start CreateRestorePoint: Hosts: CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> geen bestandpad Task: {C49DBE9C-BFE4-4FEE-8F61-763A910E02C5} - System32\Tasks\{97DB51F5-7C9B-4000-BFAB-DBEC7A2D3017} => C:\Windows\system32\pcalua.exe -a "C:\Users\thuis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QL6E4Q84\JavaSetup8u121.exe" -d C:\Users\thuis\Desktop ContextMenuHandlers1: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers6: [_MovaviSuite10] -> {9D700AB0-33CE-4ab3-BD66-3A73CC2CEDE3} => -> Geen bestand FirewallRules: [{37BAA338-DCE4-481B-A413-8AC86C28EF60}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{E4487E25-B7E7-4606-9A39-AE52743A8E2D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe C:\Program Files\KMSpico Task: {E11BE4E1-DF43-4602-B2A2-4F2D0CB12055} - System32\Tasks\{84C45012-00B2-4FCA-93BB-5196E403BD7B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\F-Secure\Uninstall\fsuninst.exe" -c /UninstRegKey:"F-Secure Anti-Virus" C:\Program Files\F-Secure HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3651363734-1596917187-1413340531-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?ktonyde SearchScopes: HKU\S-1-5-21-3651363734-1596917187-1413340531-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = FF Extension: (Geen Naam) - C:\Program Files\McAfee\SiteAdvisor\e10ssaffplg.xpi [niet gevonden] C:\Program Files\McAfee CHR Profile: C:\Users\thuis\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-08-18] <==== AANDACHT S4 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG U3 aswbdisk; geen ImagePath 2017-09-21 14:51 - 2016-12-19 16:15 - 000000000 ____D C:\ProgramData\McAfee (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe C:\Program Files\Bitdefender (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe C:\Program Files\Bitdefender Agent GroupPolicy: Restrictie ? <==== AANDACHT 2017-09-23 01:37 - 2017-10-05 09:50 - 000000346 _____ C:\Windows\Tasks\DriverToolkit Autorun.job 2017-09-23 00:26 - 2017-09-23 21:42 - 000000000 ____D C:\Program Files\DriverToolkit 2017-09-23 00:26 - 2017-09-23 00:26 - 000000000 ____D C:\Users\thuis\AppData\Local\DriverToolkit Task: {40462C31-4578-491E-A78D-32DD40C190D2} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe 2017-09-16 20:41 - 2017-09-16 20:41 - 000000000 ____D C:\Users\thuis\AppData\Roaming\AVAST Software 2017-09-16 20:36 - 2017-09-16 20:36 - 000000000 ____D C:\Program Files\AVAST Software 2017-09-21 14:51 - 2017-05-18 13:36 - 000000000 ____D C:\ProgramData\AVAST Software 2017-09-21 14:51 - 2016-12-19 16:15 - 000000000 ____D C:\ProgramData\McAfee EmptyTemp: end