Start:: CreateRestorePoint: CloseProcesses: HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [Advanced SystemCare 12] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto SearchScopes: HKU\S-1-5-21-752935264-2207249693-1250420677-1001 -> {49AA4A95-9DDE-4EF6-8C8B-89AB3C896A5B} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => Geen bestand BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll => Geen bestand FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [niet gevonden] FF user.js: detected! => C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\user.js [2018-11-20] CHR NewTab: Default -> Not-active:"chrome-extension://dnckbjbhoclehoieokgiecdiakbaoodg/newtabproduct.html", Not-active:"chrome-extension://emilpohamjafokgdhoggckjldbpkbhlh/newtabproduct.html", Not-active:"chrome-extension://gnmjknmalpknlmhpbfmnidbgkncebohg/newtabproduct.html", Active:"chrome-extension://fmgkbbgmfadinoembkciofacghellcmj/newtabproduct.html", Active:"chrome-extension://icbhbegbnafpiiaomogcddhhjpijpikp/newtabproduct.html", Active:"chrome-extension://jhmonpjmhgcjcacmnipddbdlphindcpn/newtabproduct.html", Not-active:"chrome-extension://dhjghcdeopofofdgnmfcnmgmfmbplpmm/newtabproduct.html", Not-active:"chrome-extension://nladljmabboanhihfkjacnnkgjhnokhj/new-tab.html", Not-active:"chrome-extension://ikecjjeekejbjbibeaogbfcpplilghbb/newtab/newtab.html" CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx S2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X] S2 Dashlane Upgrade Service; "C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe" [X] S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X] S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X] U3 aswbdisk; geen ImagePath S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [X] S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [X] S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X] 2019-02-02 10:28 - 2017-05-05 10:05 - 000000000 ____D C:\Program Files (x86)\IObit 2019-02-02 10:27 - 2017-05-05 10:06 - 000000000 ____D C:\ProgramData\ProductData 2019-02-02 10:27 - 2017-05-05 10:05 - 000000000 ____D C:\Users\Willem Blaas\AppData\LocalLow\IObit 2019-02-02 10:25 - 2018-03-11 14:57 - 000000000 ____D C:\Program Files (x86)\EaseUS 2019-02-02 10:25 - 2017-08-29 16:42 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\IIIQF ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Geen bestand ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> Geen bestand ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Geen bestand Task: {1D84216E-6993-46E9-8B7B-2471DDB45F4A} - System32\Tasks\Opera scheduled Autoupdate 1509374158 => C:\Users\Willem Blaas\AppData\Local\Programs\Opera\launcher.exe Task: {7959CE97-E4F4-4EB2-A0D0-966D6AD55A47} - System32\Tasks\ASC12_SkipUac_Willem Blaas => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: {AFF85724-67A1-46FC-89CA-6818C3184265} - System32\Tasks\Uninstaller_SkipUac_Willem_Blaas => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {BE4489DE-5050-4A3D-B4BF-441141A87078} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\localhost -> localhost FirewallRules: [{17B8503D-CA2F-4EF0-912C-64A3A221781C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe Geen bestand FirewallRules: [{96329045-2D9E-4126-9FCE-EBBEFD5733A0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe Geen bestand Hosts: EmptyTemp: End::