start CreateRestorePoint: CloseProcesses: GroupPolicy: Restrictie <======= AANDACHT GroupPolicy\User: Restrictie <======= AANDACHT GroupPolicyUsers\S-1-5-21-3836464221-2109192824-2120000016-1004\User: Restrictie <======= AANDACHT GroupPolicyUsers\S-1-5-21-3836464221-2109192824-2120000016-1003\User: Restrictie <======= AANDACHT URLSearchHook: HKLM-x32 - (Geen Naam) - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - Geen bestand URLSearchHook: HKU\S-1-5-21-3836464221-2109192824-2120000016-1000 - (Geen Naam) - {296aa17d-c89e-4242-a5a4-44bfe76914a2} - Geen bestand SearchScopes: HKU\S-1-5-21-3836464221-2109192824-2120000016-1000 -> {1B096755-0CED-44EF-A38D-004BBF6B420D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241951 BHO-x32: Geen Naam -> {11111111-1111-1111-1111-110011341191} -> Geen bestand Toolbar: HKU\S-1-5-21-3836464221-2109192824-2120000016-1000 -> Geen Naam - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Geen bestand Toolbar: HKU\S-1-5-21-3836464221-2109192824-2120000016-1000 -> Geen Naam - {296AA17D-C89E-4242-A5A4-44BFE76914A2} - Geen bestand Toolbar: HKU\S-1-5-21-3836464221-2109192824-2120000016-1000 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP239A156B-AD54-415D-9ACD-150F03C84238 CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP239A156B-AD54-415D-9ACD-150F03C84238" CHR DefaultSearchURL: Default -> hxxp://search.conduit.com/Results.aspx?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP239A156B-AD54-415D-9ACD-150F03C84238&q={searchTerms} CHR DefaultSearchKeyword: Default -> conduit.search CHR DefaultSuggestURL: Default -> hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} CHR Extension: (Best Deals Evaaa) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdlmjkfoidldghacbhdinlbmgpcplpal [2015-05-28] CHR Extension: (suprize) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpibhkfkahcjfaebebkiphgenajknae [2015-04-01] CHR Extension: (Vid-Saver) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc [2013-08-01] [UpdateUrl: hxxps://crossrider.cotssl.net/plugin/chrome/update/3491.xml] <==== AANDACHT CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\Web Cake\WebCakeLayers.crx CHR HKLM-x32\...\Chrome\Extension: [pgmfkblbflahhponhjmkcnpjinenhlnc] - C:\Users\Gebruiker\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx [2012-05-09] C:\Program Files (x86)\Babylon C:\Program Files (x86)\Web Cake C:\Program Files (x86)\globalUpdate C:\Program Files (x86)\Best Deals Evaaa C:\Program Files (x86)\suprize C:\Users\Gebruiker\AppData\Roaming\rbNG5jfvyMDbd9.exe C:\Program Files (x86)\TheTorntv V10 C:\Program Files (x86)\GoforFiles HKU\S-1-5-21-3836464221-2109192824-2120000016-1000\...\ChromeHTML: -> "C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe" -- "%1" <==== AANDACHT Task: {00859F2F-4D4C-453F-8D35-7E49CCA2B80E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT Task: {10D3FC97-488A-435F-9CA0-E8861935E8F6} - System32\Tasks\suprize_notification_service => C:\Program Files (x86)\suprize\suprize_notification_service.exe <==== AANDACHT Task: {2589535F-6F94-438D-9074-B924A25FB4D8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {34C323BB-367B-46FB-A634-FC5A06264220} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {3E913CDD-04AD-4BCF-BBE7-5E509FE5D2E4} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== AANDACHT Task: {4014785E-B2A6-4CDD-8D2E-2CE275B1720A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {4029DF0C-4809-4F68-81BE-B95233CA8DB7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {5068C00C-4E3C-4FB8-B737-2A7649E1CB47} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {5D1CA35E-5A6D-48E2-A1A2-9DAE3900AF79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {827E1266-CC18-42F6-8121-FFC6F55B6D0C} - System32\Tasks\best_deals_evaaa_helper_service => C:\Program Files (x86)\Best Deals Evaaa\best_deals_evaaa_helper_service.exe <==== AANDACHT Task: {8296A711-0FAB-43DD-8160-18013B142574} - System32\Tasks\rbNG5jfvyMDbd9 => C:\Users\Gebruiker\AppData\Roaming\rbNG5jfvyMDbd9.exe <==== AANDACHT Task: {83EC6DE1-0DBB-4F4C-8A7C-2BC83923A0A3} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== AANDACHT Task: {993A58E8-D3C7-404A-A3D8-F1A0E1B385BE} - System32\Tasks\0 => Iexplore.exe <==== AANDACHT Task: {A8C47278-8AB0-4243-AD18-7D5F516335C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {C4EE531D-479E-4AEA-8EDC-08EB2C0779B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {D0BE2BDC-57E2-4853-B33F-5C2057C74F2F} - System32\Tasks\suprize_updating_service => C:\Program Files (x86)\suprize\suprize_updating_service.exe <==== AANDACHT Task: {D36BDA8D-2788-4B8D-AD60-A92B48140F87} - System32\Tasks\4802 => Wscript.exe C:\Users\GEBRUI~1\AppData\Local\Temp\launchie.vbs //B <==== AANDACHT Task: {D743D54B-A264-4597-B93E-FE45DACDCE94} - System32\Tasks\da56c289-7e27-4c74-af89-41850609ac8c-3 => C:\Program Files (x86)\TheTorntv V10\da56c289-7e27-4c74-af89-41850609ac8c-3.exe <==== AANDACHT Task: {DB533FD4-4AA8-4587-A603-6038468CB8D3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT Task: {E3207574-B1A8-4DD9-AB06-D81356F4552C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {F166BE2A-8CE2-4042-97B2-804CB489EB75} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== AANDACHT Task: {F1D3F340-6E28-4A67-8E91-BD8C5285620F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: C:\WINDOWS\Tasks\best_deals_evaaa_helper_service.job => C:\Program Files (x86)\Best Deals Evaaa\best_deals_evaaa_helper_service.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\da56c289-7e27-4c74-af89-41850609ac8c-3.job => C:\Program Files (x86)\TheTorntv V10\da56c289-7e27-4c74-af89-41850609ac8c-3.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\rbNG5jfvyMDbd9.job => C:\Users\Gebruiker\AppData\Roaming\rbNG5jfvyMDbd9.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\suprize_notification_service.job => C:\Program Files (x86)\suprize\suprize_notification_service.exe ǣ/url='hxxp:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='suprize' /appid='73143' /srcid='2913' /bic='6ff47cac36e6a885b681c1128d73cc18' /verifier='38fece6b29b2e0bc12eb27dfae4da6f3' /installerversion='1.50.3.10' /statsdomain='hxxp:/stats.buildomserv.com/data.gif?' /errorsdomain='hxxp:/stats.buildomserv.com/data.gif?' /monetizationdomain='hxxp:/logs.buildomserv.com/monetization.gif <==== AANDACHT Task: C:\WINDOWS\Tasks\suprize_updating_service.job => C:\Program Files (x86)\suprize\suprize_updating_service.exe ¨ /campid=2913 /verid=1 /url=hxxp:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=suprize_updating_service /funurl=hxxp:/stats.buildomserv.com <==== AANDACHT EmptyTemp: end