Mededeling

**QuintenMilo** · 02-06-16, 10:32

Malwarebytes Anti-Malware

Cyber Security Software & Anti-Malware | Malwarebytes

https://www.malwarebytes.org

Protect your home and business PCs, Macs, iOS and Android devices from the latest cyber threats and malware, including ransomware.

Scandatum: 1-6-2016
Scantijd: 22:05
Logboekbestand: MBAM.txt
Beheerder: Ja

Versie: 2.2.1.1043
Malware-database: v2016.06.01.06
Rootkit-database: v2016.05.27.01
Licentie: Proef
Malware-bescherming: Ingeschakeld
Bescherming tegen kwaadaardige websites: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 8.1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: User

Scantype: Aangepaste scan
Resultaat: Voltooid
Objecten gescand: 535686
Verstreken tijd: 13 u., 10 min, 42 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)

Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 0
(Geen kwaadaardige items gedetecteerd)

Bestanden: 0
(Geen kwaadaardige items gedetecteerd)

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)

(end)

# AdwCleaner v5.119 - Logbestand aangemaakt 02/06/2016 op 11:21:35
# Laatste update 30/05/2016 door Xplode
# Database : 2016-05-30.3 [Server]
# Besturingssysteem : Windows 8.1 (X64)
# Gebruikersnaam : User - LENOVO-PC
# Gestart vanuit : C:\Users\User\Desktop\adwcleaner_5.119.exe
# Optie : Scannen
# Ondersteuning : http://toolslib.net/forum

***** [ Services ] *****

***** [ Mappen ] *****

***** [ Bestanden ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Snelkoppelingen ] *****

***** [ Geplande taken ] *****

***** [ Register ] *****

***** [ Internetbrowsers ] *****

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [21660 bytes] - [29/05/2016 01:01:08]
C:\AdwCleaner\AdwCleaner[C2].txt - [1814 bytes] - [29/05/2016 01:58:00]
C:\AdwCleaner\AdwCleaner[C3].txt - [3410 bytes] - [30/05/2016 14:32:55]
C:\AdwCleaner\AdwCleaner[C4].txt - [2222 bytes] - [01/06/2016 20:00:15]
C:\AdwCleaner\AdwCleaner[S10].txt - [955 bytes] - [02/06/2016 11:21:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [21469 bytes] - [29/05/2016 00:58:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [1572 bytes] - [29/05/2016 01:55:46]
C:\AdwCleaner\AdwCleaner[S3].txt - [1264 bytes] - [29/05/2016 09:37:57]
C:\AdwCleaner\AdwCleaner[S4].txt - [3144 bytes] - [30/05/2016 14:25:56]
C:\AdwCleaner\AdwCleaner[S5].txt - [1327 bytes] - [30/05/2016 14:41:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [2130 bytes] - [01/06/2016 19:13:42]
C:\AdwCleaner\AdwCleaner[S7].txt - [1546 bytes] - [01/06/2016 23:43:17]
C:\AdwCleaner\AdwCleaner[S9].txt - [1619 bytes] - [01/06/2016 23:45:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [1613 bytes] ##########

E-Peek v 1.9.9.0 ENHANCED 4 © Emphyrio/Onsia Patrick 2013-2016
E Dev
Run at do 2 jun 2016 11:28
.
Windows 8.1 (64 bits)
C:\windows [NTFS - Fixed]
Default Browser: Google Chrome
Boot mode: Normal boot
User logged in: User
.
Java x86: 1.8
Java x64: n/a
.
AV : Emsisoft Anti-Malware [Updated - Running]
AV : Windows Defender [Updated - Not Running]
AS : Windows Defender [Updated - Not Running]
AS : Emsisoft Anti-Malware [Updated - Running]
FW : Windows firewall
.
==================== Files and Folders history =================================

Folders Created Last 7 days :

31-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\GlarySoft
31-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\DiskDefrag
31-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Local\Temp
31-05-2016 ##### r-h-s-d+a- C:\ProgramData\Emsisoft
31-05-2016 ##### r-h-s-d+a- C:\Program Files\Emsisoft Anti-Malware
31-05-2016 ##### r-h-s-d+a- C:\Program Files (x86)\Glary Utilities 5
31-05-2016 ##### r-h+s+d+a- C:\$RECYCLE.BIN
30-05-2016 ##### r-h-s-d+a- C:\zoek_backup
30-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\taobao
30-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\favicons
30-05-2016 ##### r-h-s-d+a- C:\rsit
30-05-2016 ##### r-h-s-d+a- C:\Program Files\trend micro
29-05-2016 ##### r-h-s-d+a- C:\Users\User\Start Menu
29-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Local\AvgSetupLog
29-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Local\Avg
29-05-2016 ##### r-h-s-d+a- C:\ProgramData\Trend Micro
29-05-2016 ##### r-h-s-d+a- C:\ProgramData\Avg
29-05-2016 ##### r-h-s-d+a- C:\Program Files (x86)\Enigma Software Group
29-05-2016 ##### r-h-s-d+a- C:\Program Files (x86)\AVG
29-05-2016 ##### r-h-s-d+a- C:\AdwCleaner
29-05-2016 ##### r-h+s-d+a- C:\ProgramData\Common Files
28-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\SNDA
28-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\ADSKIP
28-05-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Local\UCBrowser
28-05-2016 ##### r-h-s-d+a- C:\ProgramData\Thunder Network
28-05-2016 ##### r-h-s-d+a- C:\ProgramData\Malwarebytes
28-05-2016 ##### r-h-s-d+a- C:\ProgramData\download
28-05-2016 ##### r-h-s-d+a- C:\ProgramData\did
28-05-2016 ##### r-h-s-d+a- C:\Program Files\¿ìÑ¹
28-05-2016 ##### r-h-s-d+a- C:\Program Files (x86)\UCBrowser
28-05-2016 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware
01-06-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\Kuaizip
01-06-2016 ##### r-h-s-d+a- C:\Users\User\AppData\Roaming\E Dev
01-06-2016 ##### r-h-s-d+a- C:\Program Files\CCleaner
01-06-2016 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev

Files Modified Last 7 days :

29-05-2016 00000094 r-h-s-d-a+ C:\windows\SysWOW64\cookies
28-05-2016 01826596 r-h-s-d-a+ C:\windows\system32\PerfStringBackup.INI
28-05-2016 00807742 r-h-s-d-a+ C:\windows\system32\perfh013.dat
28-05-2016 00723514 r-h-s-d-a+ C:\windows\system32\perfh009.dat
28-05-2016 00493312 r-h-s-d-a+ C:\windows\system32\FNTCACHE.DAT
28-05-2016 00162706 r-h-s-d-a+ C:\windows\system32\perfc013.dat
28-05-2016 00136128 r-h-s-d-a+ C:\windows\system32\perfc009.dat
01-06-2016 00008704 r-h-s-d-a+ C:\windows\system32\VfService.trf

Files Created Last 7 days :

29-05-2016 00518681 r-h-s-d-a+ C:\Users\User\AppData\Local\census.cache
29-05-2016 00176869 r-h-s-d-a+ C:\Users\User\AppData\Local\ars.cache
29-05-2016 00000036 r-h-s-d-a+ C:\Users\User\AppData\Local\housecall.guid.cache
29-05-2016 00000010 r-h-s-d-a+ C:\Users\User\AppData\Local\sponge.last.runtime.cache
29-05-2016 00000000 r-h-s-d-a+ C:\Users\User\defogger_reenable
28-05-2016 00829944 r-h-s-d-a+ C:\windows\SysWOW64\FlashPlayerApp.exe
28-05-2016 00176632 r-h-s-d-a+ C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
28-05-2016 00000094 r-h-s-d-a+ C:\windows\SysWOW64\cookies
01-06-2016 00000111 r-h-s-d-a+ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== RUNNING PROCESSES =========================================

[a2guard] -User- C:\Program Files\Emsisoft Anti-Malware\a2guard.exe - (Emsisoft Ltd)
[a2service] -SYSTEM- C:\Program Files\Emsisoft Anti-Malware\a2service.exe - (Emsisoft Ltd)
[a2start] -User- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe - (Emsisoft Ltd)
[ActivateDesktop] -User- C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe - ()
[AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Windows (R) Win 7 DDK provider)
[Ath_CoexAgent] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - (Atheros)
[audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe)
[avgsvca] -SYSTEM- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe - (AVG Technologies CZ, s.r.o.)
[avguix] -User- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe - (AVG Technologies CZ, s.r.o.)
[BtvStack] -User- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - (Qualcomm®Atheros®)
[CCleaner64] -User- C:\Program Files\CCleaner\CCleaner64.exe - (Piriform Ltd)
[chrome] -User- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
[chrome] -User- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
[chrome] -User- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
[chrome] -User- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
[chrome] -User- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
[chrome] -User- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
[csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
[csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
[dasHost] -LOCAL SERVICE- C:\windows\system32\dashost.exe - (Microsoft Corporation)
[dllhost] -User- C:\windows\system32\DllHost.exe - (Microsoft Corporation)
[dwm] -DWM-1- C:\windows\system32\dwm.exe - (Microsoft Corporation)
[Energy Manager] -User- C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe - (Lenovo(beijing) Limited)
[E-Peek 1.9.9.0] -User- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev)
[explorer] -User- C:\windows\Explorer.EXE - (Microsoft Corporation)
[GWX] -User- C:\windows\system32\GWX\GWX.exe - (Microsoft Corporation)
[HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation)
[IAStorDataMgrSvc] -SYSTEM- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - (Intel Corporation)
[igfxpers] -User- C:\Windows\System32\igfxpers.exe - (Intel Corporation)
[igfxsrvc] -User- C:\windows\system32\igfxsrvc.exe - (Intel Corporation)
[Integrator] -User- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe - (Glarysoft Ltd)
[IntelMeFWService] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe - (Intel Corporation)
[jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation)
[LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
[lsass] -SYSTEM- C:\windows\system32\lsass.exe - (Microsoft Corporation)
[mbam] -User- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe - (Malwarebytes)
[mbamscheduler] -SYSTEM- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe - (Malwarebytes)
[mbamservice] -SYSTEM- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe - (Malwarebytes)
[msiexec] -SYSTEM- C:\windows\system32\msiexec.exe - (Microsoft Corporation)
[OSPPSVC] -NETWORK SERVICE- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - (Microsoft Corporation)
[PGService] -SYSTEM- C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe - (PointGrab LTD)
[RAVBg64] -User- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - (Realtek Semiconductor)
[RAVCpl64] -User- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
[RTFTrack] -User- C:\Windows\RTFTrack.exe - (Realtek semiconductor)
[SearchIndexer] -SYSTEM- C:\windows\system32\SearchIndexer.exe - (Microsoft Corporation)
[services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe)
[SH4SER~1] -SYSTEM- C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE - (Enigma Software Group USA, LLC.)
[smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe)
[spoolsv] -SYSTEM- C:\windows\System32\spoolsv.exe - (Microsoft Corporation)
[SpyHunter4] -User- C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe - (Enigma Software Group USA, LLC.)
[SynTPEnh] -User- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated)
[SynTPHelper] -User- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE - (Synaptics Incorporated)
[System] -N/A- - (System)
[taskeng] -SYSTEM- C:\windows\system32\taskeng.exe - (Microsoft Corporation)
[taskhost] -LOCAL SERVICE- C:\windows\system32\taskhost.exe - (Microsoft Corporation)
[taskhostex] -User- C:\windows\system32\taskhostex.exe - (Microsoft Corporation)
[utility] -User- C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe - (Lenovo(beijing) Limited)
[VfConnectorService] -SYSTEM- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe - ()
[wininit] -SYSTEM- C:\windows\system32\wininit.exe - (Microsoft Corporation)
[winlogon] -SYSTEM- C:\windows\system32\winlogon.exe - (Microsoft Corporation)
[wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)
[WUDFHost] -LOCAL SERVICE- C:\Windows\System32\WUDFHost.exe - (Microsoft Corporation)

==================== IE PAGES ==================================================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main
Start Page = about:blank
Local Page = C:\Windows\SysWOW64\blank.htm
Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
DefaultScope = {8F292455-2BAD-4543-B91B-AB089FA2655C}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{8F292455-2BAD-4543-B91B-AB089FA2655C}
DisplayName = Bing
URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB

==================== IE PAGES x64 ==============================================

HKLM\Software\Microsoft\Internet Explorer\Main
Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
Local Page = C:\Windows\System32\blank.htm
Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM\Software\Microsoft\Internet Explorer\SearchScopes
DefaultScope = {8F292455-2BAD-4543-B91B-AB089FA2655C}

HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8F292455-2BAD-4543-B91B-AB089FA2655C}
DisplayName = Bing
URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB

==================== Auto Load =================================================

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\windows\system32\userinit.exe,
Shell = explorer.exe

==================== Auto Load x64 =============================================

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\windows\system32\userinit.exe,
Shell = explorer.exe

==================== Browsers present ==========================================

Google Chrome
IEXPLORE.EXE

==================== Google Chrome =============================================

==================== Windows Host File =========================================

Number of lines exceeds 10

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== BHO =======================================================

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper
=> HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper
=> HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll

{B4F3A835-0E21-4959-BA22-42B3008E02FF}
HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
=> HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

{DBC80044-A445-435b-BC74-9C25C1C588A9}
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper
=> HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll

==================== BHO x64 ===================================================

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper
=> HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL

{B4F3A835-0E21-4959-BA22-42B3008E02FF}
HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
=> HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL

==================== Auto Start Programs =======================================

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
AvgUi = "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
BCSSync = "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
Malwarebytes Anti-Malware (cleanup) = "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
GUDelayStartup = "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uTorrent = "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Auto Start Programs x64 ===================================

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
emsisoft anti-malware = "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
Energy Manager = C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
HotKeysCmds = "C:\windows\system32\hkcmd.exe"
IgfxTray = "C:\windows\system32\igfxtray.exe"
Lenovo Utility = C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
Persistence = "C:\windows\system32\igfxpers.exe"
RtHDVBg_Dolby = "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
RtsFT = RTFTrack.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled]
emsisoft anti-malware = 2
Energy Manager = 2
HotKeysCmds = 3
IgfxTray = 3
Lenovo Utility = 2
Persistence = 2
RtHDVBg_Dolby = 2
RtHDVCpl = 2
RtsFT = 2
WINCOMJQ8 = 2
QQPCTray = 3
AvgUi = 2
BCSSync = 3
mcpltui_exe = 2
tasklist.exe -start = 3

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
GUDelayStartup = "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uTorrent = "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Extra Items IE ============================================

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

==================== Extra Items IE x64 ========================================

HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

==================== Internet Default Prefix ===================================

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
Default = http://

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes
WWW = http://

==================== Internet Default Prefix x64 ===============================

HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
Default = http://

HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes
WWW = http://

==================== Protocol Hijackers ========================================

HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml
CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
=> SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

==================== Protocol Hijackers x64 ====================================

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
=> SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown

==================== ShellServiceObjectDelayLoad ===============================

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
=> HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]

==================== ShellServiceObjectDelayLoad x64 =========================

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
=> HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]

==================== Extra (Torpig/ConduitSearch) ==============================

HKCR\Directory\shellex\CopyHookHandlers\Ath_CopyHook @ Default = {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}
=> HKCR\CLSID\{8e10a039-fe03-4f9c-b7e1-c5eeeaf53735}\InProcServer32 @ Default = C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll

HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D}
=> HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\windows\system32\shell32.dll

HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
=> HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\windows\system32\ntshrui.dll

==================== DRIVERS and SERVICES ======================================

*** Win32OwnProcess ***

SERV - R2 - [a2AntiMalware] - Emsisoft Protection Service - c:\program files\emsisoft anti-malware\a2service.exe
SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe
SERV - R2 - [avgsvc] - AVG Service - c:\program files (x86)\avg\framework\common\avgsvca.exe
SERV - R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe
SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
SERV - R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
SERV - R2 - [PGService] - PGService - c:\program files (x86)\lenovo\motion control\pgservice.exe
SERV - R2 - [SpyHunter 4 Service] - SpyHunter 4 Service - c:\progra~2\enigma~1\spyhun~1\sh4ser~1.exe
SERV - R2 - [VeriFaceSrv] - VeriFaceSrv - c:\program files (x86)\lenovo\lenovo veriface\vfconnectorservice.exe
SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
SERV - R2 - [ZAtheros Bt and Wlan Coex Agent] - ZAtheros Bt and Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe
SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
SERV - R3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
SERV - S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
SERV - S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe
SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
SERV - S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
SERV - S4 - [PG_Service_Launcher] - ##ID_STRING30## - c:\program files (x86)\lenovo\motion control\pg_service_launcher.exe

*** Win32ShareProcess ***

SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

*** Others ***

SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

*** File System Driver ***

DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\windows\system32\Drivers\FileInfo.sys
DRV - R0 - [FltMgr] - FltMgr - C:\windows\system32\Drivers\FltMgr.sys
DRV - R0 - [MBAMSwissArmy] - MBAMSwissArmy - C:\windows\system32\Drivers\MBAMSwissArmy.sys
DRV - R0 - [Mup] - Mup - C:\windows\system32\Drivers\Mup.sys
DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\windows\system32\Drivers\Wof.sys
DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\windows\system32\Drivers\NetBIOS.sys
DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\windows\system32\Drivers\srv.sys
DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\windows\system32\Drivers\srv2.sys

*** Kernel Driver ***

DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\windows\system32\Drivers\ACPI.sys
DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\windows\system32\Drivers\acpiex.sys
DRV - R0 - [CLFS] - Common Log (CLFS) - C:\windows\system32\Drivers\CLFS.sys
DRV - R0 - [CNG] - CNG - C:\windows\system32\Drivers\CNG.sys
DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\windows\system32\Drivers\disk.sys
DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\windows\system32\Drivers\EhStorClass.sys
DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\windows\system32\Drivers\fvevol.sys
DRV - R0 - [iaStorA] - iaStorA - C:\windows\system32\Drivers\iaStorA.sys
DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\windows\system32\Drivers\intelpep.sys
DRV - R0 - [KSecDD] - KSecDD - C:\windows\system32\Drivers\KSecDD.sys
DRV - R0 - [KSecPkg] - KSecPkg - C:\windows\system32\Drivers\KSecPkg.sys
DRV - R0 - [mountmgr] - Mount Point Manager - C:\windows\system32\Drivers\mountmgr.sys
DRV - R0 - [msisadrv] - msisadrv - C:\windows\system32\Drivers\msisadrv.sys
DRV - R0 - [NDIS] - NDIS System Driver - C:\windows\system32\Drivers\NDIS.sys
DRV - R0 - [partmgr] - Partition Manager - C:\windows\system32\Drivers\partmgr.sys
DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\windows\system32\Drivers\pci.sys
DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\windows\system32\Drivers\pcw.sys
DRV - R0 - [pdc] - pdc - C:\windows\system32\Drivers\pdc.sys
DRV - R0 - [rdyboost] - ReadyBoost - C:\windows\system32\Drivers\rdyboost.sys
DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\windows\system32\Drivers\spaceport.sys
DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\windows\system32\Drivers\Tcpip.sys
DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\windows\system32\Drivers\vdrvroot.sys
DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\windows\system32\Drivers\volmgr.sys
DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\windows\system32\Drivers\volmgrx.sys
DRV - R0 - [volsnap] - Opslagvolumes - C:\windows\system32\Drivers\volsnap.sys
DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\windows\system32\Drivers\Wdf01000.sys
DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\windows\system32\Drivers\WFPLWFS.sys
DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\windows\system32\Drivers\AFD.sys
DRV - R1 - [Beep] - Beep - C:\windows\system32\Drivers\Beep.sys
DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\windows\system32\Drivers\tdx.sys
DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\windows\system32\Drivers\tcpipreg.sys
DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\windows\system32\Drivers\hwpolicy.sys
DRV - S3 - [atapi] - IDE-kanaal - C:\windows\system32\Drivers\atapi.sys

==================== SvcHost - White Listed ====================================

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@kuaizipupdatesvc
KuaizipUpdateChecker = ServiceDll = C:\Program Files\¿ìÑ¹\X86\kuaizipUpdateChecker.dll [1bb93021b6233015bbf6dcaa396e9b69]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@SDDUpdate
SDDUpdate = ServiceDll = C:\Users\User\AppData\Roaming\SNDA\SDUpdate\SDDUpdateSvc.dll [e4dbd8dbbdb5c5a2e6e4fe3a47c9c76c]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost@zipsvcs
ziphost = [e4dbd8dbbdb5c5a2e6e4fe3a47c9c76c]

==================== SvcHost x64 - White Listed ================================

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@bthaudiosvc
BthHFSrv = ServiceDll = C:\windows\System32\BthHFSrv.dll [9307a4b743d277c499cda8e19e5687ac]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@utcsvc
DiagTrack = ServiceDll = C:\windows\system32\diagtrack.dll [21edad8188372c912b7bb9b1c6cb0d38]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@zipsvcs
ziphost = [21edad8188372c912b7bb9b1c6cb0d38]

==================== SigCheck x86 Fast =========================================

Fast Scan All ok

==================== SigCheck x64 Fast =========================================

Fast Scan All ok

==================== Job tasks at C:\windows\Tasks =============================

C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 1080 bytes [ 4-10-2014 14:19:12 ]

C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 1084 bytes [ 4-10-2014 14:19:13 ]

C:\windows\Tasks\GoogleUpdateTaskMachineUA1d045259cd1a41f.job 1084 bytes [ 10-2-2015 12:35:04 ]

C:\windows\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ]

==================== Job tasks at C:\windows\system32\Tasks ====================

C:\windows\system32\Tasks\CCleanerSkipUAC 2790 bytes [ 1-6-2016 17:19:07 ]
=> "C:\Program Files\CCleaner\CCleaner.exe"

C:\windows\system32\Tasks\GlaryInitialize 5 3302 bytes [ 31-5-2016 18:08:50 ]
=> C:\Program Files (x86)\Glary Utilities 5\Initialize.exe

C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore 3820 bytes [ 4-10-2014 14:19:13 ]
=> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA 4056 bytes [ 4-10-2014 14:19:13 ]
=> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA1d045259cd1a41f 4056 bytes [ 10-2-2015 12:35:04 ]
=> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\windows\system32\Tasks\GU5SkipUAC 2972 bytes [ 31-5-2016 18:08:51 ]
=> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe

C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-278847328-4206653430-2381594855-500 3594 bytes [ 7-10-2013 20:31:12 ]

C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3569595402-296400714-1548389596-1001 3596 bytes [ 25-9-2014 20:13:32 ]

C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3569595402-296400714-1548389596-500 2324 bytes [ 28-12-2013 01:38:06 ]

C:\windows\system32\Tasks\SpyHunter4Startup 3336 bytes [ 29-5-2016 01:17:59 ]
=> "C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe"

C:\windows\system32\Tasks\Synaptics TouchPad Enhancements 2990 bytes [ 28-12-2013 02:25:53 ]
=> "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

C:\windows\system32\Tasks\User_Feed_Synchronization-{567FD480-8517-447C-9BC2-69247981B32A} 3958 bytes [ 25-9-2014 10:16:44 ]
=> C:\windows\system32\msfeedssync.exe

==================== Job tasks at C:\windows\SysWOW64\Tasks ====================

There are no .job files found.

==================== End scanning at do 2 jun 2016 11:29 (0 Min 39 Sec ) =======

**Juisterr** · 02-06-16, 11:44

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
(hier en hier) kan je lezen hoe je dat doet.

en download Zoek.exe naar het bureaublad.
klik hier voor meer informatie over hoe zoek.exe te gebruiken)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.

Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
Code:
```
emptyfolderscheck;delete
torpigcheck; 
firefoxlook; 
Chromelook;
services-list;  
autoclean; 
iedefaults;
```
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

**QuintenMilo** · 02-06-16, 21:26

zoek-results.txt

**Juisterr** · 02-06-16, 21:34

Gaat het al beter nu ?

**QuintenMilo** · 02-06-16, 21:49

Er is veel verwijderd, maar dit staat er nig steeds na de rechtermuisklik :-)

**Juisterr** · 03-06-16, 11:50

Als je met je rechtmuis erop klikt kan je de locatie vinden (Eigenschappen) met daar de naam, kan je daar ook een screenshot van maken?

**Juisterr** · 04-06-16, 10:44

Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links

Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Farbar Recovery Scan Tool uitvoeren

Klik met de rechtermuisknop op FRST.exe en kies voor de optie "Als administrator uitvoeren".
Als het programma is geopend klik Yes (Ja) bij de disclaimer.
Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Voeg beide logbestanden als bijlage toe aan het volgende bericht.

**QuintenMilo** · 05-06-16, 10:11

Oorspronkelijk geplaatst door Juisterr

Als je met je rechtmuis erop klikt kan je de locatie vinden (Eigenschappen) met daar de naam, kan je daar ook een screenshot van maken?

nee dat lukt dus niet, vandaar alleen even de screenshot van de rechtermuisklik. Als ik namelijk op eigenschppen wil klikken, dan verdwijnt het scherm.

**QuintenMilo** · 05-06-16, 10:29

Addition.txt FRST.txt

**Juisterr** · 05-06-16, 11:47

Dank je, wil je nu eerst SpyHunter uninstallen aub, die kan de fix in de weg zitten. Mag niks negatiefs zeggen over spyhunter want dan krijg ik een proces aan mijn kleed.

Start de Farbar Recovery Scan Tool nogmaals.

Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
Dubbelklik op FRST.exe om de tool te starten.
Als het programma is geopend klik Yes (Ja) bij de disclaimer.
Druk op de Fix knop
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Voeg dit logbestand als bijlage toe aan het volgende bericht..

Bijgevoegde Bestanden

fixlist tekens.txt (3,3 KB, 116 keer bekeken)

**Juisterr** · 06-06-16, 07:47

Wil het lukken?

**QuintenMilo** · 06-06-16, 13:20

ik ben bezig, heb Spyhunter verwijderd. Ik heb het .txt bestand naar het bureaublad gekopieerd. De frst64.exe gestart, fixen geklikt, dan komt er te staan dat er geen fixlist gevonden is en dat het bestand in dezelfde map als FRST moet liggen

**QuintenMilo** · 06-06-16, 13:42

Fixlog.txt alsjeblieft....hoeplijk is dit gelukt zo !

**Juisterr** · 06-06-16, 14:03

Lijkt er wel op, heb je al herstart ? zo nee, doe dat dan even.

Vertel of je die chinese karakters nog terugvind.

Mededeling

Chinese teken na rechtermuisklik

Chinese teken na rechtermuisklik

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment