Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 09-09-2024 Gestart door tanju (12-09-2024 11:44:58) Run:1 Gestart vanaf C:\Users\tanju\Desktop Geladen Profielen: tanju Boot Modus: Normal ============================================== fixlist inhoud: ***************** start:: CreateRestorePoint: CloseProcesses: HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKU\S-1-5-21-3137216763-3384046345-3396708815-1001\...\Run: [AF_uuid_2139460] => 8eda149a-45af-415a-8c72-2b67f7e0b5d0 (Geen bestand) HKU\S-1-5-21-3137216763-3384046345-3396708815-1001\...\Run: [AF_counter_2139460] => 4 (Geen bestand) HKU\S-1-5-21-3137216763-3384046345-3396708815-1001\...\MountPoints2: {4796870b-f558-11ed-9946-24ee9a87a6f8} - "G:\setup.exe" HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT Task: {0F78F180-CFFC-462F-BE87-8FDBACEC71D8} - \PCIeBus -> Geen bestand <==== AANDACHT Task: {D95FA2E6-37D6-4CF5-B0D9-4F5A76111C18} - \PCIeBusQueue -> Geen bestand <==== AANDACHT Task: {1B68BB1B-9E7C-45EA-B29A-950064E4C92F} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Geen bestand) Task: {7558F645-8CC1-4053-BAE9-F70E26D3E0CA} - System32\Tasks\AvastBrowserProtectS-1-5-21-3137216763-3384046345-3396708815-1001 => C:\Users\tanju\AppData\Local\Avast Software\Browser\Application\AvastBrowserProtect.exe --runonce (Geen bestand) S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X] S3 NEProtect; \??\D:\Program Files (x86)\Steam\steamapps\common\Once Human\NEProtect.sys [X] FW: Norton 360 (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB} CustomCLSID: HKU\S-1-5-21-3137216763-3384046345-3396708815-1001_Classes\CLSID\{10564456-C142-4E56-9531-06CCCA12F812}\InprocServer32 -> C:\Users\tanju\AppData\Local\AVAST Software\Browser\Update\1.8.1653.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3137216763-3384046345-3396708815-1001_Classes\CLSID\{167FD956-39C3-374C-927A-1D3C47CB6663}\InprocServer32 -> C:\Users\tanju\AppData\Local\AVAST Software\Browser\Update\1.8.1653.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3137216763-3384046345-3396708815-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\tanju\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Geen bestand AlternateDataStreams: C:\Users\tanju\Application Data:a4f3a4460331e5db92483d18f7474c91 [394] AlternateDataStreams: C:\Users\tanju\Desktop\FRST64 (1).exe:MBAM.Zone.Identifier [193] AlternateDataStreams: C:\Users\tanju\AppData\Roaming:a4f3a4460331e5db92483d18f7474c91 [394] FirewallRules: [{CD3437D9-A134-4576-B549-9D05B4BAF368}] => (Allow) C:\Users\tanju\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe => Geen bestand FirewallRules: [TCP Query User{03874290-3F9D-42E6-9136-57B253D0E592}C:\users\tanju\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tanju\appdata\local\microsoft\teams\current\teams.exe => Geen bestand FirewallRules: [UDP Query User{226B3D98-AF84-4F1F-BA88-E5081554C6DA}C:\users\tanju\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tanju\appdata\local\microsoft\teams\current\teams.exe => Geen bestand FirewallRules: [{3963D88F-8BA7-420B-B221-892326F43793}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Geen bestand FirewallRules: [{A961BEF3-8E08-47CA-BD87-93C5E791BF00}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Geen bestand FirewallRules: [TCP Query User{5ED4E55D-6F40-4D0A-8F45-70823D13FA14}E:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Geen bestand FirewallRules: [UDP Query User{E279A3C8-BAC9-45D3-83EC-1647F9AA6766}E:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Block) E:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe => Geen bestand FirewallRules: [{4408C7CB-875E-4779-AF74-6A9B9BEEB926}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Geen bestand FirewallRules: [{77C7AA1B-C4B0-4446-864A-4EAF133A437C}] => (Allow) E:\Games\Red Dead Redemption 2\RDR2.exe => Geen bestand FirewallRules: [{4CAE2F3A-F36E-4000-8DE1-75F348680602}] => (Allow) C:\Users\tanju\AppData\Roaming\uTorrent\uTorrent.exe => Geen bestand FirewallRules: [{E2F8099E-E5D8-4547-96DB-8AB38D429902}] => (Allow) C:\Users\tanju\AppData\Roaming\uTorrent\uTorrent.exe => Geen bestand Hosts: EmptyTemp: End:: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => waarde met succes hersteld HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => waarde met succes hersteld "HKU\S-1-5-21-3137216763-3384046345-3396708815-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AF_uuid_2139460" => is succesvol verwijderd "HKU\S-1-5-21-3137216763-3384046345-3396708815-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AF_counter_2139460" => is succesvol verwijderd HKU\S-1-5-21-3137216763-3384046345-3396708815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4796870b-f558-11ed-9946-24ee9a87a6f8} => is succesvol verwijderd HKLM\SOFTWARE\Policies\Mozilla => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F78F180-CFFC-462F-BE87-8FDBACEC71D8}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F78F180-CFFC-462F-BE87-8FDBACEC71D8}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCIeBus" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D95FA2E6-37D6-4CF5-B0D9-4F5A76111C18}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D95FA2E6-37D6-4CF5-B0D9-4F5A76111C18}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCIeBusQueue" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B68BB1B-9E7C-45EA-B29A-950064E4C92F}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B68BB1B-9E7C-45EA-B29A-950064E4C92F}" => is succesvol verwijderd C:\Windows\System32\Tasks\ASUS\P508PowerAgent_sdk => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\P508PowerAgent_sdk" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7558F645-8CC1-4053-BAE9-F70E26D3E0CA}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7558F645-8CC1-4053-BAE9-F70E26D3E0CA}" => is succesvol verwijderd C:\Windows\System32\Tasks\AvastBrowserProtectS-1-5-21-3137216763-3384046345-3396708815-1001 => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastBrowserProtectS-1-5-21-3137216763-3384046345-3396708815-1001" => is succesvol verwijderd HKLM\System\CurrentControlSet\Services\EAAntiCheat => is succesvol verwijderd EAAntiCheat => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\NEProtect => is succesvol verwijderd NEProtect => service is succesvol verwijderd "FW: Norton 360 (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}" => is succesvol verwijderd HKU\S-1-5-21-3137216763-3384046345-3396708815-1001_Classes\CLSID\{10564456-C142-4E56-9531-06CCCA12F812} => is succesvol verwijderd HKU\S-1-5-21-3137216763-3384046345-3396708815-1001_Classes\CLSID\{167FD956-39C3-374C-927A-1D3C47CB6663} => is succesvol verwijderd HKU\S-1-5-21-3137216763-3384046345-3396708815-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => is succesvol verwijderd C:\Users\tanju\Application Data => ":a4f3a4460331e5db92483d18f7474c91" ADS is succesvol verwijderd "C:\Users\tanju\Desktop\FRST64 (1).exe" => ":MBAM.Zone.Identifier" ADS niet gevonden. "C:\Users\tanju\AppData\Roaming" => ":a4f3a4460331e5db92483d18f7474c91" ADS niet gevonden. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD3437D9-A134-4576-B549-9D05B4BAF368}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03874290-3F9D-42E6-9136-57B253D0E592}C:\users\tanju\appdata\local\microsoft\teams\current\teams.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{226B3D98-AF84-4F1F-BA88-E5081554C6DA}C:\users\tanju\appdata\local\microsoft\teams\current\teams.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3963D88F-8BA7-420B-B221-892326F43793}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A961BEF3-8E08-47CA-BD87-93C5E791BF00}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5ED4E55D-6F40-4D0A-8F45-70823D13FA14}E:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E279A3C8-BAC9-45D3-83EC-1647F9AA6766}E:\program files (x86)\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4408C7CB-875E-4779-AF74-6A9B9BEEB926}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77C7AA1B-C4B0-4446-864A-4EAF133A437C}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CAE2F3A-F36E-4000-8DE1-75F348680602}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F8099E-E5D8-4547-96DB-8AB38D429902}" => is succesvol verwijderd C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst Hosts met succes hersteld. =========== EmptyTemp: ========== FlushDNS => voltooid BITS transfer queue => 2097152 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 172396756 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1175626989 B Windows/system/drivers => 105306407 B Edge => 0 B Chrome => 1885964369 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 15242 B systemprofile32 => 15242 B LocalService => 170408 B NetworkService => 170408 B tanju => 16153380930 B RecycleBin => 15278309077 B EmptyTemp: => 32.4 GB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 11:46:27 ====