start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4515256 2016-04-23] (Microsoft Corporation) <==== AANDACHT
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4515256 2016-04-23] (Microsoft Corporation) <==== AANDACHT
HKU\S-1-5-21-993570033-1949632069-3687839537-1002\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4515256 2016-04-23] (Microsoft Corporation) <==== AANDACHT
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4515256 2016-04-23] (Microsoft Corporation) <==== AANDACHT
SearchScopes: HKU\S-1-5-21-993570033-1949632069-3687839537-1002 -> DefaultScope {D24CD19D-ADF9-401F-8F43-C9DA42928EDA} URL = 
SearchScopes: HKU\S-1-5-21-993570033-1949632069-3687839537-1002 -> DefaultScope {D24CD19D-ADF9-401F-8F43-C9DA42928EDA} URL = 
SearchScopes: HKU\S-1-5-21-993570033-1949632069-3687839537-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EC0819C8-8624-40F5-8098-09A84362790F}&mid=c85ce5809bb747ccb87191c41a986f58-bc0dc493cf9993f1e081cf89e946550f6a71772d&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-12-18 18:30:39&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-993570033-1949632069-3687839537-1002 -> {D24CD19D-ADF9-401F-8F43-C9DA42928EDA} URL = 
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.9\\npsitesafety.dll [Geen bestand]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-05-25] (Enigma Software Group USA, LLC.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-05-25] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-05-25] ()
C:\WINDOWS\System32\Tasks\SpyHunter4Startup
C:\Users\gebruiker\Desktop\SpyHunter.lnk
C:\Users\gebruiker\AppData\Roaming\Enigma Software Group
C:\sh4ldr
C:\autoexec.bat
C:\WINDOWS\system32\Drivers\EsgScanner.sys
C:\Program Files\Enigma Software Group
EmptyTemp:
end