Start:: CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [] => [X] SearchScopes: HKU\S-1-5-21-1963722985-2058426653-286343921-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10181__181023&q={searchTerms} FF NewTab: Mozilla\Firefox\Profiles\wkfvq53m.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10181__181023 CHR HomePage: Default -> mysearch.avg.com CHR NewTab: Default -> Not-active:"chrome-extension://fncbkmmlcehhipmmofdhejcggdapcmon/newtabproduct.html" CHR Extension: (AVG Secure Search) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-09-21] 2019-03-09 16:48 - 2019-03-09 16:48 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsignb0241410fa2cb415 2019-03-09 16:48 - 2019-03-09 16:48 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign9fc26fde59ab66c3 2019-03-09 16:48 - 2019-03-09 16:48 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign74bcc4eea0562c84 2019-02-22 23:02 - 2019-02-22 23:02 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign66959b778c3ea477 2019-02-22 23:02 - 2019-02-22 23:02 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign423c9b05eadfe985 2019-02-22 23:02 - 2019-02-22 23:02 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign2adbdef82dc23ea3 2019-02-14 21:55 - 2019-02-14 21:55 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign2ca18561d4079884 2019-02-14 21:55 - 2019-02-14 21:55 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign2a5275a28e276b39 2019-02-14 21:55 - 2019-02-14 21:55 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign1b2a52237789c83f 2019-02-14 21:04 - 2019-02-14 21:04 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsigne4bb4ac0b26cd0df 2019-02-14 21:04 - 2019-02-14 21:04 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsigna930fec9afc49586 2019-02-14 21:04 - 2019-02-14 21:04 - 000000000 ____D C:\Users\johan\AppData\Local\Tempzxpsign27966c997152d1fe ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> Geen bestand ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => -> Geen bestand ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> Geen bestand Task: {D23D85F5-3371-48C1-B704-EE6C6E7B8A0D} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT AlternateDataStreams: C:\ProgramData\Spotnet:spn.k [428] AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [182] IE trusted site: HKU\S-1-5-21-1963722985-2058426653-286343921-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1963722985-2058426653-286343921-1001\...\webcompanion.com -> hxxp://webcompanion.com HKU\S-1-5-21-1963722985-2058426653-286343921-1001\...\StartupApproved\Run: => "Web Companion" Hosts: EmptyTemp: End::