Start:: CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT Startup: C:\Users\wilfr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent [2021-01-13] () <==== AANDACHT [nul byte bestand/map] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT Task: {C9A72B06-F138-43BA-B976-CBAAF53B2E81} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-09-14] <==== AANDACHT (Gericht op * .cfg bestand) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-09-14] <==== AANDACHT S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2019-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [195504 2019-07-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [195816 2019-07-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-07-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [79048 2019-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) <==== AANDACHT S3 AscFileControl; \??\C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\win10_amd64\AscFileControl.sys [X] Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden AV: Total AV (Enabled - Up to date) {B185458D-38B3-A010-10F7-3D378DAA6032} ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Geen bestand IE trusted site: HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\...\webcompanion.com -> hxxp://webcompanion.com HKLM\...\StartupApproved\Run: => "iSkysoft Helper Compact.exe" HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\...\StartupApproved\Run: => "Opera Browser Assistant" FirewallRules: [{ADD1FC44-7EBA-4E97-8D24-8D2F26F42D39}] => (Allow) C:\Users\wilfr\Downloads\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred) FirewallRules: [{82F7FD2D-F410-4BA5-A4F8-4F0244C26BDA}] => (Allow) C:\Users\wilfr\Downloads\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred) FirewallRules: [{1D72F827-96DC-4620-A3EB-FE2169FC22AE}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Geen bestand FirewallRules: [{7BD9D6EC-320C-4F9C-AF57-70FF7DCA3AD1}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Geen bestand FirewallRules: [{D80CEE0F-E115-4136-8F2C-475C34F452BC}] => (Allow) C:\Users\wilfr\AppData\Local\Programs\Opera\77.0.4054.90\opera.exe => Geen bestand FirewallRules: [{2C745D11-94FE-4A64-A301-16750D96F433}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe => Geen bestand FirewallRules: [{4F7085BE-3668-49D5-90BB-8BBAA7BAC14A}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe => Geen bestand hosts: EmptyTemp: Reboot: End::