched.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Popcorn Time\Updater.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
    C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    C:\WINDOWS\system32\svchost.exe -k appmodel
    C:\WINDOWS\System32\svchost.exe -k utcsvc
    C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
    C:\Windows\System32\LenovoWiFiHotspotSvr.exe
    C:\WINDOWS\system32\ibtsiva.exe
    C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    C:\windows\system32\CxAudMsg64.exe
    C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
    C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
    C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
    C:\Program Files\Lenovo\iMController\SystemAgentService.exe
    C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
    C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
    C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
    C:\WINDOWS\system32\dashost.exe
    C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
    C:\Program Files (x86)\Avira\Antivirus\avscan.exe
    C:\Program Files (x86)\Avira\Antivirus\avscan.exe
    C:\WINDOWS\system32\sihost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\WINDOWS\system32\igfxEM.exe
    C:\WINDOWS\system32\igfxHK.exe
    C:\WINDOWS\system32\igfxTray.exe
    C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
    C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\WINDOWS\system32\taskhostw.exe
    C:\WINDOWS\System32\svchost.exe -k swprv
    C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
    C:\Windows\RTFTrack.exe
    C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
    C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
    C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
    C:\Program Files\Lenovo\LenovoUtility\utility.exe
    C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
    C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
    C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
    C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
    C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
    C:\Program Files\Lenovo\iMController\AutoUpdate.exe
    C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\ApplicationFrameHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SettingSyncHost.exe
    C:\windows\system32\rundll32.exe
    C:\WINDOWS\system32\fontdrvhost.exe
    C:\Program Files\Lenovo\iMController\LegacyFeatures.exe
    C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
    C:\Program Files\Lenovo\iMController\PluginCommunication.exe
    C:\Windows\System32\smartscreen.exe
    C:\WINDOWS\system32\AUDIODG.EXE
    C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
    C:\WINDOWS\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uRun: [OneDrive] "C:\Users\Mohammed\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    uRunOnce: [Uninstall 17.3.6720.1207\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Mohammed\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64"
    uRunOnce: [Uninstall 17.3.6720.1207] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Mohammed\AppData\Local\Microsoft\OneDrive\17.3.6720.1207"
    mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
    mRun: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
    mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
    mRun: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
    mRun: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
    mRun: [SilentCleanService] C:\Program Files (x86)\iMobie\AnyTrans\${CHECK_RUNSERVICE_NAME}
    mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    mPolicies-Explorer: EnableShellExecuteHooks = dword:1
    mPolicies-System: DSCAutomationHostEnabled = dword:2
    IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    TCP: NameServer = 192.168.2.254
    TCP: Interfaces\{24725b21-aa66-48b7-9d27-f5f04e900c08} : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{24725b21-aa66-48b7-9d27-f5f04e900c08}\162727966716 : DHCPNameServer = 192.168.101.1
    TCP: Interfaces\{24725b21-aa66-48b7-9d27-f5f04e900c08}\8414E47657563747 : DHCPNameServer = 145.74.103.10 145.74.253.10
    TCP: Interfaces\{24725b21-aa66-48b7-9d27-f5f04e900c08}\8433639314533354547333 : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{24725b21-aa66-48b7-9d27-f5f04e900c08}\8433639314932414142343 : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{24725b21-aa66-48b7-9d27-f5f04e900c08}\B405E40264F6E6 : DHCPNameServer = 194.151.228.2 194.151.228.18
    TCP: Interfaces\{cbe3be8f-48e4-4fc0-94bd-ac80240f2044} : DHCPNameServer = 172.20.10.1
    TCP: Interfaces\{e5082e74-6790-481b-8112-ce79ceb0e4cd} : DHCPNameServer = 192.168.2.254
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    SSODL: WebCheck - <orphaned>
    LSA: Security Packages = ""
    CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
    x64-Run: [RtsFT] RTFTrack.exe
    x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    x64-Run: [ForteConfig] "C:\Program Files\Conexant\ForteConfig\fmapp.exe"
    x64-Run: [SmartAudio] "C:\Program Files\CONEXANT\SAII\SACpl.exe" /t
    x64-Run: [cAudioFilterAgent] "C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
    x64-Run: [LenovoUtility] "C:\Program Files\Lenovo\LenovoUtility\utility.exe"
    x64-Run: [PhoneCompanion] C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
    x64-Run: [OneKeyOptimizer] "C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe" /run
    x64-Run: [LMCSSTART1] "C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe" /initsubsysproc:
    x64-Run: [LMCSSTART2] "C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe" /proxystart:
    x64-Run: [LMCSSTART3] "C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe" /setcamplusdrop:
    x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    x64-mPolicies-Explorer: EnableShellExecuteHooks = dword:1
    x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
    x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: <No Name> - {58B532E2-DE3B-11E6-8BCE-64006A5CFC23} -
    x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
    x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
    x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Fastboot;Fastboot;C:\WINDOWS\System32\drivers\Fastboot.sys [2015-6-19 70168]
    R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-1-28 1399536]
    R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
    R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-8 48992]
    R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
    R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
    R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
    R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-10-1 199008]
    R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-10-29 227328]
    R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2015-9-22 35488]
    R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2015-6-19 91912]
    R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
    R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
    R1 XQHDrv;BigNox Service;C:\WINDOWS\System32\drivers\XQHDrv.sys [2017-1-15 253384]
    R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2218712]
    R2 AntiVirSchedulerService;Avira Planner;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-9-22 476736]
    R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-9-22 476736]
    R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-8-5 83768]
    R2 AVControlCenter;AVControlCenter;C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [2015-9-30 560584]
    R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2015-9-22 151352]
    R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avnetflt.sys [2015-9-22 78208]
    R2 CCSDK;CCSDK;C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2015-6-19 644080]
    R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
    R2 CDPUserSvc_454b3;CDPUserSvc_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
    R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
    R2 CxAudMsg;Conexant Audio Message Service;C:\WINDOWS\System32\CxAudMsg64.exe [2015-6-19 207576]
    R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
    R2 FastbootService;FastbootService;C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [2015-6-19 191512]
    R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2016-12-29 2664568]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-1-28 19184]
    R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
    R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-8-3 373736]
    R2 Intel(R) ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-9-3 131544]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-9-3 154584]
    R2 [email protected];[email protected];C:\Windows\[email protected] [2016-10-12 22528]
    R2 Lenovo OKO Service;Lenovo OKO Service;C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2015-6-19 2544408]
    R2 Lenovo Settings Service;Lenovo Settings Service;C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2015-6-19 2016040]
    R2 Lenovo System Agent Service;Lenovo System Agent Service;C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
    R2 LenovoPAWDService;Lenovo PAWD Service;C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [2015-6-19 133440]
    R2 LenovoSetSvr;LenovoSetSvr;C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [2015-6-19 258544]
    R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service;C:\WINDOWS\System32\LenovoWiFiHotspotSvr.exe [2015-6-19 218952]
    R2 OKOControlSvc;OKOControlSvc;C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [2015-6-19 113944]
    R2 OneSyncSvc_454b3;Sync Host_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service;C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-6-19 321520]
    R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2015-6-19 390632]
    R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
    R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-6-1 255608]
    R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
    R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2016-12-28 339968]
    R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-10-1 119648]
    R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
    R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-6-19 35064]
    R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
    R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2016-7-12 349960]
    R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2014-12-11 30512]
    R3 KMDFVirtualKbd;Lenovo Virtual Keyboard Device;C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [2015-6-19 22264]
    R3 KMDFVirtualMouse;Lenovo Virtual Mouse Device;C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [2015-6-19 21240]
    R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
    R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
    R3 NETwNb64;___ Intel(R) Wireless adapter stuurprogramma onder Windows 8.1 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-1-20 3494680]
    R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-7-22 886528]
    R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-7-3 410880]
    R3 rtsuvc;Lenovo EasyCamera;C:\WINDOWS\System32\drivers\rtsuvc.sys [2015-6-19 2584280]
    R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
    R3 taphss6;Anchorfree HSS VPN Adapter;C:\WINDOWS\System32\drivers\taphss6.sys [2016-12-29 42064]
    R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
    R3 wisvc;‏‏خدمة مشارك في برنامج Windows Insider;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-7-16 216064]
    S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2014-4-4 80160]
    S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-9-22 1089592]
    S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-9-22 1490296]
    S2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-11-24 350528]
    S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
    S2 ProgramFilesxDrivers;ProgramFilesxDrivers;"D:\Drivers\ProgramFilesxDrivers.exe" 3e19779b2974487e881c2174c0562504 --> D:\Drivers\ProgramFilesxDrivers.exe [?]
    S2 Thisach;Thisach;C:\WINDOWS\System32\svchost.exe -k Thisach [2016-7-16 44496]
    S2 UsersApplications;UsersApplications;"D:\Applications\UsersApplications.exe" affe6dc7e5264e7e8e5695737342bee0 --> D:\Applications\UsersApplications.exe [?]
    S2 Usersffbdbddbcb;Usersffbdbddbcb;"C:\Users\Usersffbdbddbcb.exe" b48f42ba07304dd38f2ef02dfd46c678 --> C:\Users\Usersffbdbddbcb.exe [?]
    S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
    S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
    S3 AFTrafMgr1.1;AFTrafMgr1.1;C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_1_64.sys [2016-12-29 54712]
    S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
    S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
    S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
    S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
    S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
    S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
    S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
    S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-10-29 118272]
    S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
    S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
    S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
    S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
    S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
    S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
    S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
    S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
    S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
    S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
    S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
    S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
    S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
    S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
    S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
    S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
    S3 icssvc;‏‏Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
    S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
    S3 IntcDAud;صوت الشاشة Intel(R)‎‎‎;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-5-13 887256]
    S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-4-9 174368]
    S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;C:\Program Files (x86)\Common Files\Lenovo\easyplussdk\bin\EPHotspot64.exe [2015-6-19 533760]
    S3 LENOVO.CAMMUTE;Lenovo AVFramework Camera Privacy Controller;C:\Program Files\Lenovo\Communications Utility\cammute.exe [2015-6-19 456136]
    S3 LENOVO.TPKNRSVC;Lenovo AVFramework Microphone Volume Controller and Dolby Interface;C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [2015-6-19 453576]
    S3 LENOVO.TVTVCAM;Lenovo AVFramework Virtual Camera Controller Service;C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2015-6-19 625608]
    S3 LSCWinService;LSCWinService;C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-8-17 272424]
    S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
    S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
    S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-12 64352]
    S3 MessagingService_454b3;MessagingService_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
    S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\WINDOWS\System32\drivers\netaapl64.sys [2014-8-15 23040]
    S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
    S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
    S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
    S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
    S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service;C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-6-19 338416]
    S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
    S3 PimIndexMaintenanceSvc_454b3;Contact Data_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
    S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
    S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
    S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-10-1 1312768]
    S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
    S3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-6-3 42696]
    S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
    S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-10-1 81760]
    S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
    S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
    S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
    S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
    S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
    S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
    S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
    S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
    S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
    S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
    S3 UnistoreSvc_454b3;User Data Storage_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
    S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
    S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
    S3 UserDataSvc_454b3;User Data Access_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
    S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
    S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
    S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
    S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-10-1 719360]
    S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
    S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]
    S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
    S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
    S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
    S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
    S3 WpnUserService_454b3;Windows Push Notifications User Service_454b3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
    S3 WsDrvInst;Wondershare Driver Install Service;"C:\Program Files (x86)\iSkysoft\iTransfer\DriverInstall.exe" --> C:\Program Files (x86)\iSkysoft\iTransfer\DriverInstall.exe [?]
    S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2016-7-16 24576]
    S3 wsvd;wsvd;C:\WINDOWS\System32\drivers\wsvd.sys [2015-6-19 102376]
    S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 XblGameSave;حفظ الألعاب على Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-12-12 258560]
    S3 XboxNetApiSvc;خدمة شبكات Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-10-1 43520]
    S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
    S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
    .
    =============== Created Last 30 ================
    .
    2017-01-24 13:52:42 -------- d-----w- C:\Program Files\uq17e1yy
    2017-01-24 12:31:50 -------- d-----w- C:\Program Files (x86)\uq17e1yy
    2017-01-22 20:07:01 -------- d-----w- C:\Users\Mohammed\AppData\Local\Kcetionchserent
    2017-01-14 23:39:55 -------- d-----w- C:\Users\Mohammed\.android
    2017-01-14 23:38:09 -------- d-----w- C:\Users\Mohammed\Nox_share
    2017-01-14 23:37:56 -------- d-----w- C:\Users\Mohammed\vmlogs
    2017-01-14 23:37:55 -------- d-----w- C:\Users\Mohammed\.BigNox
    2017-01-14 23:37:30 127432 ----a-w- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys
    2017-01-14 23:37:27 253384 ----a-w- C:\WINDOWS\System32\drivers\XQHDrv.sys
    2017-01-14 23:37:03 -------- d-----w- C:\Program Files (x86)\Bignox
    2017-01-14 23:36:13 -------- d-----w- C:\Program Files (x86)\Nox
    2017-01-14 23:35:52 -------- d-----w- C:\Users\Mohammed\AppData\Local\Nox
    2017-01-11 01:10:59 89416 ----a-w- C:\WINDOWS\System32\remoteaudioendpoint.dll
    2017-01-11 01:09:59 553984 ----a-w- C:\WINDOWS\SysWow64\cryptui.dll
    2017-01-08 19:59:14 -------- d--h--w- C:\$SysReset
    2016-12-31 21:00:35 -------- d-----w- C:\Users\Mohammed\AppData\Local\CrashRpt
    2016-12-31 20:59:51 -------- d---a-w- C:\Program Files (x86)\Hotspot Shield
    2016-12-31 20:59:51 -------- d-----w- C:\ProgramData\Hotspot Shield
    2016-12-29 16:25:32 42064 ----a-w- C:\WINDOWS\System32\drivers\taphss6.sys
    2016-12-28 03:32:23 -------- d-----w- C:\Users\Mohammed\AppData\Local\PopcornTime
    2016-12-28 03:30:13 -------- d---a-w- C:\Program Files (x86)\Popcorn Time
    2016-12-28 02:57:42 -------- d-----w- C:\Users\Mohammed\.MCTranscodingSDK
    2016-12-28 02:46:13 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
    2016-12-28 02:41:57 -------- d-----w- C:\ProgramData\DivX
    .
    ==================== Find3M ====================
    .
    2017-01-24 22:21:55 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    2017-01-24 22:12:38 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-12-22 23:13:26 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
    2016-12-22 23:13:26 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
    2016-12-21 08:08:31 245600 ----a-w- C:\WINDOWS\System32\offlinesam.dll
    2016-12-21 08:08:17 136032 ----a-w- C:\WINDOWS\System32\ImplatSetup.dll
    2016-12-21 08:04:10 7816032 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
    2016-12-21 07:49:39 328008 ----a-w- C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
    2016-12-21 07:46:39 624048 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
    2016-12-21 07:43:56 92512 ----a-w- C:\WINDOWS\System32\rdpudd.dll
    2016-12-21 07:43:06 4130440 ----a-w- C:\WINDOWS\System32\mfcore.dll
    2016-12-21 07:43:01 1454504 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
    2016-12-21 07:43:00 1071736 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
    2016-12-21 07:42:59 1988560 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
    2016-12-21 07:42:55 1702392 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
    2016-12-21 07:42:54 1300600 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
    2016-12-21 07:42:27 241504 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll
    2016-12-21 07:41:56 1600632 ----a-w- C:\WINDOWS\System32\sppobjs.dll
    2016-12-21 07:37:23 455520 ----a-w- C:\WINDOWS\System32\securekernel.exe
    2016-12-21 07:15:01 22563840 ----a-w- C:\WINDOWS\System32\edgehtml.dll
    2016-12-21 07:14:11 43008 ----a-w- C:\WINDOWS\System32\LaunchWinApp.exe
    2016-12-21 07:13:54 119808 ----a-w- C:\WINDOWS\System32\KnobsCsp.dll
    2016-12-21 07:12:14 83968 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
    2016-12-21 07:10:22 175104 ----a-w- C:\WINDOWS\System32\wbem\netswitchteamcim.dll
    2016-12-21 07:10:09 234496 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
    2016-12-21 07:09:56 363520 ----a-w- C:\WINDOWS\System32\Windows.UI.BioFeedback.dll
    2016-12-21 07:09:13 368640 ----a-w- C:\WINDOWS\System32\OneBackupHandler.dll
    2016-12-21 07:08:35 211968 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
    2016-12-21 07:08:33 261632 ----a-w- C:\WINDOWS\System32\wbem\ndisimplatcim.dll
    2016-12-21 07:08:27 360448 ----a-w- C:\WINDOWS\System32\rdpencom.dll
    2016-12-21 07:08:23 289792 ----a-w- C:\WINDOWS\System32\DeveloperOptionsSettingsHandlers.dll
    2016-12-21 07:08:14 418304 ----a-w- C:\WINDOWS\System32\Windows.UI.BlockedShutdown.dll
    2016-12-21 07:08:06 349184 ----a-w- C:\WINDOWS\System32\provengine.dll
    2016-12-21 07:08:03 1292288 ----a-w- C:\WINDOWS\System32\MSVPXENC.dll
    2016-12-21 07:07:10 748544 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
    2016-12-21 07:06:49 260608 ----a-w- C:\WINDOWS\System32\InstallAgentUserBroker.exe
    2016-12-21 07:06:49 147456 ----a-w- C:\WINDOWS\System32\winsrv.dll
    2016-12-21 07:06:26 310784 ----a-w- C:\WINDOWS\System32\SyncSettings.dll
    2016-12-21 07:06:05 6285312 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
    2016-12-21 07:05:21 261632 ----a-w- C:\WINDOWS\System32\indexeddbserver.dll
    2016-12-21 07:05:01 49152 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll
    2016-12-21 07:05:01 425984 ----a-w- C:\WINDOWS\System32\aadcloudap.dll
    2016-12-21 07:01:42 9131008 ----a-w- C:\WINDOWS\System32\twinui.dll
    2016-12-21 07:00:29 440320 ----a-w- C:\WINDOWS\System32\fhcfg.dll
    2016-12-21 06:59:50 883712 ----a-w- C:\WINDOWS\System32\samsrv.dll
    2016-12-21 06:59:31 1908224 ----a-w- C:\WINDOWS\System32\AzureSettingSyncProvider.dll
    2016-12-21 06:57:48 462336 ----a-w- C:\WINDOWS\System32\fhsettingsprovider.dll
    2016-12-21 06:56:56 936960 ----a-w- C:\WINDOWS\System32\MCRecvSrc.dll
    2016-12-21 06:56:14 947712 ----a-w- C:\WINDOWS\System32\MSVP9DEC.dll
    2016-12-21 06:55:16 8129536 ----a-w- C:\WINDOWS\System32\Chakra.dll
    2016-12-21 06:55:09 4749312 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
    2016-12-21 06:54:14 5511680 ----a-w- C:\WINDOWS\System32\aclui.dll
    2016-12-21 06:53:19 6664192 ----a-w- C:\WINDOWS\System32\mspaint.exe
    2016-12-21 06:53:13 4474368 ----a-w- C:\WINDOWS\System32\D3DCompiler_47.dll
    2016-12-21 06:53:10 1692672 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
    2016-12-21 06:51:56 5611008 ----a-w- C:\WINDOWS\System32\d2d1.dll
    2016-12-21 06:51:53 2275840 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
    2016-12-21 06:51:41 8075776 ----a-w- C:\WINDOWS\System32\mstscax.dll
    2016-12-21 06:50:57 1490432 ----a-w- C:\WINDOWS\System32\lsasrv.dll
    2016-12-21 06:49:55 2691072 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
    2016-12-21 06:49:43 1062912 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll
    2016-12-21 06:49:25 4149248 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
    2016-12-21 06:47:47 1121280 ----a-w- C:\WINDOWS\System32\aadtb.dll
    2016-12-21 05:59:21 218976 ----a-w- C:\WINDOWS\SysWow64\offlinesam.dll
    2016-12-21 05:09:45 263472 ----a-w- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
    2016-12-21 05:02:16 1852720 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
    2016-12-21 05:02:12 3892864 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
    2016-12-21 05:02:09 1277344 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
    2016-12-21 05:02:02 1360464 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
    2016-12-21 05:02:01 980832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
    2016-12-21 05:02:00 1201872 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
    2016-12-21 04:46:55 34304 ----a-w- C:\WINDOWS\SysWow64\LaunchWinApp.exe
    2016-12-21 04:43:09 285184 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.BlockedShutdown.dll
    2016-12-21 04:41:59 253952 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.BioFeedback.dll
    2016-12-21 04:41:15 231936 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
    2016-12-21 04:40:57 180224 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
    2016-12-21 04:40:43 237056 ----a-w- C:\WINDOWS\SysWow64\SyncSettings.dll
    2016-12-21 04:40:39 318976 ----a-w- C:\WINDOWS\SysWow64\rdpencom.dll
    2016-12-21 04:40:07 557568 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
    2016-12-21 04:39:58 1300480 ----a-w- C:\WINDOWS\SysWow64\MSVPXENC.dll
    2016-12-21 04:39:04 223232 ----a-w- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
    2016-12-21 04:38:54 866816 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Cred.dll
    2016-12-21 04:35:42 198656 ----a-w- C:\WINDOWS\SysWow64\indexeddbserver.dll
    2016-12-21 04:35:28 4612608 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
    2016-12-21 04:34:53 7626752 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
    2016-12-21 04:33:09 19413504 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
    2016-12-21 04:30:56 5398016 ----a-w- C:\WINDOWS\SysWow64\aclui.dll
    2016-12-21 04:30:06 1255936 ----a-w- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
    2016-12-21 04:27:12 640000 ----a-w- C:\WINDOWS\SysWow64\MCRecvSrc.dll
    2016-12-21 04:26:36 1155072 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
    2016-12-21 04:25:44 7469056 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
    2016-12-21 04:25:42 6474752 ----a-w- C:\WINDOWS\SysWow64\mspaint.exe
    2016-12-21 04:24:58 6044160 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
    2016-12-21 04:24:30 5061120 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
    2016-12-21 04:24:11 886272 ----a-w- C:\WINDOWS\SysWow64\aadtb.dll
    2016-12-21 04:24:09 3733504 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
    2016-12-21 04:22:44 1883648 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Logon.dll
    2016-12-21 04:22:32 860672 ----a-w- C:\WINDOWS\SysWow64\SettingSyncCore.dll
    2016-12-18 23:29:17 485032 ------w- C:\WINDOWS\System32\MpSigStub.exe
    2016-12-15 12:10:58 28272 ----a-w- C:\WINDOWS\System32\drivers\avusbflt.sys
    .
    ============= FINISH: 23:40:07.32 ===============

    Comment


    • #3
      GMER 2.2.19882 - http://www.gmer.net
      Rootkit scan 2017-01-25 02:40:32
      Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000031 ST1000LM024_HN-M101MBB rev.2BA30001 931.51GB
      Running: 2i5i3llv.exe; Driver: C:\Users\Mohammed\AppData\Local\Temp\uxrdrpog.sys


      ---- User code sections - GMER 2.2 ----

      ? C:\WINDOWS\system32\apphelp.dll [2480] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [2496] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [2520] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\SYSTEM32\iertutil.dll [2616] entry point in ".rdata" section 0000000072461590
      ? C:\WINDOWS\system32\apphelp.dll [2716] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [2904] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [3016] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [3440] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\SYSTEM32\apphelp.dll [3656] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\SYSTEM32\iertutil.dll [3656] entry point in ".rdata" section 0000000072461590
      ? C:\WINDOWS\SYSTEM32\apphelp.dll [3676] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\SYSTEM32\iertutil.dll [3676] entry point in ".rdata" section 0000000072461590
      ? C:\WINDOWS\system32\apphelp.dll [6840] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [6336] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [6280] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [4588] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [5728] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [6696] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\system32\apphelp.dll [8464] entry point in ".rdata" section 00000000738ff7c0
      ? C:\WINDOWS\SYSTEM32\iertutil.dll [8464] entry point in ".rdata" section 0000000072461590
      ? C:\Windows\System32\ieproxy.dll [8464] entry point in ".rdata" section 000000006a3b9600
      ? C:\WINDOWS\SYSTEM32\NTASN1.dll [8464] entry point in ".rdata" section 000000006a57a020
      ? C:\Windows\System32\OneCoreCommonProxyStub.dll [8464] entry point in ".rdata" section 0000000068b9da90
      ? C:\WINDOWS\system32\ncryptsslp.dll [8464] entry point in ".rdata" section 000000006a5504f0
      ? C:\WINDOWS\SYSTEM32\srpapi.dll [8464] entry point in ".rdata" section 0000000069c36100
      ? C:\WINDOWS\SYSTEM32\atlthunk.dll [8464] entry point in ".data" section 0000000067bb4290
      ? C:\Windows\System32\ActXPrxy.dll [8464] entry point in ".rdata" section 000000005c9b9c50
      ? C:\Windows\System32\mfps.dll [8464] entry point in ".rdata" section 00000000695946b0
      ? C:\WINDOWS\system32\apphelp.dll [1356] entry point in ".rdata" section 00000000738ff7c0

      ---- User IAT/EAT - GMER 2.2 ----

      IAT C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[1288] @ C:\WINDOWS\System32\KERNEL32.DLL[ntdll.dll!NtSetInformationFile] [7ffe5f481a40]

      ---- Threads - GMER 2.2 ----

      Thread C:\WINDOWS\system32\csrss.exe [648:692] fffffa18ff536c20
      Thread C:\WINDOWS\system32\svchost.exe [880:1004] 00007ffe5f84f950
      Thread C:\WINDOWS\system32\svchost.exe [880:1008] 00007ffe5f84ed20
      Thread C:\WINDOWS\system32\svchost.exe [880:84] 00007ffe5f648ae0
      Thread C:\WINDOWS\system32\svchost.exe [400:1532] 00007ffe5ca04310
      Thread C:\WINDOWS\system32\svchost.exe [400:3176] 00007ffe53952af0
      Thread C:\WINDOWS\system32\svchost.exe [400:3180] 00007ffe53952a40
      Thread C:\WINDOWS\system32\svchost.exe [400:3548] 00007ffe53b551d0
      Thread C:\WINDOWS\system32\svchost.exe [400:1588] 00007ffe5394fdf0
      Thread C:\WINDOWS\system32\svchost.exe [400:4740] 00007ffe53945c80
      Thread C:\WINDOWS\system32\svchost.exe [400:2012] 00007ffe53b572d0
      Thread C:\WINDOWS\system32\dwm.exe [564:1068] 00007ffe5f161270
      Thread C:\WINDOWS\system32\dwm.exe [564:1080] 00007ffe5eef67a0
      Thread C:\WINDOWS\system32\dwm.exe [564:1256] 00007ffe5f0c4780
      Thread C:\WINDOWS\system32\dwm.exe [564:1384] 00007ffe5eef6820
      Thread C:\WINDOWS\system32\dwm.exe [564:2016] 00007ffe5ee62040
      Thread C:\WINDOWS\system32\dwm.exe [564:2020] 00007ffe5ee620f0
      Thread C:\WINDOWS\system32\dwm.exe [564:2024] 00007ffe5ee62190
      Thread C:\WINDOWS\system32\dwm.exe [564:840] 00007ffe5aa0ea60
      Thread C:\Windows\System32\WUDFHost.exe [1048:1148] 00007ffe5e8d2934
      Thread C:\Windows\System32\WUDFHost.exe [1048:1276] 00007ffe56cc9400
      Thread C:\Windows\System32\WUDFHost.exe [1164:3624] 00007ffe58122840
      Thread C:\WINDOWS\system32\svchost.exe [1308:2108] 00007ffe60156750
      Thread C:\WINDOWS\system32\svchost.exe [1308:2124] 00007ffe60156750
      Thread C:\WINDOWS\system32\svchost.exe [1308:2132] 00007ffe60156750
      Thread C:\WINDOWS\system32\svchost.exe [1308:2152] 00007ffe55e8c5a0
      Thread C:\WINDOWS\system32\svchost.exe [1308:2192] 00007ffe55e8eab0
      Thread C:\WINDOWS\system32\svchost.exe [1308:2196] 00007ffe55e8d2d0
      Thread C:\WINDOWS\system32\svchost.exe [1308:2200] 00007ffe55e8e100
      Thread C:\WINDOWS\system32\svchost.exe [1308:2676] 00007ffe5577af40
      Thread C:\WINDOWS\system32\svchost.exe [1308:2680] 00007ffe5577ca00
      Thread C:\WINDOWS\system32\svchost.exe [1308:4056] 00007ffe5d9b1240
      Thread C:\WINDOWS\system32\svchost.exe [1308:4060] 00007ffe50c1a3b0
      Thread C:\WINDOWS\system32\svchost.exe [1308:4064] 00007ffe50bd25e0
      Thread C:\WINDOWS\system32\svchost.exe [1308:4532] 00007ffe4e1f3bc0
      Thread C:\WINDOWS\system32\svchost.exe [1308:6360] 00007ffe4e1f2080
      Thread C:\WINDOWS\system32\svchost.exe [1684:1748] 00007ffe5bede830
      Thread C:\WINDOWS\system32\svchost.exe [1684:1792] 00007ffe5bda10a0
      Thread C:\WINDOWS\system32\svchost.exe [1684:2044] 00007ffe5b2c2cf0
      Thread C:\WINDOWS\system32\svchost.exe [1684:4012] 00007ffe5ad25bd0
      Thread C:\WINDOWS\system32\svchost.exe [1684:4028] 00007ffe5ad29b20
      Thread C:\WINDOWS\system32\svchost.exe [1684:4036] 00007ffe5b2c2cf0
      Thread C:\WINDOWS\system32\svchost.exe [1800:1932] 00007ffe5b3944b0
      Thread C:\WINDOWS\system32\svchost.exe [1800:3720] 00007ffe60156750
      Thread C:\WINDOWS\System32\spoolsv.exe [1908:2604] 00007ffe52715bc0
      Thread C:\WINDOWS\System32\spoolsv.exe [1908:1656] 00007ffe52632740
      Thread C:\WINDOWS\System32\spoolsv.exe [1908:4248] 00007ffe52632740
      Thread C:\WINDOWS\System32\spoolsv.exe [1908:4960] 00007ffe5c251180
      Thread C:\WINDOWS\System32\spoolsv.exe [1908:4452] 00007ffe54da8e40
      Thread C:\WINDOWS\system32\svchost.exe [2252:2272] 00007ffe62a93db0
      Thread C:\WINDOWS\system32\svchost.exe [2684:3436] 00007ffe52715bc0
      Thread C:\WINDOWS\system32\svchost.exe [2684:3468] 00007ffe52632740
      Thread C:\WINDOWS\system32\dashost.exe [3184:4976] 00007ffe5b5730f0
      Thread C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [4292:2564] 00007ffe4d537944
      Thread C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [4292:2612] 00007ffe4d3fbeb4
      Thread C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [4292:4964] 00007ffe4d3fbeb4
      Thread C:\WINDOWS\system32\svchost.exe [5784:6124] 00007ffe5d23b180
      Thread C:\WINDOWS\system32\svchost.exe [5784:6132] 00007ffe5d23f5f0
      Thread C:\WINDOWS\system32\taskhostw.exe [5916:6216] 00007ffe4683a3b0
      Thread C:\WINDOWS\system32\taskhostw.exe [5916:6220] 00007ffe5f2230f0
      Thread C:\WINDOWS\system32\taskhostw.exe [5916:6244] 00007ffe5cd17930
      Thread C:\WINDOWS\system32\taskhostw.exe [5916:6248] 00007ffe5cd17930
      Thread C:\WINDOWS\system32\taskhostw.exe [5916:6252] 00007ffe5cd17930
      Thread C:\windows\system32\rundll32.exe [8384:8572] 00007ffe5cfb4ff0
      Thread C:\Program Files\Lenovo\iMController\PluginCommunication.exe [4316:8812] 00000000706583a0
      Thread C:\Program Files\Lenovo\iMController\PluginCommunication.exe [4316:7648] 0000000070624920
      Thread C:\Program Files\Lenovo\iMController\PluginCommunication.exe [4316:7088] 00000000768c64d0
      Thread C:\Program Files\Lenovo\iMController\PluginCommunication.exe [4316:2176] 00000000760429d0

      ---- Registry - GMER 2.2 ----

      Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\[email protected] -1558692012
      Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\34e6adf87a8b
      Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\[email protected] 0xC0 0xEF 0x33 0x67 ...
      Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x55 0xFB 0xF7 0x71 ...
      Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x55 0x63 0xBC 0xD3 ...
      Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\[email protected] 0x55 0x93 0x33 0x10 ...
      Reg HKLM\SYSTEM\[email protected] 0x86 0x4E 0xBE 0xD5 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\[email protected] 0x64 0x62 0x03 0x00 ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}\[email protected] 1
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}\[email protected] 21
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}\[email protected] 15
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}\[email protected] 109
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\[email protected] 1253
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\[email protected] 144
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\[email protected] 0x36 0xBA 0xE5 0x81 ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\[email protected] t 0xF3 0xC4 0x33 0x7E ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{A4051A52-8EE4-41FB-9DD5-43AC09A16D76}@LastAccessedTime 0xE0 0x0F 0x8B 0xCD ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{A4051A52-8EE4-41FB-9DD5-43AC09A16D76}@LaunchCount 40
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}@LastAccessedTime 0xE0 0xD7 0xE8 0x14 ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}@LaunchCount 1
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}\RecentItems\{8C4B43D5-9FC7-4050-9CD0-7EC33338699E}
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}\RecentItems\{8C4B43D5-9FC7-4050-9CD0-7EC33338699E}@Type 0
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}\RecentItems\{8C4B43D5-9FC7-4050-9CD0-7EC33338699E}@Path C:\Users\Mohammed\Desktop\????? ??? ????.txt
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}\RecentItems\{8C4B43D5-9FC7-4050-9CD0-7EC33338699E}@DisplayName ????? ??? ????
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}\RecentItems\{8C4B43D5-9FC7-4050-9CD0-7EC33338699E}@LastAccessedTime 0x00 0x00 0x00 0x00 ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{B4AAD001-504E-4AB7-8CB0-FB780383093D}\RecentItems\{8C4B43D5-9FC7-4050-9CD0-7EC33338699E}@Points 0x00 0x00 0x00 0x00
      Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error [email protected] 0x99 0xB2 0x1C 0xF5 ...
      Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting\[email protected] C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_Microsoft.Window_2c2c838dc46e2ace59d57cf 121496384dc47_257714de_20e829f8
      Reg HKCU\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug\[email protected] 0xAA 0x07 0x78 0x00 ...

      ---- Disk sectors - GMER 2.2 ----

      Disk \Device\Harddisk0\DR0 unknown MBR code

      ---- EOF - GMER 2.2 ----

      Comment


      • #4
        Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
        Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

        Farbar Recovery Scan Tool uitvoeren
        • Dubbelklik op FRST.exe om de tool te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
        • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
        • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
        • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Farbar log

          Goedenavond, dank voor uw reactie.
          In de bijlage de twee logjes.
          Bijgevoegde Bestanden

          Comment


          • #6
            Goede morgen,
            Ik kan veel niet lezen omdat het in Arabisch staat.


            Start de Farbar Recovery Scan Tool nogmaals.
            • Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
            • Dubbelklik op FRST.exe om de tool te starten.
            • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
            • Druk op de Fix knop
            • Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
            • Voeg dit logbestand als bijlage toe aan het volgende bericht..


            [attachment=0]fixlist.txt[/attachment]


            fixlist.txt

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Bedankt voor uw reactie.
              Mijn laptop is inderdaad in het Arabisch ingesteld. Excuus voor het ongemak, indien noodzakelijk, ben ik bereid hem in het Nederlands in te stellen.
              In de bijlage het gevraagde logje.

              Tevens heb ik uit het ADDITION logje het gedeelte waar Arabisch stond vertaald en dit in het bijgevoegde tekstbestandje geplaatst. Het is letterlijk vertaald, dus mogelijk nog niet duidelijk wat er bedoeld wordt. Misschien heb je er iets aan, anders kan je het negeren.

              Bedankt
              Bijgevoegde Bestanden

              Comment


              • #8
                De fix is iig goed gelukt, is er al wat verbetering merkbaar ?

                Windows 10 opstarten in Veilige Modus

                Comment


                • #9
                  Goedemiddag,
                  Bedankt.

                  Opgelost:
                  - geen detectiemeldingen meer
                  - geen open springende websites meer
                  - geen trotux meer
                  - Antivirus start weer

                  Nog aanwezig:
                  - Icoontjes op de taakbalk gaan niet open.
                  - Windows edge, windows store en diverse andere windows programma's starten niet

                  Nieuw:
                  - Wifi valt op willekeurige momenten (ong elk kwartier) weg. Na een klein minuutje maakt hij weer verbinding. Ik heb vergeleken met alle andere apparaten in huis maar daar gebeurt het niet, het is echt alleen deze laptop.


                  Zoals ik eerder aangaf: het belangrijkste is dat ik veilig mijn bestanden kan kopieëren naar een extern harde schijf, zonder dat de harde schijf besmet raakt of er een infectie meelift. Als dit nu mogelijk is dan is het probleem opgelost

                  Comment


                  • #10
                    Raar dat de icoons niet hun werk doen.

                    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
                    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
                    (hier en hier) kan je lezen hoe je dat doet.

                    en download Zoek.exe naar het bureaublad.
                    klik hier voor meer informatie over hoe zoek.exe te gebruiken)
                    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
                    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
                    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
                    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
                    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
                      Code:
                      emptyfolderscheck;delete
                      torpigcheck; 
                      firefoxlook; 
                      Chromelook;
                      services-list;  
                      autoclean; 
                      iedefaults;
                    • Klik nu op de knop "Run script".
                    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
                    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
                    • Post het geopende logje in het volgende bericht als bijlage.

                    Windows 10 opstarten in Veilige Modus

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X