Na herstart en opnieuw zoek.exe aanklikken kon ik kiezen om het logbestand te openen, hieronder het gevraagde logje.
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by startklaar on za 05-11-2016 at 13:22:58,76.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\startklaar\Desktop\zoek(2).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2016-11-04-165826.log 9609 bytes
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.1.0.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Services(whitelist) ======================
Powered by
E Dev
R2 - [AgereModemAudio] - Agere Modem Call Progress Audio - c:\program files\lsi softmodem\agr64svc.exe
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
R2 - [avgsvc] - AVG Service - c:\program files (x86)\avg\framework\common\avgsvca.exe
R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe
R2 - [DbxSvc] - DbxSvc - c:\windows\system32\dbxsvc.exe
R2 - [ePowerSvc] - Acer ePower Service - c:\program files\acer\acer epower management\epowersvc.exe
R2 - [fshoster] - F-Secure Dll Hoster - c:\program files (x86)\kpn veilig\fshoster32.exe
R2 - [FSORSPClient] - F-Secure ORSP Client - c:\program files (x86)\kpn veilig\apps\ccf_reputation\fsorsp.exe
R2 - [hmpalertsvc] - HitmanPro.Alert service - c:\program files (x86)\hitmanpro.alert\hmpalert.exe
R2 - [IAANTMON] - Intel(R) Matrix Storage Event Monitor - c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe
R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [MSMQ] - Message Queuing - c:\windows\system32\mqsvc.exe
R2 - [RapportMgmtService] - Rapport Management Service - c:\program files (x86)\trusteer\rapport\bin\rapportmgmtservice.exe
R2 - [SynTPEnhService] - SynTPEnh Caller Service - c:\program files\synaptics\syntp\syntpenhservice.exe
R2 - [Unchecky] - Unchecky - c:\program files (x86)\unchecky\bin\unchecky_svc.exe
R2 - [UNS] - Intel(R) Management & Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [FSMA] - F-Secure Management Agent - c:\program files (x86)\kpn veilig\apps\computersecurity\common\fsma32.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S2 - [dbupdate] - Dropbox-update-service (dbupdate) - c:\program files (x86)\dropbox\update\dropboxupdate.exe
S2 - [EMET_Service] - Microsoft EMET Service - c:\program files (x86)\emet 5.1\emet_service.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [dbupdatem] - Dropbox-update-service (dbupdatem) - c:\program files (x86)\dropbox\update\dropboxupdate.exe
S3 - [diagnosticshub.standardcollector.service] - Microsoft(R) Diagnostics Hub Standard Collector-service - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - c:\program files (x86)\microsoft office\office12\grooveauditservice.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [MWLService] - MyWinLocker Service - c:\program files (x86)\egistec\mywinlocker 3\x86\\mwlservice.exe
S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SensorDataService] - Sensor Data Service - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TieringEngineService] - Storage Tiers Management - c:\windows\system32\tieringengineservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [TurboBoost] - TurboBoost - c:\program files\intel\turboboost\turboboost.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [PCPitstop Scheduling] - PCPitstop Scheduling - c:\program files (x86)\pcpitstop\pcpitstopscheduleservice.exe
==== Deleting Services ======================
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2016-06-09 19:10:01 -------- d-----w- C:\PROGRA~3\boost_interprocess
2016-07-16 11:47:48 -------- d-----w- C:\PROGRA~3\regid.1991-06.com.microsoft
2016-07-16 11:47:48 -------- d-----w- C:\PROGRA~3\USOPrivate
2016-07-16 11:47:48 -------- d-s---w- C:\PROGRA~3\Microsoft
2016-08-04 13:29:57 -------- d-sh--we C:\PROGRA~3\Application Data
2016-08-04 14:00:13 -------- d-----w- C:\PROGRA~3\USOShared
2016-08-04 14:05:23 -------- d-----w- C:\PROGRA~3\Microsoft OneDrive
2016-08-11 10:49:47 -------- d-----w- C:\PROGRA~3\NortonInstaller
2016-11-01 16:16:33 -------- d-----w- C:\PROGRA~3\F-Secure
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"
ols@f-secure.com"="C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi" [01-11-2016 19:01]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"
ols@f-secure.com"="C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi" [01-11-2016 19:01]