Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 06-11-2022
Gestart door Etienne (08-11-2022 22:46:34) Run:1
Gestart vanaf C:\Users\Etienne\Desktop
Geladen Profielen: komem & Etienne & Administrator Spare
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll -> Geen bestand
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll -> Geen bestand
FirewallRules: [{CDD91BE7-0DEB-43E6-BE16-9B82AA8335C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Geen bestand
FirewallRules: [{4A26EBF4-1442-47C4-93E7-7F91063232BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Geen bestand
FirewallRules: [TCP Query User{0459DF95-E276-4F8E-B00D-91E6A0DB14D8}C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe => Geen bestand
FirewallRules: [UDP Query User{0BD9B2BE-8415-4C18-AF3D-21C6CFB6362D}C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe => Geen bestand
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Geen bestand)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT
GroupPolicy: Restrictie ? <==== AANDACHT
Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT
Task: {A0452BDD-991A-46A5-87A4-284223C13A19} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Etienne\Downloads\esetonlinescanner.exe SCHED (Geen bestand)
Task: {B8C45A1D-E134-433F-A1DB-29138BEBB597} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Etienne\Downloads\esetonlinescanner.exe LOGON (Geen bestand)
Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden]
Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden]
Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden]
Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => niet gevonden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => niet gevonden
U1 aswbdisk; geen ImagePath
U3 avgbdisk; geen ImagePath
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
2022-10-18 11:38 - 2022-10-18 11:38 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2022-10-18 11:36 - 2022-10-18 11:50 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-18 11:36 - 2022-10-18 11:36 - 000268488 _____ (AVAST Software) C:\Users\Etienne\Downloads\avast_free_antivirus_setup_online.exe
2022-10-18 11:28 - 2022-10-18 11:28 - 000000000 ____D C:\Program Files (x86)\AVG
2022-10-18 11:26 - 2022-10-18 11:50 - 000000000 ____D C:\ProgramData\AVG
2022-10-18 11:26 - 2022-10-18 11:26 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Etienne\Downloads\avg_antivirus_free_setup.exe
EmptyTemp:
Reboot:
End::
*****************

Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19C3AB22-3718-4E4D-B203-242F5001565B}\\SystemComponent" => is succesvol verwijderd
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}\\SystemComponent" => is succesvol verwijderd
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ExpressZip => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{8EEA165E-0B8B-4BA7-9796-50214C767171} => is succesvol verwijderd
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ExpressZip => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CDD91BE7-0DEB-43E6-BE16-9B82AA8335C6}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A26EBF4-1442-47C4-93E7-7F91063232BC}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0459DF95-E276-4F8E-B00D-91E6A0DB14D8}C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0BD9B2BE-8415-4C18-AF3D-21C6CFB6362D}C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe" => is succesvol verwijderd
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TeamsMachineUninstallerProgramData" => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => waarde met succes hersteld
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => waarde met succes hersteld
C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst
C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\ProgramData\NTUSER.pol => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0452BDD-991A-46A5-87A4-284223C13A19}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0452BDD-991A-46A5-87A4-284223C13A19}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8C45A1D-E134-433F-A1DB-29138BEBB597}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8C45A1D-E134-433F-A1DB-29138BEBB597}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => is succesvol verwijderd
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => is succesvol verwijderd
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => is succesvol verwijderd
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => is succesvol verwijderd
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => is succesvol verwijderd
"HKLM\Software\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => is succesvol verwijderd
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\aswbdisk => is succesvol verwijderd
aswbdisk => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\avgbdisk => is succesvol verwijderd
avgbdisk => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\EuGdiDrv => is succesvol verwijderd
EuGdiDrv => service is succesvol verwijderd
C:\Program Files (x86)\AVAST Software => is succesvol verplaatst
C:\ProgramData\Avast Software => is succesvol verplaatst
C:\Users\Etienne\Downloads\avast_free_antivirus_setup_online.exe => is succesvol verplaatst
C:\Program Files (x86)\AVG => is succesvol verplaatst
C:\ProgramData\AVG => is succesvol verplaatst
C:\Users\Etienne\Downloads\avg_antivirus_free_setup.exe => is succesvol verplaatst

=========== EmptyTemp: ==========

FlushDNS => voltooid
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12785842 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 128895493 B
Edge => 0 B
Chrome => 347622620 B
Brave => 159744 B
Firefox => 0 B
Opera => 5085005 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 16130 B
systemprofile32 => 17221 B
LocalService => 54973 B
NetworkService => 65745 B
komem => 65745 B
Etienne => 158596077 B
Administrator Spare => 159442013 B

RecycleBin => 221905629 B
EmptyTemp: => 988 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Einde van Fixlog 22:47:09 ====