Start:: CreateRestorePoint: CloseProcesses: GroupPolicy: Restrictie ? <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE Task: {3E06CCC2-BA1E-4802-A877-967BB702F3EA} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {EAB32ADA-42B9-4A1F-A229-5F7303C98DFB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe U1 aswbdisk; geen ImagePath U1 avgbdisk; geen ImagePath 2021-04-17 02:17 - 2021-04-17 02:17 - 000000000 ____D C:\ProgramData\RogueKiller 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2021-04-14 11:14 - 2021-04-14 11:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2021-03-27 23:16 - 2021-03-30 18:55 - 000000000 ____D C:\Program Files (x86)\Panda Security 2021-03-27 23:16 - 2021-03-30 18:54 - 000000000 ____D C:\Users\flami\AppData\Roaming\Panda Security 2021-03-27 23:14 - 2021-03-30 18:54 - 000000000 ____D C:\ProgramData\Panda Security 2021-04-17 06:09 - 2017-12-05 11:35 - 000000000 ____D C:\Program Files\CCleaner 2021-03-21 14:33 - 2017-12-05 10:43 - 000000000 ____D C:\ProgramData\AVAST Software 2021-03-20 18:45 - 2021-01-20 21:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software AV: BullGuard Antivirus (Disabled - Out of date) {29B419CF-9052-C34D-7F2F-5A507C45FA59} AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AS: BullGuard Antispyware (Enabled - Up to date) {B73BE81F-4345-B6C3-E5AB-80F647E9AA59} FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F} FW: BullGuard Firewall (Enabled) {118F98EA-DA3D-C215-5470-F3658296BD22} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => -> Geen bestand ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Geen bestand ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Geen bestand ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers2: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} => -> Geen bestand ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Geen bestand ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Geen bestand ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers4: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} => -> Geen bestand ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers6: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} => -> Geen bestand HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" BHO-x32: Geen Naam -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Geen bestand FirewallRules: [TCP Query User{962D5A21-5486-471B-8C0E-B5A4A02D44FB}G:\portableapps\delugeportable\app\deluge\deluge.exe] => (Allow) G:\portableapps\delugeportable\app\deluge\deluge.exe => Geen bestand FirewallRules: [UDP Query User{5DFEC417-EF36-4D8D-86E9-A2D6AA7BF307}G:\portableapps\delugeportable\app\deluge\deluge.exe] => (Allow) G:\portableapps\delugeportable\app\deluge\deluge.exe => Geen bestand Hosts: EmptyTemp: Reboot: End::