start:: CreateRestorePoint: CloseProcesses: ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand BHO-x32: YoutubeAdBlock -> {39279EB2-90D3-440E-AFE8-34C55A80922C} -> C:\Program Files (x86)\iCanypfjGIE\k2X5uJk.dll => Geen bestand HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT GroupPolicy: Restrictie - Chrome <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT Task: {1B603F18-8B16-4C31-8557-0F3502D2F3C0} - System32\Tasks\FmlQKFUIsOJUGRw2 => rundll32 "C:\Program Files (x86)\ZAFgvPfvU\RuWNMU.dll",#1 Task: {1BC4CFD4-7B3E-4129-B944-5921262058BD} - System32\Tasks\FriuGGTkRHAbYL => rundll32 "C:\Program Files (x86)\UIuZPIhUFafU2\eRxukWxNNMqUR.dll",#1 Task: {B8C6298E-7088-4EB4-B313-C95AB4F37117} - System32\Tasks\SENaPjFsBEwzYJWgl2 => rundll32 "C:\Program Files (x86)\dDfMVsGHIpKHwiglbAR\XgpwQrU.dll",#1 Task: {EC79D2F6-BF44-4E59-8E7D-F768FE19C319} - System32\Tasks\eOSmWpfQbsnZV2 => C:\Windows\system32\wscript.exe "C:\ProgramData\XwzhRLbgxdtAqMVB\qcYZhKZ.wsf" Task: {EEB7E832-E9DF-4F14-9DA7-F412C17527E5} - System32\Tasks\bfVdUeYceEZsFkwoQbz2 => rundll32 "C:\Program Files (x86)\LsApxKgZVyAKC\kXvAdxo.dll",#1 2021-03-05 11:53 - 2021-03-05 22:34 - 000000000 ____D C:\Users\ACER\AppData\LocalLow\hicKCASADQVAA 2021-03-01 03:06 - 2021-03-06 01:44 - 000003356 _____ C:\Windows\system32\Tasks\FriuGGTkRHAbYL 2021-03-01 03:06 - 2021-03-06 01:44 - 000003044 _____ C:\Windows\system32\Tasks\eOSmWpfQbsnZV2 2021-03-01 03:06 - 2021-03-06 01:44 - 000003034 _____ C:\Windows\system32\Tasks\SENaPjFsBEwzYJWgl2 2021-03-01 03:06 - 2021-03-06 01:44 - 000003026 _____ C:\Windows\system32\Tasks\bfVdUeYceEZsFkwoQbz2 2021-03-01 03:06 - 2021-03-06 01:44 - 000003008 _____ C:\Windows\system32\Tasks\FmlQKFUIsOJUGRw2 2021-03-01 03:06 - 2021-03-06 01:44 - 000000000 ____D C:\ProgramData\XwzhRLbgxdtAqMVB 2021-03-01 03:06 - 2021-03-06 01:44 - 000000000 ____D C:\Program Files (x86)\YtOSJPOIFiUn 2021-03-01 03:06 - 2021-03-06 01:44 - 000000000 ____D C:\Program Files (x86)\UIuZPIhUFafU2 2021-03-01 03:06 - 2021-03-06 01:44 - 000000000 ____D C:\Program Files (x86)\LsApxKgZVyAKC 2021-03-01 03:06 - 2021-03-06 01:44 - 000000000 ____D C:\Program Files (x86)\dDfMVsGHIpKHwiglbAR 2021-03-01 03:05 - 2021-03-06 01:44 - 000000000 ____D C:\Program Files (x86)\ZAFgvPfvU 2021-02-14 15:05 - 2021-02-14 15:05 - 000056553 _____ C:\Users\ACER\AppData\Roaming\fTinfBfDVVjyCQh 2021-02-14 01:50 - 2021-02-14 01:50 - 000056553 _____ C:\Users\ACER\AppData\Roaming\GVtQATrbLbKhNnX 2021-02-14 01:50 - 2021-02-14 01:49 - 000056553 _____ C:\Users\ACER\AppData\Roaming\gNbYBWXsoKvXbyh 2021-02-14 15:05 - 2021-02-14 15:05 - 000056553 _____ () C:\Users\ACER\AppData\Roaming\fTinfBfDVVjyCQh 2021-02-14 01:50 - 2021-02-14 01:49 - 000056553 _____ () C:\Users\ACER\AppData\Roaming\gNbYBWXsoKvXbyh 2021-02-14 01:50 - 2021-02-14 01:50 - 000056553 _____ () C:\Users\ACER\AppData\Roaming\GVtQATrbLbKhNnX 2021-02-12 23:30 - 2021-02-12 23:30 - 000056553 _____ () C:\Users\ACER\AppData\Roaming\heWmtlHFudFmtpU 2021-02-19 19:30 - 2021-02-19 19:29 - 000056553 _____ () C:\Users\ACER\AppData\Roaming\ilJpoLJTFcicohv EmptyTemp: Reboot: end::