Start:: CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [] => [X] HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Task: {252C2470-AE57-41CB-B2A7-B2E6B1E5588E} - \SpyHunter4Startup -> Geen bestand <==== AANDACHT Task: {DC6440A8-6761-4DBE-BA54-282A9A224301} - \0615pizUpdateInfo -> Geen bestand <==== AANDACHT SearchScopes: HKLM -> DefaultScope waarde ontbreekt SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt Toolbar: HKU\S-1-5-21-4038081757-550974096-142076149-1001 -> Geen Naam - {472734EA-242A-422B-ADF8-83D1E48CC825} - Geen bestand FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [Geen bestand] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand] S2 TomTomHOMEService; "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" [X] S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-08-03] (Enigma Software Group USA, LLC -> ) S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [X] 2019-05-30 19:10 - 2015-07-20 12:40 - 000000000 ____D C:\Users\YpY\AppData\Roaming\IObit C:\Users\YpY\AppData\Local\{97FDA3A6-84FD-493D-BA9D-5CE3CA8CAF70} C:\Users\YpY\AppData\Local\{A4BAB8C5-3FC5-480B-B15E-7EA975A66001} C:\Users\YpY\AppData\Local\{FC7413C4-0425-4CFC-81B4-FD67A7302590} C:\Users\YpY\AppData\Local\{FCA3FA8C-B76B-4D49-809D-0770EC3245CC} CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\YpY\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Geen bestand ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Geen bestand ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand AlternateDataStreams: C:\Windows:nlsPreferences [514] AlternateDataStreams: C:\ProgramData\Temp:1198CD34 [137] AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [136] AlternateDataStreams: C:\ProgramData\Temp:430C6D84 [127] AlternateDataStreams: C:\ProgramData\Temp:5925E400 [286] AlternateDataStreams: C:\ProgramData\Temp:680086AB [174] AlternateDataStreams: C:\ProgramData\Temp:798A3728 [119] AlternateDataStreams: C:\ProgramData\Temp:8173A019 [131] AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [133] AlternateDataStreams: C:\ProgramData\Temp:C46995DA [129] AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 [104] AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4 [147] FirewallRules: [TCP Query User{B94DF15D-566A-4ACA-B019-71F449ED96A8}C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe Geen bestand FirewallRules: [UDP Query User{D0B72366-115F-4D9B-836B-FFC4B539F837}C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe Geen bestand FirewallRules: [TCP Query User{E814A57D-8E0D-4D7B-86E3-B1F25AAA08B7}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe Geen bestand FirewallRules: [UDP Query User{AA77B8FB-055A-4341-8C99-F08E1A61CBB0}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe Geen bestand FirewallRules: [{BF43AF06-9B7F-4C50-8179-EAFC72461956}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe Geen bestand FirewallRules: [{C2762BAC-01F3-4D1E-8AC4-8681A6C0B558}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe Geen bestand FirewallRules: [{0CF7C795-C759-43C3-94DF-963277883FC6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe Geen bestand FirewallRules: [{3DE20183-7930-4E79-9351-AC07F1ABC9C4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe Geen bestand EmptyTemp: End::