Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 29-06-2017 Gestart door MuYbJeN (29-06-2017 18:39:54) Run:1 Gestart vanaf G:\Farbar Geladen Profielen: MuYbJeN (Beschikbare Profielen: MuYbJeN & Gastaccount) Boot Modus: Normal ============================================== fixlist inhoud: ***************** start CreateRestorePoint: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT HKU\S-1-5-21-3029540024-671136415-2203755108-1001\...\CurrentVersion\Windows: [Load] C:\ProgramData\Microsoft.com <==== AANDACHT IFEO\AvastSvc.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\AvastUI.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\avgidsagent.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\avguard.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\avp.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\avscan.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\bdagent.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\ccuac.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\ComboFix.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\egui.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\hijackthis.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\instup.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\keyscrambler.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\mbam.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\mbampt.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\mbamscheduler.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\mbamservice.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\MpCmdRun.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\MsMpEng.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\rstrui.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\spybotsd.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\wireshark.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com IFEO\zlclient.exe: [Debugger] C:\WINDOWS\system32\Microsoft.com CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT CustomCLSID: HKU\S-1-5-21-3029540024-671136415-2203755108-1001_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B}\InprocServer32 -> {55289176-9468-D082-2001-59A485889A47} => Geen bestand Task: {03E31661-B16B-48E7-8228-8F4EB3620528} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {0B8CD1DB-CF75-4966-8F06-5B961008C0B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {3701D79F-7BF6-45F3-A86E-B3E0C4EF6BC9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {469B2E2A-5486-4EEA-9A31-B9E9D5968CC6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {6F638003-D6F8-43F5-A1A1-B41BE240A9C4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {75FCAD11-4D48-49AE-A59C-DE9C99EA8681} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {8DF3E0CC-FCC3-442E-97FC-C33632E93C81} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {A5ABF136-BD96-4BAA-99F3-8C5C3D6C65DF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {C63D5A6A-FA09-49C3-B814-ACA1410931C9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {E7F7E744-2F53-47FC-BCDD-E609586B504A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {EB21BDF6-4706-4AB5-9554-D58AE5FC4221} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Hosts: Reboot: end ***************** Herstelpunt is succesvol gemaakt. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => sleutel is succesvol verwijderd HKU\S-1-5-21-3029540024-671136415-2203755108-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => waarde is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastSvc.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AvastUI.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avgidsagent.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avguard.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avp.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avscan.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bdagent.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ccuac.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ComboFix.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\egui.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\hijackthis.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\instup.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\keyscrambler.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbampt.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rstrui.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\spybotsd.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe => sleutel is succesvol verwijderd HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlclient.exe => sleutel is succesvol verwijderd HKLM\SOFTWARE\Policies\Google => sleutel is succesvol verwijderd HKU\S-1-5-21-3029540024-671136415-2203755108-1001_Classes\CLSID\{994B47B9-7DB9-5058-EE22-08DD039ADC4B} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03E31661-B16B-48E7-8228-8F4EB3620528} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03E31661-B16B-48E7-8228-8F4EB3620528} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B8CD1DB-CF75-4966-8F06-5B961008C0B1} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B8CD1DB-CF75-4966-8F06-5B961008C0B1} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3701D79F-7BF6-45F3-A86E-B3E0C4EF6BC9} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3701D79F-7BF6-45F3-A86E-B3E0C4EF6BC9} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{469B2E2A-5486-4EEA-9A31-B9E9D5968CC6} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{469B2E2A-5486-4EEA-9A31-B9E9D5968CC6} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F638003-D6F8-43F5-A1A1-B41BE240A9C4} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F638003-D6F8-43F5-A1A1-B41BE240A9C4} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75FCAD11-4D48-49AE-A59C-DE9C99EA8681} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75FCAD11-4D48-49AE-A59C-DE9C99EA8681} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DF3E0CC-FCC3-442E-97FC-C33632E93C81} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DF3E0CC-FCC3-442E-97FC-C33632E93C81} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5ABF136-BD96-4BAA-99F3-8C5C3D6C65DF} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5ABF136-BD96-4BAA-99F3-8C5C3D6C65DF} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C63D5A6A-FA09-49C3-B814-ACA1410931C9} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C63D5A6A-FA09-49C3-B814-ACA1410931C9} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7F7E744-2F53-47FC-BCDD-E609586B504A} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7F7E744-2F53-47FC-BCDD-E609586B504A} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB21BDF6-4706-4AB5-9554-D58AE5FC4221} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB21BDF6-4706-4AB5-9554-D58AE5FC4221} => sleutel is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => sleutel is succesvol verwijderd C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst Hosts met succes hersteld. Het systeem moest herstart worden. ==== Eind van Fixlog 18:40:01 ====