start
CreateRestorePoint:
CustomCLSID: HKU\S-1-5-21-1719932567-3506215398-4039828936-1000_Classes\CLSID\{0358B920-0AC7-461F-98F4-58E32CD89148}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-1719932567-3506215398-4039828936-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32 -> geen bestandpad
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> Geen bestand
Task: {3452D27C-5BD3-4482-A862-BC1817FB9963} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {36A67A99-78B7-43A7-B222-AD5792092B24} - System32\Tasks\{25C208E2-4624-410A-A468-AA488A573A0B} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\SharkManCoupon\SharkManCoupon.exe -c /progname=SharkManCoupon /progver=3.4.2 /progpub=SharkManCoupon /proguninstallurl=asdahjka.com /deleteappfolder=0 /deletefile1="C:\Users\Herman\AppData\RoamingappdataFr2.bin" /VERYSILENT
C:\Program Files\AVG
C:\ProgramData\SharkManCoupon
Task: {65166F5B-F896-4FDA-A39B-1284BC7C8BB5} - System32\Tasks\HermanLogjamFretworkV2 => rundll32.exe TabourAkvavits.dll,main 7 1 <==== AANDACHT
Task: {69ED3636-52F3-4B70-9490-69FB89A54FBB} - System32\Tasks\Driver Booster SkipUAC (Herman) => C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
C:\Program Files\IObit
Task: {7635CF57-F1C9-4695-8C2A-E04A836391A8} - System32\Tasks\{63FD4F34-9E64-4F28-BD0D-526C67F0CA9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Herman\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {8B1EC6BF-CB97-43D1-82C9-C960AA8339FB} - System32\Tasks\{383BAAF0-F20D-4743-ADE8-C56A0656E988} => C:\Windows\system32\pcalua.exe -a C:\Users\Herman\Downloads\MP10Setup.exe -d C:\Users\Herman\Downloads
Task: {E3FAE97D-1DB4-4B5E-89C9-50457E682956} - \{5A180A8D-7E2C-94BE-2921-F994E5CA3D7F} -> Geen bestand <==== AANDACHT
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
FirewallRules: [TCP Query User{6A92BBD5-759A-435D-84EC-D5DC8D6DDB48}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{A26D3632-CB09-4A22-8223-7468464572CB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
C:\windows\kmsemulator.exe
FirewallRules: [{617A9FF6-FFA7-4378-907C-320966B03916}] => (Allow) C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{D4F3D6E7-D5D1-48F8-B612-B4E58C126FFE}] => (Allow) C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
GroupPolicyUsers\S-1-5-21-1719932567-3506215398-4039828936-1001\User: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
EmptyTemp:
end