Fix resultaat van Farbar Recovery Scan Tool (x86) Versie: 14.03.2018
Gestart door Herman (30-03-2018 11:12:33) Run:1
Gestart vanaf C:\Users\Herman\Desktop
Geladen Profielen: Herman & UpdatusUser (Beschikbare Profielen: Herman & UpdatusUser)
Boot Modus: Normal

==============================================

fixlist Inhoud:
*****************
start
CreateRestorePoint:
CustomCLSID: HKU\S-1-5-21-1719932567-3506215398-4039828936-1000_Classes\CLSID\{0358B920-0AC7-461F-98F4-58E32CD89148}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-1719932567-3506215398-4039828936-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32 -> geen bestandpad
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} =>  -> Geen bestand
Task: {3452D27C-5BD3-4482-A862-BC1817FB9963} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files\AVG\AVG PC TuneUp\tuscanx.exe
Task: {36A67A99-78B7-43A7-B222-AD5792092B24} - System32\Tasks\{25C208E2-4624-410A-A468-AA488A573A0B} => C:\Windows\system32\pcalua.exe -a C:\ProgramData\SharkManCoupon\SharkManCoupon.exe -c /progname=SharkManCoupon /progver=3.4.2 /progpub=SharkManCoupon /proguninstallurl=asdahjka.com /deleteappfolder=0 /deletefile1="C:\Users\Herman\AppData\RoamingappdataFr2.bin" /VERYSILENT
C:\Program Files\AVG
C:\ProgramData\SharkManCoupon
Task: {65166F5B-F896-4FDA-A39B-1284BC7C8BB5} - System32\Tasks\HermanLogjamFretworkV2 => rundll32.exe TabourAkvavits.dll,main 7 1 <==== AANDACHT
Task: {69ED3636-52F3-4B70-9490-69FB89A54FBB} - System32\Tasks\Driver Booster SkipUAC (Herman) => C:\Program Files\IObit\Driver Booster\4.2.0\DriverBooster.exe
C:\Program Files\IObit
Task: {7635CF57-F1C9-4695-8C2A-E04A836391A8} - System32\Tasks\{63FD4F34-9E64-4F28-BD0D-526C67F0CA9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Herman\Local Settings\Application Data\Bundled software uninstaller\biclient.exe" -c /affid uninstall /id uninstall /name "Bundled software uninstaller"
Task: {8B1EC6BF-CB97-43D1-82C9-C960AA8339FB} - System32\Tasks\{383BAAF0-F20D-4743-ADE8-C56A0656E988} => C:\Windows\system32\pcalua.exe -a C:\Users\Herman\Downloads\MP10Setup.exe -d C:\Users\Herman\Downloads
Task: {E3FAE97D-1DB4-4B5E-89C9-50457E682956} - \{5A180A8D-7E2C-94BE-2921-F994E5CA3D7F} -> Geen bestand <==== AANDACHT
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
FirewallRules: [TCP Query User{6A92BBD5-759A-435D-84EC-D5DC8D6DDB48}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{A26D3632-CB09-4A22-8223-7468464572CB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
C:\windows\kmsemulator.exe
FirewallRules: [{617A9FF6-FFA7-4378-907C-320966B03916}] => (Allow) C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{D4F3D6E7-D5D1-48F8-B612-B4E58C126FFE}] => (Allow) C:\Program Files\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
GroupPolicyUsers\S-1-5-21-1719932567-3506215398-4039828936-1001\User: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
SearchScopes: HKLM -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
EmptyTemp:
end
*****************

Herstelpunt is succesvol gemaakt.
"HKU\S-1-5-21-1719932567-3506215398-4039828936-1000_Classes\CLSID\{0358B920-0AC7-461F-98F4-58E32CD89148}" => is succesvol verwijderd
"HKU\S-1-5-21-1719932567-3506215398-4039828936-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}" => is succesvol verwijderd
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3452D27C-5BD3-4482-A862-BC1817FB9963}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3452D27C-5BD3-4482-A862-BC1817FB9963}" => is succesvol verwijderd
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36A67A99-78B7-43A7-B222-AD5792092B24}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36A67A99-78B7-43A7-B222-AD5792092B24}" => is succesvol verwijderd
C:\Windows\System32\Tasks\{25C208E2-4624-410A-A468-AA488A573A0B} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{25C208E2-4624-410A-A468-AA488A573A0B}" => is succesvol verwijderd
"C:\Program Files\AVG" => niet gevonden
"C:\ProgramData\SharkManCoupon" => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{65166F5B-F896-4FDA-A39B-1284BC7C8BB5}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65166F5B-F896-4FDA-A39B-1284BC7C8BB5}" => is succesvol verwijderd
C:\Windows\System32\Tasks\HermanLogjamFretworkV2 => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HermanLogjamFretworkV2" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69ED3636-52F3-4B70-9490-69FB89A54FBB}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69ED3636-52F3-4B70-9490-69FB89A54FBB}" => is succesvol verwijderd
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Herman) => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Herman)" => is succesvol verwijderd
C:\Program Files\IObit => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7635CF57-F1C9-4695-8C2A-E04A836391A8}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7635CF57-F1C9-4695-8C2A-E04A836391A8}" => is succesvol verwijderd
C:\Windows\System32\Tasks\{63FD4F34-9E64-4F28-BD0D-526C67F0CA9D} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{63FD4F34-9E64-4F28-BD0D-526C67F0CA9D}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B1EC6BF-CB97-43D1-82C9-C960AA8339FB}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B1EC6BF-CB97-43D1-82C9-C960AA8339FB}" => is succesvol verwijderd
C:\Windows\System32\Tasks\{383BAAF0-F20D-4743-ADE8-C56A0656E988} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{383BAAF0-F20D-4743-ADE8-C56A0656E988}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3FAE97D-1DB4-4B5E-89C9-50457E682956}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3FAE97D-1DB4-4B5E-89C9-50457E682956}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5A180A8D-7E2C-94BE-2921-F994E5CA3D7F}" => is succesvol verwijderd
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService" => is succesvol verwijderd
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6A92BBD5-759A-435D-84EC-D5DC8D6DDB48}C:\windows\kmsemulator.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A26D3632-CB09-4A22-8223-7468464572CB}C:\windows\kmsemulator.exe" => is succesvol verwijderd
C:\windows\kmsemulator.exe => is succesvol verplaatst
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{617A9FF6-FFA7-4378-907C-320966B03916}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4F3D6E7-D5D1-48F8-B612-B4E58C126FFE}" => is succesvol verwijderd
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1719932567-3506215398-4039828936-1001\User => is succesvol verplaatst
C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
"HKLM\SOFTWARE\Policies\Google" => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => niet gevonden
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => is succesvol verwijderd

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12893021 B
Java, Flash, Steam htmlcache => 1184 B
Windows/system/drivers => 78606731 B
Edge => 0 B
Chrome => 2282496 B
Firefox => 387682924 B
Opera => 94208 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
LocalService => 128 B
NetworkService => 19381236 B
Herman => 478773227 B
UpdatusUser => 90112 B

RecycleBin => 0 B
EmptyTemp: => 942.4 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 11:16:46 ====