Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Possible spyware infection with regard to extortion e-mail

This is a discussion on Possible spyware infection with regard to extortion e-mail within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hello, Thank you for taking the time to read my post. I have posted this issue because I received an


Like Tree8Likes
  • 1 Post By iMacg3
  • 1 Post By iMacg3
  • 1 Post By iMacg3
  • 1 Post By iMacg3
  • 1 Post By iMacg3
  • 1 Post By iMacg3
  • 1 Post By iMacg3
  • 1 Post By iMacg3
 
 
Thread Tools Search this Thread
Old 05-21-2019, 12:05 AM   #1
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Hello,

Thank you for taking the time to read my post.
I have posted this issue because I received an e-mail that mentioned in the e-mail subject description a standard password I have used for non-important/non-personal websites.
It is not the password for the e-mail account that this mail arrived in.
Furthermore the mail had been immediately directed by Outlook to the spam folder.

I did not open the e-mail but was able to read its content through 'immersive reader' in Outlook mail.
The sender claimed to have installed spyware which they called 'Remote Administration Tool' on my computer and demanded a Bitcoin payment.
I have not responded to or opened this mail and it could well be a false threat but I want to be sure there are no infections of any kind on my computer.

I have used Malwarebytes and Avast to scan my computer and neither have found anything.
At the moment I do not have access to a Windows install disc or Boot CD.
Farbar FRST automatically detailed the scan results in the Dutch language because my Windows version is in Dutch.
I can translate the Dutch parts if this is helpful but have not changed anything about the FRST texts.
I could not find a method to get an English version of the FRST scan results.
If any additional information is needed please let me know.
Any help in this matter is greatly appreciated.

Best regards

Freeman

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19-05.2019
Gestart door Cyrus (Beheerder) op CYRUS-PC (Hewlett-Packard HP ProBook 6550b) (21-05-2019 08:11:51)
Gestart vanaf C:\Users\Cyrus\Downloads
Geladen Profielen: Cyrus (Beschikbare Profielen: Cyrus)
Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(ProtonVPN AG -> The OpenVPN Project) C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\openvpn.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [3496552 2019-01-18] (ProtonVPN AG -> )
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {a2699854-cb1b-11e4-ab6a-1cc1deba4627} - F:\LaunchU3.exe -a
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {ba2354fb-1775-11e5-9c09-002682cb0651} - I:\LaunchU3.exe -a
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Bestand niet getekend]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-17] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe [2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restrictie ? <==== AANDACHT
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0418015B-484D-4306-8FD5-AA2B439E07E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {14CD6672-DBD8-4D3C-8F63-514D0F47E1C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1968C0AB-B7E4-4246-9F97-453EFABEB924} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {20B90F86-E818-4991-9201-3CE50FDFA75B} - System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {21214F4D-4216-4280-98A9-86E906604891} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-21] (Adobe Inc. -> Adobe)
Task: {230DE84C-C
Attached Files
File Type: txt Addition.txt (43.9 KB, 8 views)
Freeman 74 is offline  
Sponsored Links
Advertisement
 
Old 05-21-2019, 09:28 AM   #2
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Welcome.


These types of emails are scams. Often, the login information the "hacker" has collected are from password dumps. Therefore, make sure you change passwords to your online accounts as soon as possible.
This doesn't necessarily mean your computer is infected, but we can check for malware.


--------------------------


The FRST.txt log is incomplete. Please try to copy and paste it again.

If needed, you can attach the file to your post.
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-21-2019, 09:27 PM   #3
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3 View Post
Welcome.


These types of emails are scams. Often, the login information the "hacker" has collected are from password dumps. Therefore, make sure you change passwords to your online accounts as soon as possible.
This doesn't necessarily mean your computer is infected, but we can check for malware.


--------------------------


The FRST.txt log is incomplete. Please try to copy and paste it again.

If needed, you can attach the file to your post.
Hello!

Thank you for your response and your willingness to help.
I figured as much that this was most probably a scam however I also honour that life proven motto "Better safe than sorry"
I have pasted the entire FRST.text and attached the FRST.txt file.
Hope that helps and thanks again!


Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19-05.2019
Gestart door Cyrus (Beheerder) op CYRUS-PC (Hewlett-Packard HP ProBook 6550b) (21-05-2019 08:11:51)
Gestart vanaf C:\Users\Cyrus\Downloads
Geladen Profielen: Cyrus (Beschikbare Profielen: Cyrus)
Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(ProtonVPN AG -> The OpenVPN Project) C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\openvpn.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [3496552 2019-01-18] (ProtonVPN AG -> )
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {a2699854-cb1b-11e4-ab6a-1cc1deba4627} - F:\LaunchU3.exe -a
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {ba2354fb-1775-11e5-9c09-002682cb0651} - I:\LaunchU3.exe -a
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Bestand niet getekend]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-17] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe [2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restrictie ? <==== AANDACHT
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0418015B-484D-4306-8FD5-AA2B439E07E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {14CD6672-DBD8-4D3C-8F63-514D0F47E1C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1968C0AB-B7E4-4246-9F97-453EFABEB924} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {20B90F86-E818-4991-9201-3CE50FDFA75B} - System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {21214F4D-4216-4280-98A9-86E906604891} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-21] (Adobe Inc. -> Adobe)
Task: {230DE84C-CB90-47B8-9BF9-76F6FBB6637C} - System32\Tasks\Opera scheduled Autoupdate 1518672505 => C:\Users\Cyrus\AppData\Local\Programs\Opera\launcher.exe
Task: {24DF4853-7C4F-4747-9278-1B3CD07D4026} - System32\Tasks\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe"
Task: {28870262-4D4D-477B-8FA1-308F1104CC68} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {29D97842-5761-4993-9F4C-1B76CC8903C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3823D322-380F-4F3B-8534-E0790ED6346C} - System32\Tasks\SafeZone scheduled Autoupdate 1450500467 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {38362699-AB6E-4308-9A67-ABB184B82203} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {38478226-A144-4F60-8C9D-8165E2D9AD96} - System32\Tasks\{BC33E841-6506-4DA6-A808-BDFCA615BDE4} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {3D481972-346A-4794-9ED5-48C98955F60B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {4ACEFCCE-6425-44DF-B92E-2ACC9B8093CE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {5ABC6413-42A4-4900-BF82-1AF9F8755D77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-21] (Adobe Inc. -> Adobe)
Task: {5ADA18BD-E127-40F1-9F6D-F546175F377C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7F493C7C-ED5D-4061-8E57-1629C9B48255} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8FE41292-3BC0-4C4A-818D-E7ED1F817DAF} - System32\Tasks\{02834E93-F326-4B60-A5B5-CCA273383C62} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {9F9F06E3-DA46-4147-8780-43B6D6AB26F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A84D4B95-588A-425D-A798-D54360C1A5B9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {A8DA894C-51B1-4905-8A49-9DD6F198C644} - System32\Tasks\{B17C0A78-E3B1-48F2-B706-71509C876C88} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {AB5B936F-3C06-4E34-B3B9-944131B9695A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BC599FB8-CD21-48DD-A092-51A6739F1826} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDC9433F-78DF-4D3E-BC63-330C93D5629B} - System32\Tasks\{DC18974D-AD7D-45D6-9C26-8867C3A58606} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\YouTubeDownloaderSetup.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D428AADD-47CE-4423-B629-E2D8CF2680EC} - System32\Tasks\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\jre-8u161-windows-i586.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D65D77FA-B79F-4B1B-8C7E-06F531849F71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19} - System32\Tasks\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {F5E38FBF-9EC6-4886-A94B-1E4742FEFEF8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{099FA401-20C1-42DB-89D9-AEBCFC8B12FD}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{4FC7BA06-AA84-4F4D-96F7-70B016F65490}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{52B20561-CA16-47BB-96C0-8B7F710BE443}: [DhcpNameServer] 10.8.8.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.178.13,1]

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-159908599-3065275909-1581543870-1000 -> {97B5D29E-3D15-4DE8-916B-D2B303729F07} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
BHO: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
BHO-x32: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default [2019-05-21]
FF Extension: (German Dictionary) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (British English Dictionary (Updated)) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2015-01-07] [Verouderd] [niet getekend]
FF Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-08] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (English (GB) Language Pack) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-21]
FF Extension: (Woordenboek Nederlands) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-02-16]
FF Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-14]
FF Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-08-25]
FF Extension: (Sky Clouds) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\{894e43ef-fcf9-4e64-8ecb-d7b0f053b89b}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\imdb.xml [2015-06-21]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\videos-zoeken-op-youtube.xml [2015-06-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-19] [Verouderd] [niet getekend]
FF Plugin: @Adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin: @Java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
CHR DefaultSearchKeyword: Default -> bing.com_
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default [2019-05-21]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Splendid) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-05-17]
CHR Extension: (Google Search) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-14]
CHR Extension: (Streamus) - C:\Users\Cyrus\Downloads\Various Program Downloads\StreamusChromeExtension-Development\src [2017-02-05]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-21]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-21]
CHR Extension: (Slides) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-29]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-29]
CHR Extension: (Avast SafePrice) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-29]
CHR Extension: (Sheets) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-29]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-29]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-29]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <niet gevonden>

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6809992 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [Bestand niet getekend]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Bestand niet getekend]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Bestand niet getekend]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [85096 2019-01-18] (ProtonVPN AG -> )
R2 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [1687360 2011-04-29] (Qualcomm Inc -> QUALCOMM, Inc.)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225096 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385640 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [8071888 2014-02-06] (Broadcom Corporation -> Broadcom Corporation)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-30] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win7\ProtonVPNSplitTunnelCalloutDriver.Sys [39352 2018-10-04] (ProtonVPN AG -> )
R3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcombushp; C:\Windows\System32\DRIVERS\qcombushp.sys [160328 2011-04-29] (MCCI Corporation -> MCCI)
R3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [444416 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [230784 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [73728 2012-07-20] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe64.sys [54784 2012-07-31] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-05-21] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [35768 2018-06-01] (ProtonVPN AG -> The OpenVPN Project)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-05-21 08:11 - 2019-05-21 08:12 - 000039691 _____ C:\Users\Cyrus\Downloads\FRST.txt
2019-05-21 08:10 - 2019-05-21 08:11 - 000000000 ____D C:\FRST
2019-05-21 08:04 - 2019-05-21 08:05 - 002435072 _____ (Farbar) C:\Users\Cyrus\Downloads\FRST64.exe
2019-05-21 06:19 - 2019-05-21 06:19 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-21 02:16 - 2019-05-21 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2019-05-15 07:21 - 2019-05-15 07:21 - 000158876 _____ C:\Users\Cyrus\1546729904.pdf
2019-05-09 04:17 - 2019-05-09 04:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-05-09 04:15 - 2019-05-11 02:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-05-07 21:51 - 2019-05-07 21:51 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-05-07 21:51 - 2019-05-07 21:51 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-05-07 21:51 - 2019-05-07 21:51 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-05-07 21:51 - 2019-05-07 21:51 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-04-29 22:33 - 2019-04-29 22:33 - 000000904 _____ C:\Users\Cyrus\Mijn documenten - Snelkoppeling.lnk
2019-04-24 16:31 - 2019-05-09 09:56 - 000000000 ____D C:\Users\Cyrus\AppData\Local\ProtonVPN
2019-04-24 16:31 - 2019-04-24 16:34 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-04-24 16:31 - 2019-04-24 16:31 - 000000000 ____D C:\Users\Cyrus\AppData\Local\IsolatedStorage
2019-04-24 16:31 - 2019-04-24 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2019-04-24 16:30 - 2019-04-24 16:32 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\ProtonVPN AG
2019-04-24 16:30 - 2019-04-24 16:31 - 000000000 ____D C:\Program Files (x86)\Proton Technologies

==================== Een maand (gewijzigd) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-05-21 08:06 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-21 08:06 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-21 08:04 - 2010-11-21 18:48 - 000745674 _____ C:\Windows\system32\perfh013.dat
2019-05-21 08:04 - 2010-11-21 18:48 - 000153594 _____ C:\Windows\system32\perfc013.dat
2019-05-21 08:04 - 2009-07-14 07:13 - 001669560 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-21 08:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-21 08:01 - 2014-11-07 14:38 - 000000000 ____D C:\Windows\pss
2019-05-21 07:59 - 2018-12-25 04:36 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-05-21 07:59 - 2018-12-25 04:36 - 000002908 _____ C:\Windows\System32\Tasks\Avast Driver Updater Startup
2019-05-21 07:59 - 2018-12-25 04:36 - 000000482 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-05-21 07:59 - 2017-11-30 10:28 - 000000000 ____D C:\Users\Cyrus\AppData\Local\AVAST Software
2019-05-21 07:58 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\Program Files (x86)\iMobie
2019-05-21 07:53 - 2016-11-19 21:57 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\Mozilla
2019-05-21 07:52 - 2014-11-23 13:17 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\uTorrent
2019-05-21 06:56 - 2018-03-12 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-21 06:53 - 2015-06-24 09:04 - 000000000 ____D C:\Users\Cyrus\Downloads\Video Downloads
2019-05-21 06:38 - 2018-03-13 16:40 - 000004574 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-21 06:38 - 2015-02-07 12:32 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-21 06:38 - 2014-11-07 13:24 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-21 06:38 - 2014-11-07 13:24 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-21 06:37 - 2017-11-04 23:30 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\Program Files\7-Zip
2019-05-21 06:19 - 2019-02-16 05:28 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 06:19 - 2019-01-17 09:12 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-21 06:19 - 2017-11-17 06:42 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 06:19 - 2017-03-06 08:39 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-21 06:19 - 2016-03-24 08:09 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000385640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 06:18 - 2019-01-18 05:45 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 02:16 - 2018-12-25 04:36 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2019-05-21 02:16 - 2018-12-25 04:36 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2019-05-20 12:46 - 2019-03-25 07:27 - 000000000 ____D C:\Users\Cyrus\AppData\Local\BitTorrentHelper
2019-05-20 12:46 - 2016-12-11 17:39 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\uTorrent
2019-05-17 11:31 - 2015-07-06 19:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-17 04:51 - 2014-11-04 18:11 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-15 20:50 - 2018-08-11 05:04 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-15 20:50 - 2015-12-03 23:31 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-15 20:50 - 2015-05-12 23:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-15 20:50 - 2014-11-04 18:10 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 20:50 - 2014-11-04 18:10 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 19:22 - 2014-11-04 16:34 - 000000000 ____D C:\Users\Cyrus
2019-05-15 11:22 - 2016-03-05 19:11 - 000000000 ____D C:\Users\Cyrus\Documents\Administration
2019-05-15 09:07 - 2015-05-13 19:33 - 001711616 ___SH C:\Users\Cyrus\Thumbs.db
2019-05-14 10:43 - 2014-11-06 14:56 - 000000000 ____D C:\Users\Cyrus\Documents\Real Estate Files
2019-05-13 10:48 - 2015-01-06 20:35 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\vlc
2019-05-11 02:36 - 2014-11-06 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-09 04:17 - 2015-07-06 13:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-29 05:16 - 2014-11-06 14:28 - 000000000 ___RD C:\Users\Cyrus\Mijn E-Books
2019-04-26 05:14 - 2014-11-08 12:35 - 000000000 ___RD C:\Users\Cyrus\Dropbox
2019-04-25 05:21 - 2019-04-12 22:51 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-24 16:29 - 2015-06-23 18:32 - 000000000 ___RD C:\Users\Cyrus\Downloads\Various Program Downloads

==================== Bestanden in de root van sommige mappen =======

2018-05-10 23:03 - 2018-05-10 23:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{0C6CEF6A-4C67-446A-9185-3E389C2A9937}
2016-03-18 20:33 - 2016-03-18 20:33 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{3F7A8604-AE4C-48CC-8DE3-5436C87DBCAF}
2018-05-09 22:47 - 2018-05-09 22:47 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5D783E79-54F5-4F5B-9D89-19DC92361B7B}
2018-09-06 09:03 - 2018-09-06 09:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5E9DC202-884D-4004-B13D-12CDF6362C94}
2018-05-09 22:46 - 2018-05-09 22:46 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{ADE39A0E-30B6-47B5-9D7A-4C9E25507F99}
2018-06-11 22:39 - 2018-06-11 22:39 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{B944A365-1653-4F78-A66F-5A3191C4DD10}

==================== SigCheck ===============================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


LastRegBack: 2019-05-13 08:05
==================== Einde van FRST.txt ============================
Attached Files
File Type: txt FRST.txt (48.4 KB, 5 views)
Freeman 74 is offline  
Sponsored Links
Advertisement
 
Old 05-22-2019, 06:19 PM   #4
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi,


Is your copy of Microsoft Office properly activated?
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-22-2019, 09:49 PM   #5
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3 View Post
Hi,


Is your copy of Microsoft Office properly activated?
Hello,

Apparently it was not properly activated.
Since I hardly ever use Microsoft Office, I have now deinstalled it and installed Open Office instead.
Should I run a FRST scan again now?
Freeman 74 is offline  
Old 05-23-2019, 08:03 AM   #6
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi,


Yes, please run a new FRST scan:


  • Right-click FRST/FRST64 and select Run as Administrator.
  • Ensure Addition.txt is checked and click Scan.
  • Once the scan is complete, click OK to the "Scan Complete" message box and OK to the Addition.txt box.
  • Two reports will be open in Notepad.
  • Copy and paste their contents into your next reply.
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-23-2019, 11:15 PM   #7
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3 View Post
Hi,


Yes, please run a new FRST scan:


  • Right-click FRST/FRST64 and select Run as Administrator.
  • Ensure Addition.txt is checked and click Scan.
  • Once the scan is complete, click OK to the "Scan Complete" message box and OK to the Addition.txt box.
  • Two reports will be open in Notepad.
  • Copy and paste their contents into your next reply.
Hello again,

Here are the requested texts:

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19-05.2019
Gestart door Cyrus (Beheerder) op CYRUS-PC (Hewlett-Packard HP ProBook 6550b) (24-05-2019 07:54:12)
Gestart vanaf C:\Users\Cyrus\Downloads
Geladen Profielen: Cyrus (Beschikbare Profielen: Cyrus)
Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5461312 2019-05-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [3727160 2019-04-24] (ProtonVPN AG -> )
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {a2699854-cb1b-11e4-ab6a-1cc1deba4627} - F:\LaunchU3.exe -a
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {ba2354fb-1775-11e5-9c09-002682cb0651} - I:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Bestand niet getekend]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe [2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restrictie ? <==== AANDACHT
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0418015B-484D-4306-8FD5-AA2B439E07E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {14CD6672-DBD8-4D3C-8F63-514D0F47E1C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1968C0AB-B7E4-4246-9F97-453EFABEB924} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {20B90F86-E818-4991-9201-3CE50FDFA75B} - System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {21214F4D-4216-4280-98A9-86E906604891} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-21] (Adobe Inc. -> Adobe)
Task: {230DE84C-CB90-47B8-9BF9-76F6FBB6637C} - System32\Tasks\Opera scheduled Autoupdate 1518672505 => C:\Users\Cyrus\AppData\Local\Programs\Opera\launcher.exe
Task: {24DF4853-7C4F-4747-9278-1B3CD07D4026} - System32\Tasks\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe"
Task: {28870262-4D4D-477B-8FA1-308F1104CC68} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {29D97842-5761-4993-9F4C-1B76CC8903C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3823D322-380F-4F3B-8534-E0790ED6346C} - System32\Tasks\SafeZone scheduled Autoupdate 1450500467 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {38362699-AB6E-4308-9A67-ABB184B82203} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {38478226-A144-4F60-8C9D-8165E2D9AD96} - System32\Tasks\{BC33E841-6506-4DA6-A808-BDFCA615BDE4} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {3D481972-346A-4794-9ED5-48C98955F60B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {4ACEFCCE-6425-44DF-B92E-2ACC9B8093CE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {5ABC6413-42A4-4900-BF82-1AF9F8755D77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-21] (Adobe Inc. -> Adobe)
Task: {5ADA18BD-E127-40F1-9F6D-F546175F377C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7F493C7C-ED5D-4061-8E57-1629C9B48255} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8FE41292-3BC0-4C4A-818D-E7ED1F817DAF} - System32\Tasks\{02834E93-F326-4B60-A5B5-CCA273383C62} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {9F9F06E3-DA46-4147-8780-43B6D6AB26F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A84D4B95-588A-425D-A798-D54360C1A5B9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {A8DA894C-51B1-4905-8A49-9DD6F198C644} - System32\Tasks\{B17C0A78-E3B1-48F2-B706-71509C876C88} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {AB5B936F-3C06-4E34-B3B9-944131B9695A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BC599FB8-CD21-48DD-A092-51A6739F1826} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDC9433F-78DF-4D3E-BC63-330C93D5629B} - System32\Tasks\{DC18974D-AD7D-45D6-9C26-8867C3A58606} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\YouTubeDownloaderSetup.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D428AADD-47CE-4423-B629-E2D8CF2680EC} - System32\Tasks\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\jre-8u161-windows-i586.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D65D77FA-B79F-4B1B-8C7E-06F531849F71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19} - System32\Tasks\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT
Task: {F5E38FBF-9EC6-4886-A94B-1E4742FEFEF8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{099FA401-20C1-42DB-89D9-AEBCFC8B12FD}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{4FC7BA06-AA84-4F4D-96F7-70B016F65490}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.178.13,1]

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-159908599-3065275909-1581543870-1000 -> {97B5D29E-3D15-4DE8-916B-D2B303729F07} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default [2019-05-23]
FF Extension: (German Dictionary) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (British English Dictionary (Updated)) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2015-01-07] [Verouderd] [niet getekend]
FF Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-08] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (English (GB) Language Pack) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-21]
FF Extension: (Woordenboek Nederlands) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-02-16]
FF Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-14]
FF Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-21]
FF Extension: (Sky Clouds) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\{894e43ef-fcf9-4e64-8ecb-d7b0f053b89b}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\imdb.xml [2015-06-21]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\videos-zoeken-op-youtube.xml [2015-06-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-19] [Verouderd] [niet getekend]
FF Plugin: @Adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin: @Java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
CHR DefaultSearchKeyword: Default -> bing.com_
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default [2019-05-23]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Splendid) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-05-17]
CHR Extension: (Google Search) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (Streamus) - C:\Users\Cyrus\Downloads\Various Program Downloads\StreamusChromeExtension-Development\src [2017-02-05]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-21]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-21]
CHR Extension: (Slides) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-29]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-29]
CHR Extension: (Avast SafePrice) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-29]
CHR Extension: (Sheets) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-29]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-29]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-29]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <niet gevonden>

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7126928 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-05-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [Bestand niet getekend]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Bestand niet getekend]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Bestand niet getekend]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [88888 2019-04-24] (ProtonVPN AG -> )
R2 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [1687360 2011-04-29] (Qualcomm Inc -> QUALCOMM, Inc.)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225096 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385640 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [8071888 2014-02-06] (Broadcom Corporation -> Broadcom Corporation)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-30] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win7\ProtonVPNSplitTunnelCalloutDriver.Sys [39352 2019-04-03] (ProtonVPN AG -> )
R3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcombushp; C:\Windows\System32\DRIVERS\qcombushp.sys [160328 2011-04-29] (MCCI Corporation -> MCCI)
R3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [444416 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [230784 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [73728 2012-07-20] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe64.sys [54784 2012-07-31] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-05-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [35768 2018-06-01] (ProtonVPN AG -> The OpenVPN Project)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-05-24 05:36 - 2019-05-24 05:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-05-23 06:39 - 2019-05-23 06:40 - 000001721 _____ C:\Users\Cyrus\Documents\New Database1.odb
2019-05-23 06:39 - 2019-05-23 06:39 - 000001659 _____ C:\Users\Cyrus\Documents\New Database.odb
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\OpenOffice
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-05-23 05:41 - 2019-05-23 05:41 - 000000000 ____D C:\Program Files (x86)\redist
2019-05-23 05:41 - 2019-05-23 05:41 - 000000000 ____D C:\Program Files (x86)\readmes
2019-05-23 05:15 - 2019-05-23 05:37 - 134126084 _____ C:\Users\Cyrus\Downloads\Apache_OpenOffice_4.1.6_Win_x86_install_en-GB.exe
2019-05-22 08:16 - 2019-05-22 08:16 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.4
2019-05-22 08:14 - 2019-05-22 08:14 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.3
2019-05-22 08:13 - 2019-05-22 08:13 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.2
2019-05-22 08:11 - 2019-05-22 08:11 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.1
2019-05-21 19:22 - 2019-05-21 19:25 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-05-21 19:22 - 2019-05-21 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2019-05-21 14:10 - 2019-05-21 14:10 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-05-21 12:05 - 2019-05-21 12:05 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 2
2019-05-21 12:03 - 2019-05-21 12:03 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 1
2019-05-21 12:02 - 2019-05-21 12:02 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 3
2019-05-21 12:00 - 2019-05-21 12:00 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 4
2019-05-21 11:58 - 2019-05-21 11:58 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim I. Jansen pt.1
2019-05-21 11:56 - 2019-05-21 11:56 - 026843270 _____ C:\Users\Cyrus\CAK claim I. Jansen pt.1 001.bmp
2019-05-21 11:47 - 2019-05-21 11:47 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 Handelsbanken Kunduppgifter
2019-05-21 08:12 - 2019-05-21 08:13 - 000044961 _____ C:\Users\Cyrus\Downloads\Addition.txt
2019-05-21 08:11 - 2019-05-24 07:54 - 000039859 _____ C:\Users\Cyrus\Downloads\FRST.txt
2019-05-21 08:10 - 2019-05-24 07:54 - 000000000 ____D C:\FRST
2019-05-21 08:04 - 2019-05-21 08:05 - 002435072 _____ (Farbar) C:\Users\Cyrus\Downloads\FRST64.exe
2019-05-21 06:19 - 2019-05-21 06:19 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-21 02:16 - 2019-05-21 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2019-05-15 07:21 - 2019-05-15 07:21 - 000158876 _____ C:\Users\Cyrus\1546729904.pdf
2019-05-09 04:15 - 2019-05-23 20:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-29 22:33 - 2019-04-29 22:33 - 000000904 _____ C:\Users\Cyrus\Mijn documenten - Snelkoppeling.lnk
2019-04-24 16:31 - 2019-05-09 09:56 - 000000000 ____D C:\Users\Cyrus\AppData\Local\ProtonVPN
2019-04-24 16:31 - 2019-04-24 16:31 - 000000000 ____D C:\Users\Cyrus\AppData\Local\IsolatedStorage
2019-04-24 16:30 - 2019-05-21 19:22 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2019-04-24 16:30 - 2019-05-21 18:38 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\ProtonVPN AG

==================== Een maand (gewijzigd) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-05-24 05:36 - 2015-07-06 13:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-05-24 05:29 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-24 05:29 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-24 05:21 - 2010-11-21 18:48 - 000745674 _____ C:\Windows\system32\perfh013.dat
2019-05-24 05:21 - 2010-11-21 18:48 - 000153594 _____ C:\Windows\system32\perfc013.dat
2019-05-24 05:21 - 2009-07-14 07:13 - 001669560 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-24 05:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-24 05:16 - 2017-11-30 10:28 - 000000000 ____D C:\Users\Cyrus\AppData\Local\AVAST Software
2019-05-24 05:15 - 2018-12-25 04:36 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-05-24 05:15 - 2018-12-25 04:36 - 000002908 _____ C:\Windows\System32\Tasks\Avast Driver Updater Startup
2019-05-24 05:15 - 2018-12-25 04:36 - 000000482 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-05-24 05:15 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-24 05:15 - 2009-07-14 06:45 - 000462328 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-23 20:41 - 2016-11-19 21:57 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\Mozilla
2019-05-23 18:47 - 2015-06-24 09:04 - 000000000 ____D C:\Users\Cyrus\Downloads\Video Downloads
2019-05-23 14:49 - 2014-11-04 18:10 - 000119544 _____ C:\Users\Cyrus\AppData\Local\GDIPFONTCACHEV1.DAT
2019-05-23 05:10 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-05-23 05:09 - 2010-11-21 18:58 - 000000000 ____D C:\Windows\ShellNew
2019-05-22 22:42 - 2017-03-06 08:39 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-22 08:16 - 2014-11-04 16:34 - 000000000 ____D C:\Users\Cyrus
2019-05-21 22:34 - 2014-11-04 18:11 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 19:06 - 2014-11-04 17:59 - 001644228 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-05-21 08:01 - 2014-11-07 14:38 - 000000000 ____D C:\Windows\pss
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\Program Files (x86)\iMobie
2019-05-21 07:52 - 2014-11-23 13:17 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\uTorrent
2019-05-21 06:56 - 2018-03-12 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-21 06:38 - 2018-03-13 16:40 - 000004574 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-21 06:38 - 2015-02-07 12:32 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-21 06:38 - 2014-11-07 13:24 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-21 06:38 - 2014-11-07 13:24 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-21 06:37 - 2017-11-04 23:30 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\Program Files\7-Zip
2019-05-21 06:19 - 2019-02-16 05:28 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 06:19 - 2019-01-17 09:12 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-21 06:19 - 2017-11-17 06:42 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 06:19 - 2016-03-24 08:09 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000385640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 06:18 - 2019-01-18 05:45 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 02:16 - 2018-12-25 04:36 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2019-05-21 02:16 - 2018-12-25 04:36 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2019-05-20 12:46 - 2019-03-25 07:27 - 000000000 ____D C:\Users\Cyrus\AppData\Local\BitTorrentHelper
2019-05-20 12:46 - 2016-12-11 17:39 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\uTorrent
2019-05-17 11:31 - 2015-07-06 19:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 20:50 - 2018-08-11 05:04 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-15 20:50 - 2015-12-03 23:31 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-15 20:50 - 2015-05-12 23:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-15 20:50 - 2014-11-04 18:10 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 20:50 - 2014-11-04 18:10 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 11:22 - 2016-03-05 19:11 - 000000000 ____D C:\Users\Cyrus\Documents\Administration
2019-05-15 09:07 - 2015-05-13 19:33 - 001711616 ___SH C:\Users\Cyrus\Thumbs.db
2019-05-14 10:43 - 2014-11-06 14:56 - 000000000 ____D C:\Users\Cyrus\Documents\Real Estate Files
2019-05-13 10:48 - 2015-01-06 20:35 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\vlc
2019-05-11 02:36 - 2014-11-06 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-29 05:16 - 2014-11-06 14:28 - 000000000 ___RD C:\Users\Cyrus\Mijn E-Books
2019-04-26 05:14 - 2014-11-08 12:35 - 000000000 ___RD C:\Users\Cyrus\Dropbox
2019-04-25 05:21 - 2019-04-12 22:51 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-24 16:29 - 2015-06-23 18:32 - 000000000 ___RD C:\Users\Cyrus\Downloads\Various Program Downloads

==================== Bestanden in de root van sommige mappen =======

2018-10-24 04:26 - 2018-10-24 04:26 - 123846559 _____ () C:\Program Files (x86)\openoffice1.cab
2018-10-24 04:23 - 2018-10-24 04:23 - 002449408 _____ () C:\Program Files (x86)\openoffice416.msi
2018-10-24 04:23 - 2018-10-24 04:23 - 000479232 _____ () C:\Program Files (x86)\setup.exe
2018-10-24 04:23 - 2018-10-24 04:23 - 000000279 _____ () C:\Program Files (x86)\setup.ini
2018-05-10 23:03 - 2018-05-10 23:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{0C6CEF6A-4C67-446A-9185-3E389C2A9937}
2016-03-18 20:33 - 2016-03-18 20:33 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{3F7A8604-AE4C-48CC-8DE3-5436C87DBCAF}
2018-05-09 22:47 - 2018-05-09 22:47 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5D783E79-54F5-4F5B-9D89-19DC92361B7B}
2018-09-06 09:03 - 2018-09-06 09:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5E9DC202-884D-4004-B13D-12CDF6362C94}
2018-05-09 22:46 - 2018-05-09 22:46 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{ADE39A0E-30B6-47B5-9D7A-4C9E25507F99}
2018-06-11 22:39 - 2018-06-11 22:39 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{B944A365-1653-4F78-A66F-5A3191C4DD10}

==================== SigCheck ===============================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


LastRegBack: 2019-05-23 07:26
==================== Einde van FRST.txt ============================



Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 19-05.2019
Gestart door Cyrus (24-05-2019 07:55:12)
Gestart vanaf C:\Users\Cyrus\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-04 14:34:58)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-159908599-3065275909-1581543870-500 - Administrator - Disabled)
Cyrus (S-1-5-21-159908599-3065275909-1581543870-1000 - Administrator - Enabled) => C:\Users\Cyrus
Gast (S-1-5-21-159908599-3065275909-1581543870-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-159908599-3065275909-1581543870-1002 - Limited - Enabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Ge´nstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gede´nstalleerd worden.)

4500_G510gm_Help (HKLM-x32\...\{DF0B357C-5874-47D0-81E7-79AA890B0CE0}) (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (HKLM-x32\...\{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (HKLM-x32\...\{28379381-B56A-43e1-B505-3098D82B1C30}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1270.86 - De auteurs van Avast Secure Browser)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 73.4.118 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM\...\{A4BC9C54-4589-3A4C-8217-9FA00262F471}) (Version: 74.0.3729.169 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP HotKey Support (HKLM\...\{9228F4A5-2722-417B-93F6-30B9228D5ACE}) (Version: 4.0.20.1 - Hewlett-Packard Company)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Wireless Assistant (HKLM\...\{3CDD2624-0D79-4FEB-8580-F873C2DD5C8F}) (Version: 4.0.10.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.3 - Intel)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mouse Driver (HKLM-x32\...\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}) (Version: 5.1 - Driver Builder) Hidden
Mouse Driver (HKLM-x32\...\InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}) (Version: 5.1 - Driver Builder)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 59.0.2 (x64 nl)) (Version: 59.0.2 - Mozilla)
Mozilla Firefox 66.0.5 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.5 (x64 en-US)) (Version: 66.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.550.000 - Hewlett-Packard) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{9C4CE297-775F-4579-80E5-2DF06E554998}) (Version: 4.16.9790 - Apache Software Foundation)
ProtonVPN (HKLM-x32\...\{2F7C9F34-7064-4637-8CCA-A7BA72E88257}) (Version: 1.8.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.8.1) (Version: 1.8.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
Qualcomm Gobi 2000 Package for HP (HKLM-x32\...\{5A771AE0-513F-4EC5-AB09-A7D3D22A2E20}) (Version: 1.1.240 - QUALCOMM)
RAPID Mode (HKLM\...\{4B94C023-022A-4271-A1D6-744ABE74D220}) (Version: 1.0.0.97 - Samsung Electronics Co., Ltd.) Hidden
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype versie 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Software voor Intel« Chipset-apparaten (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.6.2 - Synaptics Incorporated)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WordWeb (HKLM-x32\...\WordWeb) (Version: 8 - WordWeb Software)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Cyrus\Documents\Computer Related\TeraStorage Content\HDD\Software\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader

==================== Geladen Modules (gefilterd) ==============

2007-03-29 12:17 - 2007-03-29 12:17 - 000106496 _____ () [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\keydll.dll
2008-06-16 09:06 - 2008-06-16 09:06 - 000053248 _____ () [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\MouseHook.dll
2019-04-08 12:58 - 2019-04-08 12:58 - 000152064 _____ () [Bestand niet getekend] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-04-24 09:54 - 2019-04-24 09:54 - 000483328 _____ () [Bestand niet getekend] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2014-11-07 12:01 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [Bestand niet getekend] C:\Windows\System32\CNMLMAT.DLL
2014-11-08 20:59 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [Bestand niet getekend] C:\Windows\System32\CNMN6PPM.DLL
2009-09-08 11:51 - 2009-09-08 11:51 - 001037824 _____ (Hewlett-Packard Co.) [Bestand niet getekend] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [Bestand niet getekend] C:\Program Files\7-Zip\7-zip.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000050688 _____ (Igor Pavlov) [Bestand niet getekend] C:\Program Files\7-Zip\7-zip32.dll
2018-03-26 13:07 - 2018-03-26 13:07 - 000126976 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2008-06-14 01:02 - 2008-06-14 01:02 - 000397312 _____ (UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMConfig.exe
2009-08-31 22:46 - 2009-08-31 22:46 - 000339456 _____ (UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
2009-08-31 22:00 - 2009-08-31 22:00 - 001821184 _____ (UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
2008-05-30 01:22 - 2008-05-30 01:22 - 000212992 _____ (UASSOFT.COM) [Bestand niet getekend] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)

IE restricted site: HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\skype.com -> hxxps://apps.skype.com

==================== Hosts inhoud: ===============================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2019-01-12 09:31 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cyrus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

Als een item is opgenomen in de fixlist, zal het worden verwijderd.

MSCONFIG\startupfolder: C:^Users^Cyrus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1418291703
MSCONFIG\startupreg: AvastBrowserAutoLaunch_A10A30A64635A56F04DF1659B3291337 => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\cyrus\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\Cyrus\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
MSCONFIG\startupreg: SBrowserCheck => "%ALLUSERSPROFILE%\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe" /s /run_source=av_update /runonce /cgid 101
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{569FDDEF-0693-4F09-993E-DB5B1E290514}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{73F81A71-368E-4D17-8F38-9422F5849298}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{980955A3-F652-4128-B050-C18885B1122B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C22DCA9-42BC-4F21-A5A7-2C6D058FC4CB}] => (Allow) LPort=2869
FirewallRules: [{2C25CC3A-0422-46EC-80DB-178F33FCDB30}] => (Allow) LPort=1900
FirewallRules: [{C07F1EF7-B836-4DD7-BE98-CC9C48C93F5E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{28014E82-36D1-4F85-82A2-BAE154156C62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5521461-FC71-4AF2-8D57-39AD5C13D875}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F77BF90D-D289-4CC8-8209-138A512FE4C3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54DBBED2-AF1F-494B-8D01-99709787C93E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{73A458BC-C43D-4ED2-9A9B-6296FA48A063}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3264EF01-4705-41C6-BDCE-B1BED3A2CFE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8383E246-BB53-410F-A8FF-41AEB5117EC1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8ADF4BE-6DB6-40CA-8434-3B535F095238}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe Geen bestand
FirewallRules: [{CE392C5E-7F05-4755-8890-2CD6BEE11A97}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe Geen bestand
FirewallRules: [{619D9358-D4FA-42E6-9864-434230188BDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [Bestand niet getekend]
FirewallRules: [{1FC884A0-B71B-4681-8574-AD30C9AAB0A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [Bestand niet getekend]
FirewallRules: [{3C4DC82A-D960-4E34-9D68-AD0558E1ADF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [Bestand niet getekend]
FirewallRules: [{E0C80B07-0FDF-4DF5-8FE6-C8ABB4F5DFB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [Bestand niet getekend]
FirewallRules: [{15ED25EB-A017-4877-9173-41385F80448E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [Bestand niet getekend]
FirewallRules: [{5C3A2329-3328-4902-BD66-FA82D5A747EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A15205D7-7195-4B1B-A249-27B8171D625A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{70C80621-B38F-4967-ABFF-E6E2C61C4641}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6C641011-60E4-4F45-B0AE-2EFCCF5E7424}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{EC8377E4-47E2-4006-98DA-C564025D9279}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{73AE650F-7676-402C-AC19-1990FF4C53BC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{34B58788-10B3-4A83-BF0A-A3EF050E58D7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E35ECDA6-7594-431C-8CDD-A8E3191417A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{60B297AA-4898-4595-A7BD-23FFBF558C4C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5268C0BB-27E4-49FE-BAAD-85D10B83CD96}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{580A08A0-8341-4D5E-A045-04A42118D6C9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88F6F78F-2D0D-4DC3-B355-F00EDB5B52C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{771C0037-F1A4-457A-B0A2-2E6DF31538A1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Herstelpunten =========================

23-05-2019 05:41:19 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
23-05-2019 05:42:48 OpenOffice 4.1.6 is ge´nstalleerd

==================== Defecte Apparaatbeheer Apparaten =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (05/24/2019 07:28:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/24/2019 06:44:49 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/24/2019 05:36:13 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden

Error: (05/24/2019 05:36:13 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden

Error: (05/24/2019 05:28:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/24/2019 05:25:23 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/24/2019 05:15:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (05/23/2019 11:28:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.


Systeemfouten:
=============
Error: (05/24/2019 05:16:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/23/2019 07:11:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/23/2019 05:13:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/23/2019 05:11:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/23/2019 04:22:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/22/2019 05:20:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is ontvangen: 20.

Error: (05/22/2019 06:14:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/22/2019 05:56:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.


Windows Defender:
===================================
Date: 2016-05-16 08:50:45.059
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{8A867E39-979C-4C59-BF21-55784EFA4E98}
Type scan:AntiSpyware
Scanparameters:Volledige scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-05-16 08:44:49.677
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{ADE4CCC2-68E5-4F81-9E40-22F7C8579CB8}
Type scan:AntiSpyware
Scanparameters:Snelle scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-03-12 07:09:32.320
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{0293D302-2EB0-4131-8C38-F26E77D309B2}
Type scan:AntiSpyware
Scanparameters:Volledige scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-01-31 12:51:50.871
Description:
Windows Defender heeft spyware en andere mogelijk ongewenste software aangetroffen.
Zie voor meer informatie:
SoftwareBundler:Win32/Dowadmin threat description - Microsoft Security Intelligence
Naam:SoftwareBundler:Win32/Dowadmin
Id:223436
Ernst:Hoog
Categorie:Installatieprogramma
Gevonden pad:file:F:\Software\Downloaded Various Programs\FreeYouTubeDownloaderTR.exe
Type detectie:Concreet
Detectiebron:Gebruiker
Status:Onbekend
Gebruiker:Cyrus-PC\Cyrus
Procesnaam:C:\Program Files\Windows Defender\MSASCui.exe

Date: 2016-01-02 06:50:03.117
Description:
Windows Defender heeft spyware en andere mogelijk ongewenste software aangetroffen.
Zie voor meer informatie:
SoftwareBundler:Win32/Howovi threat description - Microsoft Security Intelligence
Naam:SoftwareBundler:Win32/Howovi
Id:224713
Ernst:Hoog
Categorie:Installatieprogramma
Gevonden pad:file:C:\Users\Cyrus\AppData\Local\Temp\fyd930C.tmp.exe;file:C:\Users\Cyrus\AppData\Local\Temp\is-EI014.tmp\fyd930C.tmp.tmp;file:C:\Users\Cyrus\AppData\Local\Temp\is-UUPGI.tmp\fyd930C.tmp.tmp;file:C:\Users\Cyrus\Downloads\Various Program Downloads\FreeYouTubeDownloader.exe;process:pid:1496;process:pid:2344;process:pid:5412;process:pid:5720;process:pid:7004
Type detectie:Concreet
Detectiebron:Real-timebeveiliging
Status:Onbekend
Gebruiker:\
Procesnaam:

CodeIntegrity:
===================================

Date: 2016-08-31 07:50:20.247
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 07:50:20.122
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 04:01:34.574
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 04:01:34.450
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-30 07:24:32.637
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-30 07:24:32.496
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-29 07:58:14.886
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-29 07:58:14.746
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

==================== Geheugen info ===========================

BIOS: Hewlett-Packard 68CDE Ver. F.03 10/04/2010
Motherboard: Hewlett-Packard 1471
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage geheugen in gebruik: 95%
Totaal fysiek RAM-geheugen: 3951.43 MB
Beschikbaar fysiek RAM-geheugen: 182.59 MB
Totaal Virtueel geheugen: 7901.04 MB
Beschikbaar Virtueel geheugen: 2778.36 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:230.78 GB) (Free:15.39 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{b920a8a3-642e-11e4-b689-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 1F47195E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)

==================== Einde van Addition.txt ============================
Freeman 74 is offline  
Old 05-24-2019, 08:10 PM   #8
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi,

Please rename FRST64.exe to EnglishFRST64.exe. After renaming the file, please run a new scan with FRST and copy/paste both reports into your reply.
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-24-2019, 11:18 PM   #9
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3 View Post
Hi,

Please rename FRST64.exe to EnglishFRST64.exe. After renaming the file, please run a new scan with FRST and copy/paste both reports into your reply.
Hello,

Here is the English version of the scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by Cyrus (administrator) on CYRUS-PC (Hewlett-Packard HP ProBook 6550b) (25-05-2019 08:04:11)
Running from C:\Users\Cyrus\Downloads
Loaded Profiles: Cyrus (Available Profiles: Cyrus)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\73.4.118\QtWebEngineProcess.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(ProtonVPN AG -> The OpenVPN Project) C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\openvpn.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5461312 2019-05-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [3727160 2019-04-24] (ProtonVPN AG -> )
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {a2699854-cb1b-11e4-ab6a-1cc1deba4627} - F:\LaunchU3.exe -a
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {ba2354fb-1775-11e5-9c09-002682cb0651} - I:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe [2019-04-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0418015B-484D-4306-8FD5-AA2B439E07E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {14CD6672-DBD8-4D3C-8F63-514D0F47E1C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1968C0AB-B7E4-4246-9F97-453EFABEB924} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {20B90F86-E818-4991-9201-3CE50FDFA75B} - System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {21214F4D-4216-4280-98A9-86E906604891} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-21] (Adobe Inc. -> Adobe)
Task: {230DE84C-CB90-47B8-9BF9-76F6FBB6637C} - System32\Tasks\Opera scheduled Autoupdate 1518672505 => C:\Users\Cyrus\AppData\Local\Programs\Opera\launcher.exe
Task: {24DF4853-7C4F-4747-9278-1B3CD07D4026} - System32\Tasks\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe"
Task: {28870262-4D4D-477B-8FA1-308F1104CC68} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {29D97842-5761-4993-9F4C-1B76CC8903C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3823D322-380F-4F3B-8534-E0790ED6346C} - System32\Tasks\SafeZone scheduled Autoupdate 1450500467 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {38362699-AB6E-4308-9A67-ABB184B82203} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {38478226-A144-4F60-8C9D-8165E2D9AD96} - System32\Tasks\{BC33E841-6506-4DA6-A808-BDFCA615BDE4} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {3D481972-346A-4794-9ED5-48C98955F60B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {4ACEFCCE-6425-44DF-B92E-2ACC9B8093CE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1960168 2019-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {5ABC6413-42A4-4900-BF82-1AF9F8755D77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-21] (Adobe Inc. -> Adobe)
Task: {5ADA18BD-E127-40F1-9F6D-F546175F377C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7F493C7C-ED5D-4061-8E57-1629C9B48255} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8FE41292-3BC0-4C4A-818D-E7ED1F817DAF} - System32\Tasks\{02834E93-F326-4B60-A5B5-CCA273383C62} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {9F9F06E3-DA46-4147-8780-43B6D6AB26F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A84D4B95-588A-425D-A798-D54360C1A5B9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {A8DA894C-51B1-4905-8A49-9DD6F198C644} - System32\Tasks\{B17C0A78-E3B1-48F2-B706-71509C876C88} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {AB5B936F-3C06-4E34-B3B9-944131B9695A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BC599FB8-CD21-48DD-A092-51A6739F1826} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDC9433F-78DF-4D3E-BC63-330C93D5629B} - System32\Tasks\{DC18974D-AD7D-45D6-9C26-8867C3A58606} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\YouTubeDownloaderSetup.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D428AADD-47CE-4423-B629-E2D8CF2680EC} - System32\Tasks\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\jre-8u161-windows-i586.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D65D77FA-B79F-4B1B-8C7E-06F531849F71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19} - System32\Tasks\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {F5E38FBF-9EC6-4886-A94B-1E4742FEFEF8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.8.8.1
Tcpip\..\Interfaces\{099FA401-20C1-42DB-89D9-AEBCFC8B12FD}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{4FC7BA06-AA84-4F4D-96F7-70B016F65490}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{52B20561-CA16-47BB-96C0-8B7F710BE443}: [DhcpNameServer] 10.8.8.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.178.13,1]

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-159908599-3065275909-1581543870-1000 -> {97B5D29E-3D15-4DE8-916B-D2B303729F07} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 5k9jin60.default
FF ProfilePath: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default [2019-05-24]
FF Extension: (German Dictionary) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (British English Dictionary (Updated)) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2015-01-07] [Legacy] [not signed]
FF Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-08] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (English (GB) Language Pack) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-21]
FF Extension: (Woordenboek Nederlands) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-02-16]
FF Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-14]
FF Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-21]
FF Extension: (Sky Clouds) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\{894e43ef-fcf9-4e64-8ecb-d7b0f053b89b}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\imdb.xml [2015-06-21]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\videos-zoeken-op-youtube.xml [2015-06-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-19] [Legacy] [not signed]
FF Plugin: @Adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin: @Java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
CHR DefaultSearchKeyword: Default -> bing.com_
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default [2019-05-23]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Splendid) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-05-17]
CHR Extension: (Google Search) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (Streamus) - C:\Users\Cyrus\Downloads\Various Program Downloads\StreamusChromeExtension-Development\src [2017-02-05]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-21]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-21]
CHR Extension: (Slides) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-29]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-29]
CHR Extension: (Avast SafePrice) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-29]
CHR Extension: (Sheets) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-29]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-29]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-29]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7126928 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-05-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [88888 2019-04-24] (ProtonVPN AG -> )
R2 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [1687360 2011-04-29] (Qualcomm Inc -> QUALCOMM, Inc.)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225096 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385640 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [8071888 2014-02-06] (Broadcom Corporation -> Broadcom Corporation)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-30] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win7\ProtonVPNSplitTunnelCalloutDriver.Sys [39352 2019-04-03] (ProtonVPN AG -> )
R3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcombushp; C:\Windows\System32\DRIVERS\qcombushp.sys [160328 2011-04-29] (MCCI Corporation -> MCCI)
R3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [444416 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [230784 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [73728 2012-07-20] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe64.sys [54784 2012-07-31] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-05-25] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [35768 2018-06-01] (ProtonVPN AG -> The OpenVPN Project)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-25 07:46 - 2019-05-25 07:48 - 000043656 _____ C:\Users\Cyrus\Downloads\Addition.txt
2019-05-24 05:36 - 2019-05-24 05:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-05-23 20:36 - 2019-05-24 23:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-05-23 06:39 - 2019-05-23 06:40 - 000001721 _____ C:\Users\Cyrus\Documents\New Database1.odb
2019-05-23 06:39 - 2019-05-23 06:39 - 000001659 _____ C:\Users\Cyrus\Documents\New Database.odb
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\OpenOffice
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-05-23 05:41 - 2019-05-23 05:41 - 000000000 ____D C:\Program Files (x86)\redist
2019-05-23 05:41 - 2019-05-23 05:41 - 000000000 ____D C:\Program Files (x86)\readmes
2019-05-22 08:16 - 2019-05-22 08:16 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.4
2019-05-22 08:14 - 2019-05-22 08:14 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.3
2019-05-22 08:13 - 2019-05-22 08:13 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.2
2019-05-22 08:11 - 2019-05-22 08:11 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.1
2019-05-21 19:22 - 2019-05-21 19:25 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-05-21 19:22 - 2019-05-21 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2019-05-21 14:10 - 2019-05-21 14:10 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-05-21 12:05 - 2019-05-21 12:05 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 2
2019-05-21 12:03 - 2019-05-21 12:03 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 1
2019-05-21 12:02 - 2019-05-21 12:02 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 3
2019-05-21 12:00 - 2019-05-21 12:00 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 4
2019-05-21 11:58 - 2019-05-21 11:58 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim I. Jansen pt.1
2019-05-21 11:56 - 2019-05-21 11:56 - 026843270 _____ C:\Users\Cyrus\CAK claim I. Jansen pt.1 001.bmp
2019-05-21 11:47 - 2019-05-21 11:47 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 Handelsbanken Kunduppgifter
2019-05-21 08:11 - 2019-05-25 08:04 - 000040037 _____ C:\Users\Cyrus\Downloads\FRST.txt
2019-05-21 08:10 - 2019-05-25 08:04 - 000000000 ____D C:\FRST
2019-05-21 08:04 - 2019-05-21 08:05 - 002435072 _____ (Farbar) C:\Users\Cyrus\Downloads\EnglishFRST64.exe
2019-05-21 06:19 - 2019-05-21 06:19 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-21 02:16 - 2019-05-21 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2019-05-15 07:21 - 2019-05-15 07:21 - 000158876 _____ C:\Users\Cyrus\1546729904.pdf
2019-04-29 22:33 - 2019-04-29 22:33 - 000000904 _____ C:\Users\Cyrus\Mijn documenten - Snelkoppeling.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-25 07:47 - 2015-06-23 18:32 - 000000000 ___RD C:\Users\Cyrus\Downloads\Various Program Downloads
2019-05-25 04:19 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-25 04:19 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-25 04:07 - 2010-11-21 18:48 - 000745674 _____ C:\Windows\system32\perfh013.dat
2019-05-25 04:07 - 2010-11-21 18:48 - 000153594 _____ C:\Windows\system32\perfc013.dat
2019-05-25 04:07 - 2009-07-14 07:13 - 001669560 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-25 04:07 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-25 04:04 - 2017-11-30 10:28 - 000000000 ____D C:\Users\Cyrus\AppData\Local\AVAST Software
2019-05-25 04:03 - 2018-12-25 04:36 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2019-05-25 04:03 - 2018-12-25 04:36 - 000002908 _____ C:\Windows\System32\Tasks\Avast Driver Updater Startup
2019-05-25 04:03 - 2018-12-25 04:36 - 000000482 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job
2019-05-25 04:03 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-24 23:15 - 2017-11-04 23:30 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-24 23:11 - 2016-11-19 21:57 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\Mozilla
2019-05-24 23:10 - 2017-03-06 08:39 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-24 23:06 - 2014-11-06 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-24 05:36 - 2015-07-06 13:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-05-24 05:15 - 2009-07-14 06:45 - 000462328 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-23 18:47 - 2015-06-24 09:04 - 000000000 ____D C:\Users\Cyrus\Downloads\Video Downloads
2019-05-23 14:49 - 2014-11-04 18:10 - 000119544 _____ C:\Users\Cyrus\AppData\Local\GDIPFONTCACHEV1.DAT
2019-05-23 05:10 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-05-23 05:09 - 2010-11-21 18:58 - 000000000 ____D C:\Windows\ShellNew
2019-05-22 08:16 - 2014-11-04 16:34 - 000000000 ____D C:\Users\Cyrus
2019-05-21 22:34 - 2014-11-04 18:11 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 19:22 - 2019-04-24 16:30 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2019-05-21 19:06 - 2014-11-04 17:59 - 001644228 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-05-21 18:38 - 2019-04-24 16:30 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\ProtonVPN AG
2019-05-21 08:01 - 2014-11-07 14:38 - 000000000 ____D C:\Windows\pss
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\Program Files (x86)\iMobie
2019-05-21 07:52 - 2014-11-23 13:17 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\uTorrent
2019-05-21 06:56 - 2018-03-12 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-21 06:38 - 2018-03-13 16:40 - 000004574 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-21 06:38 - 2015-02-07 12:32 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-21 06:38 - 2014-11-07 13:24 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-21 06:38 - 2014-11-07 13:24 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\Program Files\7-Zip
2019-05-21 06:19 - 2019-02-16 05:28 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 06:19 - 2019-01-17 09:12 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-21 06:19 - 2017-11-17 06:42 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 06:19 - 2016-03-24 08:09 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000385640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 06:18 - 2019-01-18 05:45 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-21 02:16 - 2018-12-25 04:36 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2019-05-21 02:16 - 2018-12-25 04:36 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2019-05-20 12:46 - 2019-03-25 07:27 - 000000000 ____D C:\Users\Cyrus\AppData\Local\BitTorrentHelper
2019-05-20 12:46 - 2016-12-11 17:39 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\uTorrent
2019-05-17 11:31 - 2015-07-06 19:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 20:50 - 2018-08-11 05:04 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-15 20:50 - 2015-12-03 23:31 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-15 20:50 - 2015-05-12 23:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-15 20:50 - 2014-11-04 18:10 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 20:50 - 2014-11-04 18:10 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 11:22 - 2016-03-05 19:11 - 000000000 ____D C:\Users\Cyrus\Documents\Administration
2019-05-15 09:07 - 2015-05-13 19:33 - 001711616 ___SH C:\Users\Cyrus\Thumbs.db
2019-05-14 10:43 - 2014-11-06 14:56 - 000000000 ____D C:\Users\Cyrus\Documents\Real Estate Files
2019-05-13 10:48 - 2015-01-06 20:35 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\vlc
2019-05-09 09:56 - 2019-04-24 16:31 - 000000000 ____D C:\Users\Cyrus\AppData\Local\ProtonVPN
2019-04-29 05:16 - 2014-11-06 14:28 - 000000000 ___RD C:\Users\Cyrus\Mijn E-Books
2019-04-26 05:14 - 2014-11-08 12:35 - 000000000 ___RD C:\Users\Cyrus\Dropbox
2019-04-25 05:21 - 2019-04-12 22:51 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum

==================== Files in the root of some directories =======

2018-10-24 04:26 - 2018-10-24 04:26 - 123846559 _____ () C:\Program Files (x86)\openoffice1.cab
2018-10-24 04:23 - 2018-10-24 04:23 - 002449408 _____ () C:\Program Files (x86)\openoffice416.msi
2018-10-24 04:23 - 2018-10-24 04:23 - 000479232 _____ () C:\Program Files (x86)\setup.exe
2018-10-24 04:23 - 2018-10-24 04:23 - 000000279 _____ () C:\Program Files (x86)\setup.ini
2018-05-10 23:03 - 2018-05-10 23:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{0C6CEF6A-4C67-446A-9185-3E389C2A9937}
2016-03-18 20:33 - 2016-03-18 20:33 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{3F7A8604-AE4C-48CC-8DE3-5436C87DBCAF}
2018-05-09 22:47 - 2018-05-09 22:47 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5D783E79-54F5-4F5B-9D89-19DC92361B7B}
2018-09-06 09:03 - 2018-09-06 09:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5E9DC202-884D-4004-B13D-12CDF6362C94}
2018-05-09 22:46 - 2018-05-09 22:46 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{ADE39A0E-30B6-47B5-9D7A-4C9E25507F99}
2018-06-11 22:39 - 2018-06-11 22:39 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{B944A365-1653-4F78-A66F-5A3191C4DD10}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-23 07:26
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Cyrus (25-05-2019 08:05:13)
Running from C:\Users\Cyrus\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-04 14:34:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-159908599-3065275909-1581543870-500 - Administrator - Disabled)
Cyrus (S-1-5-21-159908599-3065275909-1581543870-1000 - Administrator - Enabled) => C:\Users\Cyrus
Gast (S-1-5-21-159908599-3065275909-1581543870-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-159908599-3065275909-1581543870-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510gm_Help (HKLM-x32\...\{DF0B357C-5874-47D0-81E7-79AA890B0CE0}) (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (HKLM-x32\...\{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (HKLM-x32\...\{28379381-B56A-43e1-B505-3098D82B1C30}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 73.0.1270.86 - De auteurs van Avast Secure Browser)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 73.4.118 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM\...\{A4BC9C54-4589-3A4C-8217-9FA00262F471}) (Version: 74.0.3729.169 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP HotKey Support (HKLM\...\{9228F4A5-2722-417B-93F6-30B9228D5ACE}) (Version: 4.0.20.1 - Hewlett-Packard Company)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Wireless Assistant (HKLM\...\{3CDD2624-0D79-4FEB-8580-F873C2DD5C8F}) (Version: 4.0.10.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.3 - Intel)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mouse Driver (HKLM-x32\...\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}) (Version: 5.1 - Driver Builder) Hidden
Mouse Driver (HKLM-x32\...\InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}) (Version: 5.1 - Driver Builder)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 59.0.2 (x64 nl)) (Version: 59.0.2 - Mozilla)
Mozilla Firefox 67.0 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.550.000 - Hewlett-Packard) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{9C4CE297-775F-4579-80E5-2DF06E554998}) (Version: 4.16.9790 - Apache Software Foundation)
ProtonVPN (HKLM-x32\...\{2F7C9F34-7064-4637-8CCA-A7BA72E88257}) (Version: 1.8.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.8.1) (Version: 1.8.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
Qualcomm Gobi 2000 Package for HP (HKLM-x32\...\{5A771AE0-513F-4EC5-AB09-A7D3D22A2E20}) (Version: 1.1.240 - QUALCOMM)
RAPID Mode (HKLM\...\{4B94C023-022A-4271-A1D6-744ABE74D220}) (Version: 1.0.0.97 - Samsung Electronics Co., Ltd.) Hidden
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype versie 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Software voor Intel« Chipset-apparaten (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.6.2 - Synaptics Incorporated)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WordWeb (HKLM-x32\...\WordWeb) (Version: 8 - WordWeb Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Cyrus\Documents\Computer Related\TeraStorage Content\HDD\Software\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader

==================== Loaded Modules (Whitelisted) ==============

2007-03-29 12:17 - 2007-03-29 12:17 - 000106496 _____ () [File not signed] C:\Program Files (x86)\Mouse Driver\keydll.dll
2008-06-16 09:06 - 2008-06-16 09:06 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Mouse Driver\MouseHook.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 000217887 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\liblzo2-2.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 000119167 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libpkcs11-helper-1.dll
2019-04-08 12:58 - 2019-04-08 12:58 - 000152064 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-04-24 09:54 - 2019-04-24 09:54 - 000483328 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2014-11-07 12:01 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLMAT.DLL
2014-11-08 20:59 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2009-09-08 11:51 - 2009-09-08 11:51 - 001037824 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-03-26 13:07 - 2018-03-26 13:07 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 003028053 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libcrypto-1_1-x64.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 000625540 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libssl-1_1-x64.dll
2008-06-14 01:02 - 2008-06-14 01:02 - 000397312 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMConfig.exe
2009-08-31 22:46 - 2009-08-31 22:46 - 000339456 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
2009-08-31 22:00 - 2009-08-31 22:00 - 001821184 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
2008-05-30 01:22 - 2008-05-30 01:22 - 000212992 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-12 09:31 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cyrus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.8.8.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Users^Cyrus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1418291703
MSCONFIG\startupreg: AvastBrowserAutoLaunch_A10A30A64635A56F04DF1659B3291337 => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\cyrus\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\Cyrus\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
MSCONFIG\startupreg: SBrowserCheck => "%ALLUSERSPROFILE%\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe" /s /run_source=av_update /runonce /cgid 101
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{569FDDEF-0693-4F09-993E-DB5B1E290514}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{73F81A71-368E-4D17-8F38-9422F5849298}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{980955A3-F652-4128-B050-C18885B1122B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C22DCA9-42BC-4F21-A5A7-2C6D058FC4CB}] => (Allow) LPort=2869
FirewallRules: [{2C25CC3A-0422-46EC-80DB-178F33FCDB30}] => (Allow) LPort=1900
FirewallRules: [{C07F1EF7-B836-4DD7-BE98-CC9C48C93F5E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{28014E82-36D1-4F85-82A2-BAE154156C62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5521461-FC71-4AF2-8D57-39AD5C13D875}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F77BF90D-D289-4CC8-8209-138A512FE4C3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54DBBED2-AF1F-494B-8D01-99709787C93E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{73A458BC-C43D-4ED2-9A9B-6296FA48A063}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3264EF01-4705-41C6-BDCE-B1BED3A2CFE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8383E246-BB53-410F-A8FF-41AEB5117EC1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8ADF4BE-6DB6-40CA-8434-3B535F095238}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{CE392C5E-7F05-4755-8890-2CD6BEE11A97}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{619D9358-D4FA-42E6-9864-434230188BDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{1FC884A0-B71B-4681-8574-AD30C9AAB0A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{3C4DC82A-D960-4E34-9D68-AD0558E1ADF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{E0C80B07-0FDF-4DF5-8FE6-C8ABB4F5DFB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{15ED25EB-A017-4877-9173-41385F80448E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{5C3A2329-3328-4902-BD66-FA82D5A747EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A15205D7-7195-4B1B-A249-27B8171D625A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{70C80621-B38F-4967-ABFF-E6E2C61C4641}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6C641011-60E4-4F45-B0AE-2EFCCF5E7424}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{EC8377E4-47E2-4006-98DA-C564025D9279}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{73AE650F-7676-402C-AC19-1990FF4C53BC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{34B58788-10B3-4A83-BF0A-A3EF050E58D7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E35ECDA6-7594-431C-8CDD-A8E3191417A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{60B297AA-4898-4595-A7BD-23FFBF558C4C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5268C0BB-27E4-49FE-BAAD-85D10B83CD96}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{580A08A0-8341-4D5E-A045-04A42118D6C9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88F6F78F-2D0D-4DC3-B355-F00EDB5B52C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{771C0037-F1A4-457A-B0A2-2E6DF31538A1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

23-05-2019 05:41:19 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
23-05-2019 05:42:48 OpenOffice 4.1.6 is ge´nstalleerd

==================== Faulty Device Manager Devices =============

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2019 07:28:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/25/2019 06:46:55 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/25/2019 06:37:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/25/2019 04:28:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/25/2019 04:13:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/25/2019 04:03:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (05/24/2019 1135 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (05/24/2019 10:28:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.


System errors:
=============
Error: (05/25/2019 04:04:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/24/2019 11:07:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/24/2019 11:05:58 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: De service Diagnostics Tracking Service is niet juist afgesloten na de ontvangst van een besturingselement voor afsluiten.

Error: (05/24/2019 11:05:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/24/2019 09:51:57 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/24/2019 05:16:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/23/2019 07:11:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/23/2019 05:13:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.


Windows Defender:
===================================
Date: 2016-05-16 08:50:45.059
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{8A867E39-979C-4C59-BF21-55784EFA4E98}
Type scan:AntiSpyware
Scanparameters:Volledige scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-05-16 08:44:49.677
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{ADE4CCC2-68E5-4F81-9E40-22F7C8579CB8}
Type scan:AntiSpyware
Scanparameters:Snelle scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-03-12 07:09:32.320
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{0293D302-2EB0-4131-8C38-F26E77D309B2}
Type scan:AntiSpyware
Scanparameters:Volledige scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-01-31 12:51:50.871
Description:
Windows Defender heeft spyware en andere mogelijk ongewenste software aangetroffen.
Zie voor meer informatie:
SoftwareBundler:Win32/Dowadmin threat description - Microsoft Security Intelligence
Naam:SoftwareBundler:Win32/Dowadmin
Id:223436
Ernst:Hoog
Categorie:Installatieprogramma
Gevonden pad:file:F:\Software\Downloaded Various Programs\FreeYouTubeDownloaderTR.exe
Type detectie:Concreet
Detectiebron:Gebruiker
Status:Onbekend
Gebruiker:Cyrus-PC\Cyrus
Procesnaam:C:\Program Files\Windows Defender\MSASCui.exe

Date: 2016-01-02 06:50:03.117
Description:
Windows Defender heeft spyware en andere mogelijk ongewenste software aangetroffen.
Zie voor meer informatie:
SoftwareBundler:Win32/Howovi threat description - Microsoft Security Intelligence
Naam:SoftwareBundler:Win32/Howovi
Id:224713
Ernst:Hoog
Categorie:Installatieprogramma
Gevonden pad:file:C:\Users\Cyrus\AppData\Local\Temp\fyd930C.tmp.exe;file:C:\Users\Cyrus\AppData\Local\Temp\is-EI014.tmp\fyd930C.tmp.tmp;file:C:\Users\Cyrus\AppData\Local\Temp\is-UUPGI.tmp\fyd930C.tmp.tmp;file:C:\Users\Cyrus\Downloads\Various Program Downloads\FreeYouTubeDownloader.exe;process:pid:1496;process:pid:2344;process:pid:5412;process:pid:5720;process:pid:7004
Type detectie:Concreet
Detectiebron:Real-timebeveiliging
Status:Onbekend
Gebruiker:\
Procesnaam:

CodeIntegrity:
===================================

Date: 2016-08-31 07:50:20.247
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 07:50:20.122
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 04:01:34.574
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 04:01:34.450
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-30 07:24:32.637
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-30 07:24:32.496
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-29 07:58:14.886
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-29 07:58:14.746
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68CDE Ver. F.03 10/04/2010
Motherboard: Hewlett-Packard 1471
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 94%
Total physical RAM: 3951.43 MB
Available physical RAM: 208.94 MB
Total Virtual: 8253.04 MB
Available Virtual: 631.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230.78 GB) (Free:14.64 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{b920a8a3-642e-11e4-b689-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 1F47195E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================
Freeman 74 is offline  
Old 05-25-2019, 06:29 PM   #10
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi,

If you do not use Avast Driver Updater, I suggest you uninstall it:

Uninstall a Program
  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following programs on the list:
    Code:
    Avast Driver Updater
  • Select each program and click Uninstall.
  • Restart the computer if prompted.


----------------------------------------------

Farbar Recovery Scan Tool - Fix

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named notepad file will open.
  • Copy and paste the following into it ....

Code:
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Task: {20B90F86-E818-4991-9201-3CE50FDFA75B} - System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {24DF4853-7C4F-4747-9278-1B3CD07D4026} - System32\Tasks\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe"
Task: {38478226-A144-4F60-8C9D-8165E2D9AD96} - System32\Tasks\{BC33E841-6506-4DA6-A808-BDFCA615BDE4} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {8FE41292-3BC0-4C4A-818D-E7ED1F817DAF} - System32\Tasks\{02834E93-F326-4B60-A5B5-CCA273383C62} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {A8DA894C-51B1-4905-8A49-9DD6F198C644} - System32\Tasks\{B17C0A78-E3B1-48F2-B706-71509C876C88} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {CDC9433F-78DF-4D3E-BC63-330C93D5629B} - System32\Tasks\{DC18974D-AD7D-45D6-9C26-8867C3A58606} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\YouTubeDownloaderSetup.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D428AADD-47CE-4423-B629-E2D8CF2680EC} - System32\Tasks\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\jre-8u161-windows-i586.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19} - System32\Tasks\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

FirewallRules: [{B8ADF4BE-6DB6-40CA-8434-3B535F095238}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{CE392C5E-7F05-4755-8890-2CD6BEE11A97}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe No File

C:\Windows\AutoKMS

VirusTotal: C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe

end
  • Press Ctrl+s to save the file.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process the fixlist
  • When finished, it will produce a log (fixlog.txt) in the same folder/directory as FRST
  • Please post the log in your next reply.


----------------------------------------------

In your next reply, please include:
  • Fixlog.txt
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-25-2019, 08:43 PM   #11
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3;

In your next reply, please include:
[LIST
[*]Fixlog.txt[/LIST]


Hello,

Here is the Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Cyrus (26-05-2019 05:30:20) Run:1
Running from C:\Users\Cyrus\Downloads
Loaded Profiles: Cyrus (Available Profiles: Cyrus)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Task: {20B90F86-E818-4991-9201-3CE50FDFA75B} - System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u151-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {24DF4853-7C4F-4747-9278-1B3CD07D4026} - System32\Tasks\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe"
Task: {38478226-A144-4F60-8C9D-8165E2D9AD96} - System32\Tasks\{BC33E841-6506-4DA6-A808-BDFCA615BDE4} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u191-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {8FE41292-3BC0-4C4A-818D-E7ED1F817DAF} - System32\Tasks\{02834E93-F326-4B60-A5B5-CCA273383C62} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {A8DA894C-51B1-4905-8A49-9DD6F198C644} - System32\Tasks\{B17C0A78-E3B1-48F2-B706-71509C876C88} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {CDC9433F-78DF-4D3E-BC63-330C93D5629B} - System32\Tasks\{DC18974D-AD7D-45D6-9C26-8867C3A58606} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\YouTubeDownloaderSetup.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {D428AADD-47CE-4423-B629-E2D8CF2680EC} - System32\Tasks\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF} => C:\Windows\system32\pcalua.exe -a "C:\Users\Cyrus\Downloads\Various Program Downloads\jre-8u161-windows-i586.exe" -d "C:\Users\Cyrus\Downloads\Various Program Downloads"
Task: {E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19} - System32\Tasks\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Cyrus\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

FirewallRules: [{B8ADF4BE-6DB6-40CA-8434-3B535F095238}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{CE392C5E-7F05-4755-8890-2CD6BEE11A97}] => (Allow) C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe No File

C:\Windows\AutoKMS

VirusTotal: C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe

end
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20B90F86-E818-4991-9201-3CE50FDFA75B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20B90F86-E818-4991-9201-3CE50FDFA75B}" => removed successfully
C:\Windows\System32\Tasks\{261F65F0-FF0C-41E3-B666-06A717183D60} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{261F65F0-FF0C-41E3-B666-06A717183D60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24DF4853-7C4F-4747-9278-1B3CD07D4026}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24DF4853-7C4F-4747-9278-1B3CD07D4026}" => removed successfully
C:\Windows\System32\Tasks\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D596D274-4AF4-4DEA-8BAF-2FA8173C74AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38478226-A144-4F60-8C9D-8165E2D9AD96}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38478226-A144-4F60-8C9D-8165E2D9AD96}" => removed successfully
C:\Windows\System32\Tasks\{BC33E841-6506-4DA6-A808-BDFCA615BDE4} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC33E841-6506-4DA6-A808-BDFCA615BDE4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FE41292-3BC0-4C4A-818D-E7ED1F817DAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FE41292-3BC0-4C4A-818D-E7ED1F817DAF}" => removed successfully
C:\Windows\System32\Tasks\{02834E93-F326-4B60-A5B5-CCA273383C62} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{02834E93-F326-4B60-A5B5-CCA273383C62}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A8DA894C-51B1-4905-8A49-9DD6F198C644}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8DA894C-51B1-4905-8A49-9DD6F198C644}" => removed successfully
C:\Windows\System32\Tasks\{B17C0A78-E3B1-48F2-B706-71509C876C88} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B17C0A78-E3B1-48F2-B706-71509C876C88}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDC9433F-78DF-4D3E-BC63-330C93D5629B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDC9433F-78DF-4D3E-BC63-330C93D5629B}" => removed successfully
C:\Windows\System32\Tasks\{DC18974D-AD7D-45D6-9C26-8867C3A58606} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DC18974D-AD7D-45D6-9C26-8867C3A58606}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D428AADD-47CE-4423-B629-E2D8CF2680EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D428AADD-47CE-4423-B629-E2D8CF2680EC}" => removed successfully
C:\Windows\System32\Tasks\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C9953DF5-D9CE-4BCA-A5D7-B5D3EF861AEF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0E4C8BD-18B0-445E-B7DE-E94E2D4FEF19}" => removed successfully
C:\Windows\System32\Tasks\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E4DD8221-4C34-4B1D-A589-9328EBBF24DE}" => removed successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\Software\MozillaPlugins @microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins @microsoft.com/GENUINE => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
HKLM\System\CurrentControlSet\Services\dbx => removed successfully
dbx => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => removed successfully
ZAM => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM_Guard => removed successfully
ZAM_Guard => service removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8ADF4BE-6DB6-40CA-8434-3B535F095238}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE392C5E-7F05-4755-8890-2CD6BEE11A97}" => removed successfully
C:\Windows\AutoKMS => moved successfully
VirusTotal: C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe => https://www.virustotal.com/file/425e...is/1508316331/

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30536474 B
Java, Flash, Steam htmlcache => 578 B
Windows/system/drivers => 151008393 B
Edge => 0 B
Chrome => 8005925 B
Firefox => 75617043 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
systemprofile32 => 66356 B
LocalService => 70146 B
NetworkService => 66228 B
Cyrus => 128197961 B

RecycleBin => 201365 B
EmptyTemp: => 383.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 05:30:44 ====
Freeman 74 is offline  
Old 05-27-2019, 09:21 AM   #12
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi,

-----------------------------------------------------------

AdwCleaner

Download AdwCleaner and save it to your desktop.
  • Right-click on AdwCleaner.exe and select Run as Administrator
  • Accept the EULA (I accept), then click on Scan.
  • Let the scan complete. If no objects are detected, close the AdwCleaner window.
  • If any objects are detected, uncheck any items you want to keep.
  • Click on the Clean and Repair button.
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer. Allow it to do so.
  • After the restart, an AdwCleaner window will open. Click on View Log File, and the log will open in notepad. Copy and paste the contents of the log into your next reply.

Note: the AdwCleaner log is also saved to C:\AdwCleaner\Logs\AdwCleaner[CXX].txt (where XX is two numbers).

-----------------------------------------------------------

ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-27-2019, 09:42 PM   #13
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3 View Post
Hi,

-----------------------------------------------------------

AdwCleaner

Download AdwCleaner and save it to your desktop.
  • Right-click on AdwCleaner.exe and select Run as Administrator
  • Accept the EULA (I accept), then click on Scan.
  • Let the scan complete. If no objects are detected, close the AdwCleaner window.
  • If any objects are detected, uncheck any items you want to keep.
  • Click on the Clean and Repair button.
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer. Allow it to do so.
  • After the restart, an AdwCleaner window will open. Click on View Log File, and the log will open in notepad. Copy and paste the contents of the log into your next reply.

Note: the AdwCleaner log is also saved to C:\AdwCleaner\Logs\AdwCleaner[CXX].txt (where XX is two numbers).

-----------------------------------------------------------

ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
Hello,

These are the scan results:

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-03.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-27-2019
# Duration: 00:00:01
# OS: Windows 7 Professional
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Cyrus\AppData\Local\slimware utilities inc
Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

Deleted C:\Users\Cyrus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\AvastBrowserAutoLaunch_A10A30A64635A56F04DF1659B3291337
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SBrowserCheck
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1905 octets] - [27/05/2019 21:28:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


Eset scan:

28-5-2019 6:30:29
Files scanned: 358731
Infected files: 0
Cleaned threats: 0
Total scan time: 00:49:24
Scan status: Finished
Freeman 74 is offline  
Old 05-28-2019, 06:51 AM   #14
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



What I forgot to mention is that the first time I did the Eset scan there were 19 infected files detected which were then cleaned. Unfortunately I forgot to select the Save Scan Log option.
Therefore I ran the scan again to make a scan log and the second time around there were zero infections detected.
Freeman 74 is offline  
Old 05-28-2019, 09:23 AM   #15
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Excellent. Please run a final scan with FRST:

---------------------------------------------------
FRST Scan
  • Double click Frst.exe/Frst64.exe to launch it.
  • FRST will start to run.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-28-2019, 10:52 PM   #16
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Quote:
Originally Posted by iMacg3 View Post
Excellent. Please run a final scan with FRST:

---------------------------------------------------
FRST Scan
  • Double click Frst.exe/Frst64.exe to launch it.
  • FRST will start to run.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
Hello,

Hereby the latest FRST scan results:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05.2019
Ran by Cyrus (administrator) on CYRUS-PC (Hewlett-Packard HP ProBook 6550b) (29-05-2019 07:40:48)
Running from C:\Users\Cyrus\Downloads
Loaded Profiles: Cyrus (Available Profiles: Cyrus)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\73.4.118\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\73.4.118\QtWebEngineProcess.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe
(ProtonVPN AG -> ) C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
(ProtonVPN AG -> The OpenVPN Project) C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\openvpn.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMCONFIG.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
(UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927928 2012-05-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [123800 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [323128 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Mouse Driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5461312 2019-05-21] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [3727160 2019-04-24] (ProtonVPN AG -> )
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {a2699854-cb1b-11e4-ab6a-1cc1deba4627} - F:\LaunchU3.exe -a
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\MountPoints2: {ba2354fb-1775-11e5-9c09-002682cb0651} - I:\LaunchU3.exe -a
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0418015B-484D-4306-8FD5-AA2B439E07E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {141D7BB5-BEB8-4837-9740-B37A1A1E4FFE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {14CD6672-DBD8-4D3C-8F63-514D0F47E1C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {21214F4D-4216-4280-98A9-86E906604891} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-21] (Adobe Inc. -> Adobe)
Task: {230DE84C-CB90-47B8-9BF9-76F6FBB6637C} - System32\Tasks\Opera scheduled Autoupdate 1518672505 => C:\Users\Cyrus\AppData\Local\Programs\Opera\launcher.exe
Task: {28870262-4D4D-477B-8FA1-308F1104CC68} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {29D97842-5761-4993-9F4C-1B76CC8903C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {3823D322-380F-4F3B-8534-E0790ED6346C} - System32\Tasks\SafeZone scheduled Autoupdate 1450500467 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {3D481972-346A-4794-9ED5-48C98955F60B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {5ABC6413-42A4-4900-BF82-1AF9F8755D77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-21] (Adobe Inc. -> Adobe)
Task: {5ADA18BD-E127-40F1-9F6D-F546175F377C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7F493C7C-ED5D-4061-8E57-1629C9B48255} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8B7D88AB-8119-40C6-913E-76AB1A0D26A1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {9F9F06E3-DA46-4147-8780-43B6D6AB26F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A84D4B95-588A-425D-A798-D54360C1A5B9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB5B936F-3C06-4E34-B3B9-944131B9695A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BC599FB8-CD21-48DD-A092-51A6739F1826} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D65D77FA-B79F-4B1B-8C7E-06F531849F71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {F5E38FBF-9EC6-4886-A94B-1E4742FEFEF8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.8.8.1
Tcpip\..\Interfaces\{099FA401-20C1-42DB-89D9-AEBCFC8B12FD}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{4FC7BA06-AA84-4F4D-96F7-70B016F65490}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{52B20561-CA16-47BB-96C0-8B7F710BE443}: [DhcpNameServer] 10.8.8.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.178.13,1]

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-159908599-3065275909-1581543870-1000 -> {97B5D29E-3D15-4DE8-916B-D2B303729F07} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech -> Logitech, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 5k9jin60.default
FF ProfilePath: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default [2019-05-28]
FF Extension: (German Dictionary) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (British English Dictionary (Updated)) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2015-01-07] [Legacy] [not signed]
FF Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-08] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (English (GB) Language Pack) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-26]
FF Extension: (Woordenboek Nederlands) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2018-11-29]
FF Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-26]
FF Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-03-14]
FF Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\[email protected] [2019-05-21]
FF Extension: (Sky Clouds) - C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\Extensions\{894e43ef-fcf9-4e64-8ecb-d7b0f053b89b}.xpi [2019-05-13]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\imdb.xml [2015-06-21]
FF SearchPlugin: C:\Users\Cyrus\AppData\Roaming\Mozilla\Firefox\Profiles\5k9jin60.default\searchplugins\videos-zoeken-op-youtube.xml [2015-06-19]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-11-19] [Legacy] [not signed]
FF Plugin: @Adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin: @Java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-21] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
CHR DefaultSearchKeyword: Default -> bing.com_
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default [2019-05-26]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Splendid) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfkbdkkfmmckaadapdipihjfaacnkgd [2014-11-06]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (uBlock Origin) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-05-17]
CHR Extension: (Google Search) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast Passwords) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR Extension: (Streamus) - C:\Users\Cyrus\Downloads\Various Program Downloads\StreamusChromeExtension-Development\src [2017-02-05]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-05-26]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-26]
CHR Extension: (Slides) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Docs) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Google Drive) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-29]
CHR Extension: (YouTube) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-29]
CHR Extension: (Avast SafePrice) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-29]
CHR Extension: (Sheets) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-29]
CHR Extension: (Avast Online Security) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-29]
CHR Extension: (Gmail) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-29]
CHR Profile: C:\Users\Cyrus\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [238080 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-10] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-05-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [1698360 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe [1821184 2009-08-31] (UASSOFT.COM) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [88888 2019-04-24] (ProtonVPN AG -> )
R2 QDLService2kHP; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe [1687360 2011-04-29] (Qualcomm Inc -> QUALCOMM, Inc.)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [29080 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 Accelerometer; C:\Windows\System32\DRIVERS\Accelerometer.sys [43840 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (Microsoft Windows -> LSI Corp)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225096 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385640 2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [8071888 2014-02-06] (Broadcom Corporation -> Broadcom Corporation)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [25912 2011-07-06] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-30] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-05-28] (Malwarebytes Corporation -> Malwarebytes)
S3 ProtonVPNSplitTunnelCalloutDriver; C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\win7\ProtonVPNSplitTunnelCalloutDriver.Sys [39352 2019-04-03] (ProtonVPN AG -> )
R3 qcfilterhp2k; C:\Windows\System32\DRIVERS\qcfilterhp2k.sys [6400 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcombushp; C:\Windows\System32\DRIVERS\qcombushp.sys [160328 2011-04-29] (MCCI Corporation -> MCCI)
R3 qcusbnethp2k; C:\Windows\System32\DRIVERS\qcusbnethp2k.sys [444416 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 qcusbserhp2k; C:\Windows\System32\DRIVERS\qcusbserhp2k.sys [230784 2011-04-29] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [73728 2012-07-20] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe64.sys [54784 2012-07-31] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [272792 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111512 2016-11-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505856 2010-03-17] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\System32\DRIVERS\tapprotonvpn.sys [35768 2018-06-01] (ProtonVPN AG -> The OpenVPN Project)
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-29 07:40 - 2019-05-29 07:40 - 000000000 ____D C:\Users\Cyrus\Downloads\FRST-OlderVersion
2019-05-28 08:55 - 2019-05-28 08:55 - 000577275 _____ C:\Users\Cyrus\Downloads\RTP002_2019_fuer druck montiert zs.pdf
2019-05-28 07:21 - 2019-05-28 07:21 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-05-28 07:10 - 2019-05-28 07:21 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-28 07:10 - 2019-05-28 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-27 21:35 - 2019-05-29 04:17 - 000000000 ____D C:\Users\Cyrus\AppData\Local\ESET
2019-05-26 20:03 - 2019-05-26 20:03 - 000339919 _____ C:\Users\Cyrus\Top 100 Comedy Movies - Rotten Tomatoes.html
2019-05-26 20:03 - 2019-05-26 20:03 - 000000000 ____D C:\Users\Cyrus\Top 100 Comedy Movies - Rotten Tomatoes_files
2019-05-26 09:56 - 2019-05-26 09:56 - 000033675 _____ C:\Users\Cyrus\Documents\QA test1.odt
2019-05-26 05:30 - 2019-05-26 05:30 - 000010059 _____ C:\Users\Cyrus\Downloads\Fixlog.txt
2019-05-25 07:46 - 2019-05-25 08:06 - 000043534 _____ C:\Users\Cyrus\Downloads\Addition.txt
2019-05-24 05:36 - 2019-05-24 05:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-05-23 20:36 - 2019-05-24 23:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-05-23 06:39 - 2019-05-23 06:40 - 000001721 _____ C:\Users\Cyrus\Documents\New Database1.odb
2019-05-23 06:39 - 2019-05-23 06:39 - 000001659 _____ C:\Users\Cyrus\Documents\New Database.odb
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\OpenOffice
2019-05-23 05:43 - 2019-05-23 05:43 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-05-23 05:41 - 2019-05-23 05:41 - 000000000 ____D C:\Program Files (x86)\redist
2019-05-23 05:41 - 2019-05-23 05:41 - 000000000 ____D C:\Program Files (x86)\readmes
2019-05-22 08:16 - 2019-05-22 08:16 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.4
2019-05-22 08:14 - 2019-05-22 08:14 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.3
2019-05-22 08:13 - 2019-05-22 08:13 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.2
2019-05-22 08:11 - 2019-05-22 08:11 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-22 Inventory p.1
2019-05-21 19:22 - 2019-05-21 19:25 - 000000000 ____D C:\ProgramData\ProtonVPN
2019-05-21 19:22 - 2019-05-21 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2019-05-21 14:10 - 2019-05-21 14:10 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-05-21 14:10 - 2019-05-21 14:10 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-05-21 12:05 - 2019-05-21 12:05 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 2
2019-05-21 12:03 - 2019-05-21 12:03 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 1
2019-05-21 12:02 - 2019-05-21 12:02 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 3
2019-05-21 12:00 - 2019-05-21 12:00 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim part 4
2019-05-21 11:58 - 2019-05-21 11:58 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 CAK claim I. Jansen pt.1
2019-05-21 11:56 - 2019-05-21 11:56 - 026843270 _____ C:\Users\Cyrus\CAK claim I. Jansen pt.1 001.bmp
2019-05-21 11:47 - 2019-05-21 11:47 - 000000000 ____D C:\Users\Cyrus\Documents\2019-05-21 Handelsbanken Kunduppgifter
2019-05-21 08:11 - 2019-05-29 07:41 - 000038209 _____ C:\Users\Cyrus\Downloads\FRST.txt
2019-05-21 08:10 - 2019-05-29 07:40 - 000000000 ____D C:\FRST
2019-05-21 08:04 - 2019-05-29 07:40 - 002435584 _____ (Farbar) C:\Users\Cyrus\Downloads\EnglishFRST64.exe
2019-05-21 06:19 - 2019-05-21 06:19 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-15 07:21 - 2019-05-15 07:21 - 000158876 _____ C:\Users\Cyrus\1546729904.pdf
2019-04-29 22:33 - 2019-04-29 22:33 - 000000904 _____ C:\Users\Cyrus\Mijn documenten - Snelkoppeling.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-29 05:22 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-29 05:22 - 2009-07-14 06:45 - 000034704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-29 05:16 - 2018-08-11 05:04 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-05-29 05:16 - 2017-11-04 23:30 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-29 05:16 - 2015-12-03 23:31 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-05-29 05:16 - 2015-05-12 23:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-29 05:16 - 2014-11-04 18:10 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-29 05:16 - 2014-11-04 18:10 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-29 04:23 - 2010-11-21 18:48 - 000745674 _____ C:\Windows\system32\perfh013.dat
2019-05-29 04:23 - 2010-11-21 18:48 - 000153594 _____ C:\Windows\system32\perfc013.dat
2019-05-29 04:23 - 2009-07-14 07:13 - 001669560 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-29 04:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-29 04:18 - 2017-11-30 10:28 - 000000000 ____D C:\Users\Cyrus\AppData\Local\AVAST Software
2019-05-29 04:17 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-28 16:33 - 2019-04-17 15:32 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 16:33 - 2019-04-17 15:32 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 16:33 - 2018-11-10 05:26 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-28 16:31 - 2016-07-24 11:41 - 000000000 ____D C:\Windows10Upgrade
2019-05-28 15:36 - 2016-11-19 21:57 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\Mozilla
2019-05-28 07:10 - 2014-11-10 20:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-27 23:05 - 2015-06-23 18:32 - 000000000 ___RD C:\Users\Cyrus\Downloads\Various Program Downloads
2019-05-27 21:28 - 2014-11-10 20:53 - 000000000 ____D C:\AdwCleaner
2019-05-27 15:24 - 2015-01-06 20:35 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\vlc
2019-05-27 10:21 - 2017-03-06 08:39 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-26 20:03 - 2015-06-24 09:04 - 000000000 ____D C:\Users\Cyrus\Downloads\Video Downloads
2019-05-26 20:03 - 2014-11-04 16:34 - 000000000 ____D C:\Users\Cyrus
2019-05-26 13:32 - 2015-05-13 19:33 - 001803776 ___SH C:\Users\Cyrus\Thumbs.db
2019-05-24 23:06 - 2014-11-06 17:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-24 05:36 - 2015-07-06 13:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-05-24 05:15 - 2009-07-14 06:45 - 000462328 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-23 14:49 - 2014-11-04 18:10 - 000119544 _____ C:\Users\Cyrus\AppData\Local\GDIPFONTCACHEV1.DAT
2019-05-23 05:10 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-05-23 05:09 - 2010-11-21 18:58 - 000000000 ____D C:\Windows\ShellNew
2019-05-21 22:34 - 2014-11-04 18:11 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 19:22 - 2019-04-24 16:30 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2019-05-21 19:06 - 2014-11-04 17:59 - 001644228 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-05-21 18:38 - 2019-04-24 16:30 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\ProtonVPN AG
2019-05-21 08:01 - 2014-11-07 14:38 - 000000000 ____D C:\Windows\pss
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2019-05-21 07:54 - 2015-01-17 15:16 - 000000000 ____D C:\Program Files (x86)\iMobie
2019-05-21 07:52 - 2014-11-23 13:17 - 000000000 ____D C:\Users\Cyrus\AppData\Roaming\uTorrent
2019-05-21 06:56 - 2018-03-12 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-21 06:38 - 2018-03-13 16:40 - 000004574 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-21 06:38 - 2015-02-07 12:32 - 000004424 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-21 06:38 - 2014-11-07 13:24 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-21 06:38 - 2014-11-07 13:24 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-21 06:38 - 2014-11-07 13:24 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-21 06:29 - 2016-01-24 11:34 - 000000000 ____D C:\Program Files\7-Zip
2019-05-21 06:19 - 2019-02-16 05:28 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-21 06:19 - 2019-01-17 09:12 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-21 06:19 - 2017-11-17 06:42 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-21 06:19 - 2016-03-24 08:09 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000385640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-21 06:19 - 2014-11-04 18:24 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-21 06:18 - 2019-01-18 05:45 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-21 06:18 - 2019-01-17 09:12 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-20 12:46 - 2019-03-25 07:27 - 000000000 ____D C:\Users\Cyrus\AppData\Local\BitTorrentHelper
2019-05-20 12:46 - 2016-12-11 17:39 - 000000000 ____D C:\Users\Cyrus\AppData\LocalLow\uTorrent
2019-05-17 11:31 - 2015-07-06 19:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 11:22 - 2016-03-05 19:11 - 000000000 ____D C:\Users\Cyrus\Documents\Administration
2019-05-14 10:43 - 2014-11-06 14:56 - 000000000 ____D C:\Users\Cyrus\Documents\Real Estate Files
2019-05-09 09:56 - 2019-04-24 16:31 - 000000000 ____D C:\Users\Cyrus\AppData\Local\ProtonVPN
2019-04-29 05:16 - 2014-11-06 14:28 - 000000000 ___RD C:\Users\Cyrus\Mijn E-Books

==================== Files in the root of some directories =======

2018-10-24 04:26 - 2018-10-24 04:26 - 123846559 _____ () C:\Program Files (x86)\openoffice1.cab
2018-10-24 04:23 - 2018-10-24 04:23 - 002449408 _____ () C:\Program Files (x86)\openoffice416.msi
2018-10-24 04:23 - 2018-10-24 04:23 - 000479232 _____ () C:\Program Files (x86)\setup.exe
2018-10-24 04:23 - 2018-10-24 04:23 - 000000279 _____ () C:\Program Files (x86)\setup.ini
2018-05-10 23:03 - 2018-05-10 23:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{0C6CEF6A-4C67-446A-9185-3E389C2A9937}
2016-03-18 20:33 - 2016-03-18 20:33 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{3F7A8604-AE4C-48CC-8DE3-5436C87DBCAF}
2018-05-09 22:47 - 2018-05-09 22:47 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5D783E79-54F5-4F5B-9D89-19DC92361B7B}
2018-09-06 09:03 - 2018-09-06 09:03 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{5E9DC202-884D-4004-B13D-12CDF6362C94}
2018-05-09 22:46 - 2018-05-09 22:46 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{ADE39A0E-30B6-47B5-9D7A-4C9E25507F99}
2018-06-11 22:39 - 2018-06-11 22:39 - 000000000 _____ () C:\Users\Cyrus\AppData\Local\{B944A365-1653-4F78-A66F-5A3191C4DD10}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-23 07:26
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05.2019
Ran by Cyrus (29-05-2019 07:41:49)
Running from C:\Users\Cyrus\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-04 14:34:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-159908599-3065275909-1581543870-500 - Administrator - Disabled)
Cyrus (S-1-5-21-159908599-3065275909-1581543870-1000 - Administrator - Enabled) => C:\Users\Cyrus
Gast (S-1-5-21-159908599-3065275909-1581543870-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-159908599-3065275909-1581543870-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510gm_Help (HKLM-x32\...\{DF0B357C-5874-47D0-81E7-79AA890B0CE0}) (Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (HKLM-x32\...\{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (HKLM-x32\...\{28379381-B56A-43e1-B505-3098D82B1C30}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.131 - De auteurs van Avast Secure Browser)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 73.4.118 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM\...\{A4BC9C54-4589-3A4C-8217-9FA00262F471}) (Version: 74.0.3729.169 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP HotKey Support (HKLM\...\{9228F4A5-2722-417B-93F6-30B9228D5ACE}) (Version: 4.0.20.1 - Hewlett-Packard Company)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Wireless Assistant (HKLM\...\{3CDD2624-0D79-4FEB-8580-F873C2DD5C8F}) (Version: 4.0.10.0 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.3 - Intel)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mouse Driver (HKLM-x32\...\{55BFC356-5A7B-482F-A213-9ACFDDFF6037}) (Version: 5.1 - Driver Builder) Hidden
Mouse Driver (HKLM-x32\...\InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}) (Version: 5.1 - Driver Builder)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 59.0.2 (x64 nl)) (Version: 59.0.2 - Mozilla)
Mozilla Firefox 67.0 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0 (x64 en-US)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.550.000 - Hewlett-Packard) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{9C4CE297-775F-4579-80E5-2DF06E554998}) (Version: 4.16.9790 - Apache Software Foundation)
ProtonVPN (HKLM-x32\...\{2F7C9F34-7064-4637-8CCA-A7BA72E88257}) (Version: 1.8.1 - ProtonVPN AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.8.1) (Version: 1.8.1 - ProtonVPN AG)
ProtonVPNTap (HKLM-x32\...\{C23BCE3A-FD25-48BA-948E-2CE94576F983}) (Version: 1.0.1 - ProtonVPN AG)
Qualcomm Gobi 2000 Package for HP (HKLM-x32\...\{5A771AE0-513F-4EC5-AB09-A7D3D22A2E20}) (Version: 1.1.240 - QUALCOMM)
RAPID Mode (HKLM\...\{4B94C023-022A-4271-A1D6-744ABE74D220}) (Version: 1.0.0.97 - Samsung Electronics Co., Ltd.) Hidden
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0028 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype versie 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
Software voor Intel« Chipset-apparaten (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.6.2 - Synaptics Incorporated)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WordWeb (HKLM-x32\...\WordWeb) (Version: 8 - WordWeb Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-21] (AVAST Software s.r.o. -> AVAST Software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Cyrus\Documents\Computer Related\TeraStorage Content\HDD\Software\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader

==================== Loaded Modules (Whitelisted) ==============

2007-03-29 12:17 - 2007-03-29 12:17 - 000106496 _____ () [File not signed] C:\Program Files (x86)\Mouse Driver\keydll.dll
2008-06-16 09:06 - 2008-06-16 09:06 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Mouse Driver\MouseHook.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 000217887 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\liblzo2-2.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 000119167 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libpkcs11-helper-1.dll
2019-04-08 12:58 - 2019-04-08 12:58 - 000152064 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\SplitTunnel.dll
2019-04-24 09:54 - 2019-04-24 09:54 - 000483328 _____ () [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\IPFilter.dll
2014-11-07 12:01 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLMAT.DLL
2014-11-08 20:59 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2009-09-08 11:51 - 2009-09-08 11:51 - 001037824 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2011-07-06 19:15 - 2011-07-06 19:15 - 000006144 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\nl\HandlersStrings.resources.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-03-26 13:07 - 2018-03-26 13:07 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 003028053 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libcrypto-1_1-x64.dll
2018-09-07 08:27 - 2018-09-07 08:27 - 000625540 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libssl-1_1-x64.dll
2008-06-14 01:02 - 2008-06-14 01:02 - 000397312 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMConfig.exe
2009-08-31 22:46 - 2009-08-31 22:46 - 000339456 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMProcess.exe
2009-08-31 22:00 - 2009-08-31 22:00 - 001821184 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe
2008-05-30 01:22 - 2008-05-30 01:22 - 000212992 _____ (UASSOFT.COM) [File not signed] C:\Program Files (x86)\Mouse Driver\StartAutorun.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-159908599-3065275909-1581543870-1000\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-12 09:31 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-159908599-3065275909-1581543870-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cyrus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.8.8.1 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Users^Cyrus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1418291703
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\cyrus\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\Cyrus\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Cyrus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{569FDDEF-0693-4F09-993E-DB5B1E290514}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{73F81A71-368E-4D17-8F38-9422F5849298}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{980955A3-F652-4128-B050-C18885B1122B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C22DCA9-42BC-4F21-A5A7-2C6D058FC4CB}] => (Allow) LPort=2869
FirewallRules: [{2C25CC3A-0422-46EC-80DB-178F33FCDB30}] => (Allow) LPort=1900
FirewallRules: [{C07F1EF7-B836-4DD7-BE98-CC9C48C93F5E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{28014E82-36D1-4F85-82A2-BAE154156C62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5521461-FC71-4AF2-8D57-39AD5C13D875}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F77BF90D-D289-4CC8-8209-138A512FE4C3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54DBBED2-AF1F-494B-8D01-99709787C93E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{73A458BC-C43D-4ED2-9A9B-6296FA48A063}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3264EF01-4705-41C6-BDCE-B1BED3A2CFE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8383E246-BB53-410F-A8FF-41AEB5117EC1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{619D9358-D4FA-42E6-9864-434230188BDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{1FC884A0-B71B-4681-8574-AD30C9AAB0A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{3C4DC82A-D960-4E34-9D68-AD0558E1ADF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{E0C80B07-0FDF-4DF5-8FE6-C8ABB4F5DFB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{15ED25EB-A017-4877-9173-41385F80448E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{5C3A2329-3328-4902-BD66-FA82D5A747EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A15205D7-7195-4B1B-A249-27B8171D625A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{70C80621-B38F-4967-ABFF-E6E2C61C4641}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{6C641011-60E4-4F45-B0AE-2EFCCF5E7424}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{EC8377E4-47E2-4006-98DA-C564025D9279}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{73AE650F-7676-402C-AC19-1990FF4C53BC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{34B58788-10B3-4A83-BF0A-A3EF050E58D7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E35ECDA6-7594-431C-8CDD-A8E3191417A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5268C0BB-27E4-49FE-BAAD-85D10B83CD96}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{580A08A0-8341-4D5E-A045-04A42118D6C9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88F6F78F-2D0D-4DC3-B355-F00EDB5B52C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{771C0037-F1A4-457A-B0A2-2E6DF31538A1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{62B50338-33CE-4B27-B4E2-F4D5538A6DC9}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

26-05-2019 05:20:05 Removed Avast Driver Updater
26-05-2019 05:30:21 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2019 07:28:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/29/2019 06:35:17 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/29/2019 06:28:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/29/2019 06:25:23 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/29/2019 04:27:48 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/29/2019 04:17:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (05/28/2019 10:30:32 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.

Error: (05/28/2019 10:28:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. De opgegeven account bestaat al.


System errors:
=============
Error: (05/29/2019 06:52:41 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: De volgende melding van een onherstelbare fout is ontvangen: 20.

Error: (05/29/2019 04:18:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.

Error: (05/28/2019 08:56:17 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {682159D9-C321-47CA-B3F1-30E36B2EC8B9} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (05/28/2019 05:40:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart:
Het laden van het stuurprogramma wordt geblokkeerd

Error: (05/28/2019 05:40:11 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Cyrus\AppData\Local\Temp\ehdrv.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma.

Error: (05/28/2019 05:40:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart:
Het laden van het stuurprogramma wordt geblokkeerd

Error: (05/28/2019 05:40:10 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Cyrus\AppData\Local\Temp\ehdrv.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma.

Error: (05/28/2019 05:40:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart:
Het laden van het stuurprogramma wordt geblokkeerd


Windows Defender:
===================================
Date: 2016-05-16 08:50:45.059
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{8A867E39-979C-4C59-BF21-55784EFA4E98}
Type scan:AntiSpyware
Scanparameters:Volledige scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-05-16 08:44:49.677
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{ADE4CCC2-68E5-4F81-9E40-22F7C8579CB8}
Type scan:AntiSpyware
Scanparameters:Snelle scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-03-12 07:09:32.320
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id:{0293D302-2EB0-4131-8C38-F26E77D309B2}
Type scan:AntiSpyware
Scanparameters:Volledige scan
Gebruiker:Cyrus-PC\Cyrus

Date: 2016-01-31 12:51:50.871
Description:
Windows Defender heeft spyware en andere mogelijk ongewenste software aangetroffen.
Zie voor meer informatie:
SoftwareBundler:Win32/Dowadmin threat description - Microsoft Security Intelligence
Naam:SoftwareBundler:Win32/Dowadmin
Id:223436
Ernst:Hoog
Categorie:Installatieprogramma
Gevonden pad:file:F:\Software\Downloaded Various Programs\FreeYouTubeDownloaderTR.exe
Type detectie:Concreet
Detectiebron:Gebruiker
Status:Onbekend
Gebruiker:Cyrus-PC\Cyrus
Procesnaam:C:\Program Files\Windows Defender\MSASCui.exe

Date: 2016-01-02 06:50:03.117
Description:
Windows Defender heeft spyware en andere mogelijk ongewenste software aangetroffen.
Zie voor meer informatie:
SoftwareBundler:Win32/Howovi threat description - Microsoft Security Intelligence
Naam:SoftwareBundler:Win32/Howovi
Id:224713
Ernst:Hoog
Categorie:Installatieprogramma
Gevonden pad:file:C:\Users\Cyrus\AppData\Local\Temp\fyd930C.tmp.exe;file:C:\Users\Cyrus\AppData\Local\Temp\is-EI014.tmp\fyd930C.tmp.tmp;file:C:\Users\Cyrus\AppData\Local\Temp\is-UUPGI.tmp\fyd930C.tmp.tmp;file:C:\Users\Cyrus\Downloads\Various Program Downloads\FreeYouTubeDownloader.exe;process:pid:1496;process:pid:2344;process:pid:5412;process:pid:5720;process:pid:7004
Type detectie:Concreet
Detectiebron:Real-timebeveiliging
Status:Onbekend
Gebruiker:\
Procesnaam:

CodeIntegrity:
===================================

Date: 2016-08-31 07:50:20.247
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 07:50:20.122
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 04:01:34.574
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-31 04:01:34.450
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-30 07:24:32.637
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-30 07:24:32.496
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-29 07:58:14.886
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-08-29 07:58:14.746
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68CDE Ver. F.03 10/04/2010
Motherboard: Hewlett-Packard 1471
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 95%
Total physical RAM: 3951.43 MB
Available physical RAM: 175.54 MB
Total Virtual: 7901.04 MB
Available Virtual: 1690.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230.78 GB) (Free:15.22 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32

\\?\Volume{b920a8a3-642e-11e4-b689-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 1F47195E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================
Freeman 74 is offline  
Old 05-29-2019, 02:20 PM   #17
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi,

If all is well:

Uninstall FRST
  • Right-click on Frst.exe/Frst64.exe and select Rename
  • Rename the file to Uninstall.exe
  • Double-click on Uninstall.exe to uninstall FRST

Feel free to delete any other tools we used in the cleanup process.
----------------------------------------------------
Some tips to keep your computer safe on the Internet

Make sure to use strong passwords. There are password managers (for example, Bitwarden) that can help you use secure passwords, and keep track of them.

How to create a strong password
----------------------------------------------------
Keeping software up-to-date is important as well. Programs such as UCheck or Heimdal Free can help keep software on your computer up-to-date.

To keep your operating system up-to-date, make sure that Windows Update is enabled on your computer.
----------------------------------------------------
Here are some articles about how to keep your computer safe on the internet -

Simple and easy ways to keep your computer safe and secure on the Internet - by Lawrence Abrams

Answers to common security questions - Best Practices - by quietman7

COMPUTER SECURITY - a short guide to staying safer online - Malware Removal

PC Safety and Security - What Do I Need? - Tech Support Forum
----------------------------------------------------

Safe surfing
Freeman 74 likes this.
__________________
Proud member of UNITE
iMacg3 is offline  
Old 05-29-2019, 10:58 PM   #18
Registered Member
 
Freeman 74's Avatar
 
Join Date: Dec 2008
Location: North West Europe
Posts: 37
OS: Windows 7 Professional Service Pack 1 (X64)



Hello iMacg3,

Thank you ever so much for your invaluable help!
I greatly appreciate your guidance in cleaning and securing my computer and thereby easing my mind.
Fortunately it seems the mail was a scam but nonetheless, better safe than sorry.
I will take your advice and guidelines to heart in order to stay on the safe side!
Will look into making a contribution to support the fabulous work people such as yourself do on the Tech Support Forum.
Thanks again!
Freeman 74 is offline  
Old 05-30-2019, 03:14 PM   #19
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Glad we could help.

It appears that this issue is resolved, therefore this topic is closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

https://www.techsupportforum.com/for...ns-305963.html
__________________
Proud member of UNITE
iMacg3 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Exchange server and ATT's new SMTP settings
ATT (our ISP) has changed their email settings to different ports and SMTP server name. Also has added SSL encription. Can any of this be done in Exchange? What can we do to get our outgoing email back? Thanks.
jda71 Networking Support 6 04-04-2009 10:43 PM
i worm attck v122.02a balloon and pop-ups
Hi - never done this before so sincere apologies if this isn't the done way... For some reason I keep getting a balloon thing at the bottom of my page that tells me that I have a virus (i worm attck v122.02a) When I follow the link it takes me to sites that offer to get rid of the spyware on my...
altylad Resolved HJT Threads 12 08-18-2006 01:18 AM
vroomsearch popup problem
Hello, I'm having some problems that I hope someone can help me with... I keep getting this vroomsearch.com popups, and my memory is getting used up and slowing my computer way down. I have Spywareblaster and Spywareguare, but apparently something has gotten through. PandaActive Scan found 2...
dragonballfan Resolved HJT Threads 34 05-27-2005 12:31 PM
Spyware???
I'm new to this, so bear with me.... I installed a logitech camera a few days back and, in order to be able to receive audio stream in MSN messenger, I had to open up a range of ports in my router. Since then I have been experiencing many problems with my computer. It has been running slow, and...
Trinket Resolved HJT Threads 6 11-08-2004 02:47 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 08:00 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts