start
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-4277049813-1552598357-2010247912-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F15D07A8-4720-43B9-BCEF-D3DBFD0797F6}&mid=c5199dec956047cc8fc34dfe4b0a0b68-f7ab2dea96f1d9a3848ab4e9a9a17d1bec830208&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0316avz&pr=fr&d=2016-03-11 07:34:57&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
R2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [445600 2016-01-28] (Optimal Software s.r.o.) <==== ATTENTION
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
C:\Program Files (x86)\PC Speed Up
2017-04-18 23:51 - 2017-04-18 23:51 - 00021770 _____ C:\Users\Danielle\Downloads\yx4WsANwDBCieLtuW7AkBqO_WoAmzyZT9LSITxpLWLuT9RUdg2ewf1YYBryq1WOuZJbAXRfrEltFm1y4J_nfgUZ6UlP9yMqV6gdjM1WLA38AYnl1TVPIsQN_QK+FlJfZ59DADkx_kwza0dh1FeXz98XtX5DK7nh1prOvR5UcovzGA4s90frclp16Y_a5+BUbNdGAXiwELMV9bY2Mx7XtJ7Gz.htm
2017-04-18 23:29 - 2017-04-18 23:29 - 00021773 _____ C:\Users\Danielle\Downloads\uaf6Iuzsm8zFNefZMI+ceZ0FlqlNCKdrpn_x7JyBLYvb3v+VTmlamD6mmHKzGpDExov5pzE3_97AieINSp8uZ4t5RMDEpzwFWp8Sqt1XFQx+_NBzDGGmWEAGxe07rWwPTUKmdzXUH8wtIYibXhDJp+d6luHjlavnt9RQq2agIhdQWAyEFNhPy+f2KKO3plyIsRWYhg1qbROq3BaKih5Xezx9.htm
2017-04-18 23:28 - 2017-04-18 23:28 - 00021769 _____ C:\Users\Danielle\Downloads\dP4heGBEdG9kpCH7ggXVOeE8w46JkD1Y2ooS5YJYP5z5v7W6zS_zedrkMbkpj2h9uhdu_jQ_CtSF1T8Tmo4lcJVLPvSpUdtSakgWx7xtQwT4baH6Nf0UlyHoUXfq+gr56KM4vg+a73I0Vaw8mXkjW7pjXecIe4ik7kWggJyMpOSPKipX2H6PLSUlA3sZHz_1R68b9vlbriMeXn7mL1LC5hl8.htm
Task: {047D90C6-D1A3-43FB-8937-1F16485AA3D2} - System32\Tasks\UDI_Regcleanup => reg 
Task: {610D0CD3-1FD8-4971-82EA-C750F883F445} - System32\Tasks\UDI_cleanup => cmd
Task: {C8ACF98E-57C1-44B2-AE5B-CBC44EA7B843} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe [2016-01-28] (Optimal Software s.r.o.) <==== ATTENTION
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== ATTENTION
ShortcutWithArgument: C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\The Sims FreePlay.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Danielle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safesurfs.net/?ssid=1472496541&a=1054667&src=sh&uuid=898637f4-5333-4709-b410-570652a43b5b"
Hosts:
Reboot:
end