Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jwsrtcbr.lnk [2019-05-12]
ShortcutAndArgument: jwsrtcbr.lnk -> C:\Windows\System32\cmd.exe => /c start "" "C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\jwsrtcbr\iechtect.exe"
GroupPolicy: Restrictie ? <==== AANDACHT
Task: {F95160A4-8952-406D-98BC-4CBC75349126} - System32\Tasks\bWSfevFRfSn => C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\bWSfevFRfSn\bWSfevFRfSn.dll",bWSfevFRfSn <==== AANDACHT
2019-05-12 16:26 - 2019-05-12 16:26 - 000016818 _____ C:\WINDOWS\System32\Tasks\bWSfevFRfSn
2019-05-12 16:26 - 2019-02-01 20:54 - 000000000 ____D C:\Program Files (x86)\bWSfevFRfSn
2019-05-12 16:25 - 2019-05-12 16:59 - 000000000 ____D C:\Program Files (x86)\MLeemHqgAGUn
2019-05-12 16:25 - 2019-05-12 16:26 - 000000000 ____D C:\Users\lenovo\AppData\LocalLow\dkFRDFWKRdTlU
2019-05-12 16:24 - 2019-05-12 16:59 - 000000000 ____D C:\Users\lenovo\AppData\Local\App
2019-05-12 16:24 - 2019-05-12 16:59 - 000000000 ____D C:\Program Files (x86)\Trab
2019-05-12 16:24 - 2019-05-12 16:24 - 000722944 _____ C:\Users\lenovo\AppData\Local\sha.db
2019-05-12 16:24 - 2019-05-12 16:24 - 000140800 _____ C:\Users\lenovo\AppData\Local\installer.dat
2019-05-12 16:24 - 2019-05-12 16:24 - 000000000 ____D C:\ProgramData\Pader
2019-05-12 16:24 - 2019-05-12 16:24 - 000000000 ____D C:\ProgramData\{A3453617-0854-7356-2C15-D5FF2CF28CAE}
2019-05-12 16:24 - 2019-05-12 16:24 - 000000000 ____D C:\ProgramData\{147A8F02-B141-C469-39AC-EA48394BB319}
2019-05-12 16:24 - 2019-05-12 16:24 - 000000000 ____D C:\Program Files (x86)\Seed Trade
2019-05-09 09:19 - 2019-05-12 16:34 - 000000000 ____D C:\Program Files (x86)\Safe Online
2019-05-12 16:19 - 2018-12-31 12:05 - 000000000 ____D C:\ProgramData\F-Secure
2019-05-09 10:03 - 2018-12-31 12:05 - 000000000 ____D C:\Users\lenovo\AppData\Local\F-Secure
ShortcutWithArgument: C:\Users\lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
2019-05-12 16:26 - 2019-02-01 20:54 - 002718720 _____ () [Bestand niet getekend] C:\Program Files (x86)\bWSfevFRfSn\bWSfevFRfSn.dl
2019-05-12 16:24 - 2019-05-12 16:24 - 000697856 _____ () [Bestand niet getekend] C:\Program Files (x86)\Google\Chrome\Application\WINMM.dll
IE trusted site: HKU\S-1-5-21-3808283307-1243482618-78075021-1001\...\localhost -> localhost
EmptyTemp:
End::