Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 23.09.2018 Gestart door Daniel (25-09-2018 10:54:14) Run:1 Gestart vanaf C:\Users\Daniel\Desktop Geladen Profielen: Daniel (Beschikbare Profielen: Daniel) Boot Modus: Normal ============================================== fixlist inhoud: ***************** CreateRestorePoint: S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X] S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X] S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X] 2018-09-24 09:38 - 2015-03-18 19:56 - 000000000 ____D C:\ProgramData\AVAST Software 2018-09-24 09:35 - 2015-03-18 19:32 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-09-24 09:29 - 2018-08-17 18:00 - 000000000 ____D C:\ProgramData\Lavasoft 2018-09-23 15:23 - 2018-04-03 20:39 - 000000000 ____D C:\Users\Daniel\AppData\Local\AVAST Software 2018-09-22 18:57 - 2018-05-22 08:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1-x32: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> Geen bestand ContextMenuHandlers2: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> Geen bestand ContextMenuHandlers6: [LavasoftShellExt] -> {DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll -> Geen bestand Task: {050FE8C2-B4CC-4CDB-8E2E-B7AB4978A515} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {09C8A3FF-3AEA-469D-B517-BC082FF2FE3E} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {1188C58B-656C-4B45-BF18-AD1CAA40E8A4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {1DA98550-1094-4A0E-89DA-1BAEED8DD3EB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {1ED23C45-D0D7-4630-9049-04C08AF8FB3C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {52BC04E7-CBB8-4A60-B922-41EB079B4377} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {595D1193-BDE3-4C83-B72F-3C2B574C3B64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {65AC2020-8CA6-4989-8219-1A1F994876AF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {6BDC51AC-B718-4783-918E-ED5876398D02} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-09-15] (AVAST Software) Task: {B3E0888C-B477-4ADA-85C8-53B05273D467} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {BF4C3359-7ABA-43CE-B1C8-9E34A66533F1} - \WPD\SqmUpload_S-1-5-21-1920425677-984040942-504853956-1001 -> Geen bestand <==== AANDACHT Task: {CE03D1AB-0081-43D3-B330-646F8984D6AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {D601517C-3D64-4BFF-B3E6-9B0C69060ACB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {EBB701EA-C9B5-43A8-8759-9ED140BB1442} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {F9388FCD-0C16-4C38-974F-1CE6EBB6D5AF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {FA45837A-E674-4616-B0EC-427B86181B04} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {FE621BA3-8871-4E7B-8890-69F9133024D5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" FirewallRules: [{9AA4FB09-6FA6-4A23-8339-C3B1F49A3FD6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{7E4B837A-1EE7-4D4B-9F60-72521C8F67A7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{85C9FF42-F2E5-4296-8E94-9A197431C9DC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{F18E7206-B1E4-4857-B8A4-FA27068B91FC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe EmptyTemp: ***************** Herstelpunt is succesvol gemaakt. "HKLM\System\CurrentControlSet\Services\avast" => is succesvol verwijderd avast => dienst is succesvol verwijderd "HKLM\System\CurrentControlSet\Services\avastm" => is succesvol verwijderd avastm => dienst is succesvol verwijderd "HKLM\System\CurrentControlSet\Services\Lavasoft Kernexplorer" => is succesvol verwijderd Lavasoft Kernexplorer => dienst is succesvol verwijderd C:\ProgramData\AVAST Software => is succesvol verplaatst C:\ProgramData\Malwarebytes => is succesvol verplaatst C:\ProgramData\Lavasoft => is succesvol verplaatst C:\Users\Daniel\AppData\Local\AVAST Software => is succesvol verplaatst C:\WINDOWS\System32\Tasks\AVAST Software => is succesvol verplaatst "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => is succesvol verwijderd HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => niet gevonden "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => is succesvol verwijderd HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => niet gevonden "HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\LavasoftShellExt" => is succesvol verwijderd HKLM\Software\Wow6432Node\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => niet gevonden "HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\LavasoftShellExt" => is succesvol verwijderd "HKLM\Software\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F}" => is succesvol verwijderd "HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\LavasoftShellExt" => is succesvol verwijderd HKLM\Software\Classes\CLSID\{DCE027F7-16A4-4BEE-9BE7-74F80EE3738F} => niet gevonden "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{050FE8C2-B4CC-4CDB-8E2E-B7AB4978A515}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{050FE8C2-B4CC-4CDB-8E2E-B7AB4978A515}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09C8A3FF-3AEA-469D-B517-BC082FF2FE3E}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09C8A3FF-3AEA-469D-B517-BC082FF2FE3E}" => is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => niet gevonden "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1188C58B-656C-4B45-BF18-AD1CAA40E8A4}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1188C58B-656C-4B45-BF18-AD1CAA40E8A4}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DA98550-1094-4A0E-89DA-1BAEED8DD3EB}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DA98550-1094-4A0E-89DA-1BAEED8DD3EB}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1ED23C45-D0D7-4630-9049-04C08AF8FB3C}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ED23C45-D0D7-4630-9049-04C08AF8FB3C}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore => is succesvol verplaatst "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52BC04E7-CBB8-4A60-B922-41EB079B4377}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52BC04E7-CBB8-4A60-B922-41EB079B4377}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{595D1193-BDE3-4C83-B72F-3C2B574C3B64}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{595D1193-BDE3-4C83-B72F-3C2B574C3B64}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65AC2020-8CA6-4989-8219-1A1F994876AF}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65AC2020-8CA6-4989-8219-1A1F994876AF}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA => is succesvol verplaatst "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6BDC51AC-B718-4783-918E-ED5876398D02}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BDC51AC-B718-4783-918E-ED5876398D02}" => is succesvol verwijderd "C:\WINDOWS\System32\Tasks\Avast Software\Overseer" => niet gevonden "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3E0888C-B477-4ADA-85C8-53B05273D467}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3E0888C-B477-4ADA-85C8-53B05273D467}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF4C3359-7ABA-43CE-B1C8-9E34A66533F1}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF4C3359-7ABA-43CE-B1C8-9E34A66533F1}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1920425677-984040942-504853956-1001" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CE03D1AB-0081-43D3-B330-646F8984D6AD}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE03D1AB-0081-43D3-B330-646F8984D6AD}" => is succesvol verwijderd "C:\WINDOWS\System32\Tasks\AVAST Software\Avast settings backup" => niet gevonden "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D601517C-3D64-4BFF-B3E6-9B0C69060ACB}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D601517C-3D64-4BFF-B3E6-9B0C69060ACB}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EBB701EA-C9B5-43A8-8759-9ED140BB1442}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBB701EA-C9B5-43A8-8759-9ED140BB1442}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9388FCD-0C16-4C38-974F-1CE6EBB6D5AF}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9388FCD-0C16-4C38-974F-1CE6EBB6D5AF}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA45837A-E674-4616-B0EC-427B86181B04}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA45837A-E674-4616-B0EC-427B86181B04}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE621BA3-8871-4E7B-8890-69F9133024D5}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE621BA3-8871-4E7B-8890-69F9133024D5}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => is succesvol verwijderd "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService" => is succesvol verwijderd "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AA4FB09-6FA6-4A23-8339-C3B1F49A3FD6}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E4B837A-1EE7-4D4B-9F60-72521C8F67A7}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85C9FF42-F2E5-4296-8E94-9A197431C9DC}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F18E7206-B1E4-4857-B8A4-FA27068B91FC}" => is succesvol verwijderd =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 180598947 B Java, Flash, Steam htmlcache => 506 B Windows/system/drivers => 115918895 B Edge => 4568064 B Chrome => 424587800 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 74092 B LocalService => 0 B NetworkService => 36028 B NetworkService => 0 B