start CreateRestorePoint: CustomCLSID: HKU\S-1-5-21-730165294-666571360-1919093666-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Fontaine\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-730165294-666571360-1919093666-1002_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Fontaine\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-730165294-666571360-1919093666-1002_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Fontaine\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-730165294-666571360-1919093666-1002_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Fontaine\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-730165294-666571360-1919093666-1002_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Fontaine\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand Task: {51490FFE-7EDD-486F-93D8-42D28C9C9C45} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe C:\Program Files\KMSpico Task: {F76A8000-17E2-4EE0-9E94-2A40C0D16D11} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe C:\Windows\AutoKMS AlternateDataStreams: C:\ProgramData\TEMP:972E3A44 [127] AlternateDataStreams: C:\ProgramData\TEMP:B56E7461 [133] HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" FirewallRules: [{2BE485D2-95E6-453A-A945-E8291E3BB682}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{7972BB85-A9ED-4F6C-88EF-6AD7240F0F6E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{EE5019E0-2CEA-4367-B053-89D3D290FF35}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{C0ED2608-31D4-4E45-960C-09824964BE1C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{B9B9B329-C05F-4651-80F2-0D67472921FD}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{60C1033D-2683-4BE5-B415-6B8DDEDEDBB5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{516AB081-3FB4-4474-9982-3296692D87B4}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{4C83477E-6A89-4A99-B564-F10D835AB7BD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{6CCA038C-CBD5-4273-8FD6-79337F92319F}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{F02DBBB9-B53E-4C6B-97E6-3A5D46D91AD9}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{28100C55-79AE-42A2-9102-60A48EB529B6}] => (Allow) C:\tmp\AeroAdmin.exe FirewallRules: [{6476041B-CAC2-4B26-B1EB-955B014B26C4}] => (Allow) C:\tmp\AeroAdmin.exe CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT SearchScopes: HKU\S-1-5-21-730165294-666571360-1919093666-1002 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=AA2pLyxixgXlXW0OYXQjUBQwpJY?q={searchTerms} SearchScopes: HKU\S-1-5-21-730165294-666571360-1919093666-1002 -> {E17F705D-26DA-46C2-BEFF-E4DC365F91D3} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit) 2018-03-03 12:08 - 2018-03-03 12:20 - 000002966 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2017-11-14 09:08 - 2017-11-14 09:08 - 007649280 _____ () C:\Program Files (x86)\GUT61E.tmp EmptyTemp: end