Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 02.01.2018
Gestart door Patric (07-01-2018 15:08:22) Run:1
Gestart vanaf C:\Users\Patric\Desktop
Geladen Profielen: Patric (Beschikbare Profielen: Patric & UpdatusUser)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start
CreateRestorePoint:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} =>  -> Geen bestand
Task: {19B6D1BB-F1FB-490B-96CB-CC50DC4A27FB} - System32\Tasks\{C1641EAA-9862-41A8-89F8-003617048B0B} => C:\Windows\system32\pcalua.exe -a C:\Users\Patric\Downloads\WindowsPhone.exe -d C:\Users\Patric\Downloads
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
Task: {337438B7-1477-45D8-946F-68652F1EF9A6} - System32\Tasks\{F53C1370-A93B-4F0B-AB90-D36CC57CFD24} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {B8B3E95A-FB99-4B13-B098-B0D5ABC9BE85} - System32\Tasks\Driver Booster SkipUAC (Patric) => C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
C:\Program Files (x86)\IObit\Driver Booster
Task: {D563E44E-5F28-4EDC-BAB2-069DAF7A35AD} - System32\Tasks\{8B264623-B443-485E-BCBD-49A857D34C7B} => C:\Windows\system32\pcalua.exe -a "C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CA6R12C5\WindowsPhone.exe" -d C:\Users\Patric\Desktop
Task: {DE0F25A8-BF27-45CD-8D2B-BAEB86A72733} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp
2017-12-27 13:49 - 2017-12-27 13:49 - 000025704 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2017-12-27 13:49 - 2017-12-27 13:49 - 000017512 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000037480 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000110696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000100968 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000058984 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000337512 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000084072 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000040040 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2017-12-27 13:49 - 2017-12-27 13:49 - 000021096 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
C:\Program Files (x86)\Lavasoft
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [119]
AlternateDataStreams: C:\Users\Patric\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Patric\Desktop\Facebook.website:TASKICON_0news-1751121550 [2302]
AlternateDataStreams: C:\Users\Patric\Desktop\Facebook.website:TASKICON_1messages-431041656 [2302]
AlternateDataStreams: C:\Users\Patric\Desktop\Facebook.website:TASKICON_2events-250898981 [2302]
AlternateDataStreams: C:\Users\Patric\Desktop\Facebook.website:TASKICON_3friends-215113587 [2302]
AlternateDataStreams: C:\Users\Patric\Downloads\Nieuwe map:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Patric\Downloads\Passware Password Recovery Kit Enterprise v10.3.2585 incl serial:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news-1751121550 [2302]
AlternateDataStreams: C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-431041656 [2302]
AlternateDataStreams: C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-250898981 [2302]
AlternateDataStreams: C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends-215113587 [2302]
IE trusted site: HKU\S-1-5-21-523000165-1516823666-2951625117-1001\...\webcompanion.com -> hxxp://webcompanion.com
C:\Users\Patric\Downloads\esetsmartinstaller_enu.exe
HKU\S-1-5-21-523000165-1516823666-2951625117-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7704168 2017-12-27] (Lavasoft)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: linkscanner - Geen CLSID Waarde
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  Geen bestand
Handler: skype-ie-addon-data - Geen CLSID Waarde
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 RSUSBSTOR; System32\Drivers\RTS5121.sys [X]
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
U3 tmlwf; geen ImagePath
U3 tmwfp; geen ImagePath
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]
2017-12-27 13:50 - 2017-12-27 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-12-27 13:49 - 2017-12-27 13:49 - 000000000 ____D C:\ProgramData\Lavasoft
2017-12-27 13:49 - 2017-12-27 13:49 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-12-27 13:50 - 2017-12-27 13:50 - 000000000 ____D C:\Users\Patric\AppData\Roaming\Lavasoft
2017-12-27 13:50 - 2017-12-27 13:50 - 000000000 ____D C:\Users\Patric\AppData\Local\Lavasoft
2017-12-09 08:32 - 2017-10-16 12:16 - 000000000 ____D C:\Users\Patric\AppData\LocalLow\IObit
2017-12-09 08:32 - 2017-10-16 12:15 - 000000000 ____D C:\ProgramData\IObit
2017-12-07 14:18 - 2017-10-16 12:16 - 000000000 ____D C:\Users\Patric\AppData\Roaming\IObit
EmptyTemp:
end
*****************

Herstelpunt is succesvol gemaakt.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => sleutel niet gevonden
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} => sleutel niet gevonden
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19B6D1BB-F1FB-490B-96CB-CC50DC4A27FB} => kon niet worden verwijderd sleutel. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19B6D1BB-F1FB-490B-96CB-CC50DC4A27FB}" => is succesvol verwijderd
C:\Windows\System32\Tasks\{C1641EAA-9862-41A8-89F8-003617048B0B} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1641EAA-9862-41A8-89F8-003617048B0B}" => is succesvol verwijderd
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => sleutel niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{337438B7-1477-45D8-946F-68652F1EF9A6}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{337438B7-1477-45D8-946F-68652F1EF9A6}" => is succesvol verwijderd
C:\Windows\System32\Tasks\{F53C1370-A93B-4F0B-AB90-D36CC57CFD24} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F53C1370-A93B-4F0B-AB90-D36CC57CFD24}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8B3E95A-FB99-4B13-B098-B0D5ABC9BE85}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8B3E95A-FB99-4B13-B098-B0D5ABC9BE85}" => is succesvol verwijderd
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Patric) => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Patric)" => is succesvol verwijderd
"C:\Program Files (x86)\IObit\Driver Booster" => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D563E44E-5F28-4EDC-BAB2-069DAF7A35AD}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D563E44E-5F28-4EDC-BAB2-069DAF7A35AD}" => is succesvol verwijderd
C:\Windows\System32\Tasks\{8B264623-B443-485E-BCBD-49A857D34C7B} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8B264623-B443-485E-BCBD-49A857D34C7B}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE0F25A8-BF27-45CD-8D2B-BAEB86A72733}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE0F25A8-BF27-45CD-8D2B-BAEB86A72733}" => is succesvol verwijderd
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => is succesvol verwijderd
C:\Program Files (x86)\AVG\AVG PC TuneUp => is succesvol verplaatst
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll" => niet gevonden
"C:\Program Files (x86)\Lavasoft" => niet gevonden
C:\ProgramData\Temp => ":373E1720" ADS is succesvol verwijderd
C:\Users\Patric\Downloads => ":Shareaza.GUID" ADS kon niet worden verwijderd.
C:\Users\Patric\Desktop\Facebook.website => ":TASKICON_0news-1751121550" ADS is succesvol verwijderd
C:\Users\Patric\Desktop\Facebook.website => ":TASKICON_1messages-431041656" ADS is succesvol verwijderd
C:\Users\Patric\Desktop\Facebook.website => ":TASKICON_2events-250898981" ADS is succesvol verwijderd
C:\Users\Patric\Desktop\Facebook.website => ":TASKICON_3friends-215113587" ADS is succesvol verwijderd
C:\Users\Patric\Downloads\Nieuwe map => ":Shareaza.GUID" ADS is succesvol verwijderd
C:\Users\Patric\Downloads\Passware Password Recovery Kit Enterprise v10.3.2585 incl serial => ":Shareaza.GUID" ADS is succesvol verwijderd
C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_0news-1751121550" ADS is succesvol verwijderd
C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_1messages-431041656" ADS is succesvol verwijderd
C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_2events-250898981" ADS is succesvol verwijderd
C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website => ":TASKICON_3friends-215113587" ADS is succesvol verwijderd
"HKU\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => is succesvol verwijderd
C:\Users\Patric\Downloads\esetsmartinstaller_enu.exe => is succesvol verplaatst
"HKU\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => is succesvol verwijderd
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => is succesvol verwijderd
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => is succesvol verwijderd
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => is succesvol verwijderd
"HKLM\Software\Classes\PROTOCOLS\Handler\linkscanner" => is succesvol verwijderd
"HKLM\Software\Classes\PROTOCOLS\Handler\livecall" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => sleutel niet gevonden
"HKLM\Software\Classes\PROTOCOLS\Handler\msnim" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => sleutel niet gevonden
"HKLM\Software\Classes\PROTOCOLS\Handler\skype-ie-addon-data" => is succesvol verwijderd
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\belgiumeid@eid.belgium.be" => is succesvol verwijderd
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => is succesvol verwijderd
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => is succesvol verwijderd
"HKLM\System\CurrentControlSet\Services\MBAMSwissArmy" => is succesvol verwijderd
MBAMSwissArmy => dienst is succesvol verwijderd
"HKLM\System\CurrentControlSet\Services\RSUSBSTOR" => is succesvol verwijderd
RSUSBSTOR => dienst is succesvol verwijderd
"HKLM\System\CurrentControlSet\Services\Rts516xIR" => is succesvol verwijderd
Rts516xIR => dienst is succesvol verwijderd
"HKLM\System\CurrentControlSet\Services\tmlwf" => is succesvol verwijderd
tmlwf => dienst is succesvol verwijderd
"HKLM\System\CurrentControlSet\Services\tmwfp" => is succesvol verwijderd
tmwfp => dienst is succesvol verwijderd
"HKLM\System\CurrentControlSet\Services\USBCCID" => is succesvol verwijderd
USBCCID => dienst is succesvol verwijderd
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft => is succesvol verplaatst
"C:\ProgramData\Lavasoft" => niet gevonden
"C:\Program Files (x86)\Lavasoft" => niet gevonden
"C:\Users\Patric\AppData\Roaming\Lavasoft" => niet gevonden
"C:\Users\Patric\AppData\Local\Lavasoft" => niet gevonden
C:\Users\Patric\AppData\LocalLow\IObit => is succesvol verplaatst
C:\ProgramData\IObit => is succesvol verplaatst
C:\Users\Patric\AppData\Roaming\IObit => is succesvol verplaatst

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50941369 B
Java, Flash, Steam htmlcache => 1262 B
Windows/system/drivers => 7616071 B
Edge => 0 B
Chrome => 121856 B
Firefox => 15406810 B
Opera => 119808 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 5370341 B
systemprofile32 => 40257 B
LocalService => 33125 B
NetworkService => 33125 B
Patric => 355865219 B
UpdatusUser => 0 B

RecycleBin => 815610 B
EmptyTemp: => 424.1 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 15:11:09 ====