Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 22-01-2020 01
Gestart door Rickske (23-01-2020 16:07:47) Run:1
Gestart vanaf C:\Users\Rickske\Desktop
Geladen Profielen: Rickske (Beschikbare Profielen: Rickske & Katinka & Joachim & Gast & DefaultAppPool)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
GroupPolicy: Restrictie ? <==== AANDACHT
GroupPolicy\User: Restrictie ? <==== AANDACHT
GroupPolicyUsers\S-1-5-21-3241837054-988920231-2416323044-1004\User: Restrictie <==== AANDACHT
Task: {0C59E3C1-B3F2-4227-9FE6-078B49A20FF3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {1ACEFC4E-F075-4554-929D-864BB546A3D7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {3653BACD-A39D-41FC-B311-1130FA91D63F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {56425F73-BF37-429A-8021-8B93257577FD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {63E222EF-5962-4B32-9858-38EB96D7222D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {6FCA1DC6-8F72-47BA-92CA-1D4C062F3E76} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {80A80D17-16B2-4532-BFAE-19C508A6003E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {9099B8A2-1D1F-4AF6-A156-FBC1D42AE67F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {971753FE-881D-406D-B2E3-6C16C39A8DDD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {D3B518D3-33C6-4BD8-8545-F5F41BB4CCF2} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT
Task: {DD84B3AB-6373-4069-9A4E-1449D0EE02CC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {F1108341-A21C-41CE-AB66-F283605E4A33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
URLSearchHook: HKU\S-1-5-21-3241837054-988920231-2416323044-1001 - (Geen Naam) - {f4c28532-b9d0-4950-a2df-e83f9929242b} - Geen bestand
URLSearchHook: HKU\S-1-5-21-3241837054-988920231-2416323044-1001 - (Geen Naam) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - C:\Program Files (x86)\FilmFanatic\bar\1.bin\paSrcAs.dll (Mindspark Interactive Network -> Mindspark)
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKU\S-1-5-21-3241837054-988920231-2416323044-1001 -> {D8D07A14-80DB-47D8-AB9E-7733455165F1} URL = 
BHO-x32: Toolbar BHO -> {631acb68-57c3-48af-9cc5-fcec0837ffd3} -> C:\Program Files (x86)\FilmFanatic\bar\1.bin\pabar.dll [2015-01-10] (Mindspark Interactive Network -> Mindspark)
BHO-x32: Search Assistant BHO -> {d5e9b421-c309-41de-9014-800a2adcdeb0} -> C:\Program Files (x86)\FilmFanatic\bar\1.bin\paSrcAs.dll [2015-01-10] (Mindspark Interactive Network -> Mindspark)
Toolbar: HKLM-x32 - Geen Naam - {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} -  Geen bestand
Toolbar: HKLM-x32 - FilmFanatic - {0b84b4b4-8af8-4f1f-91fe-074a666f6425} - C:\Program Files (x86)\FilmFanatic\bar\1.bin\pabar.dll [2015-01-10] (Mindspark Interactive Network -> Mindspark)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  Geen bestand
FF Plugin-x32: @MyFunCards_5m.com/Plugin -> C:\Program Files (x86)\MyFunCards_5m\bar\1.bin\NP5mStub.dll [Geen bestand]
S4 FilmFanaticService; C:\Program Files (x86)\FilmFanatic\bar\1.bin\pabarsvc.exe [90696 2015-01-10] (Mindspark Interactive Network -> Mindspark)
U3 idsvc; geen ImagePath
C:\Program Files (x86)\GUTD375.tmp
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ShortcutWithArgument: C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grillades _ Grilliate.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --app=hxxp://www.lacalabria.be/Grillades___Grilliate.html
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA [286]
AlternateDataStreams: C:\ProgramData\TEMP:EB603FE4 [266]
MSCONFIG\startupreg: FilmFanatic AppIntegrator 32-bit => C:\PROGRA~2\FILMFA~2\bar\1.bin\APPINT~1.EXE
MSCONFIG\startupreg: FilmFanatic AppIntegrator 64-bit => C:\PROGRA~2\FILMFA~2\bar\1.bin\APPINT~2.EXE
MSCONFIG\startupreg: FilmFanatic EPM Support => "C:\PROGRA~2\FILMFA~2\bar\1.bin\pamedint.exe" T8EPMSUP.DLL,S
MSCONFIG\startupreg: FilmFanatic Search Scope Monitor => "C:\PROGRA~2\FILMFA~2\bar\1.bin\pasrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: MyFunCards Home Page Guard 64 bit => "C:\PROGRA~2\MYFUNC~2\bar\1.bin\AppIntegrator64.exe"
MSCONFIG\startupreg: MyFunCards Search Scope Monitor => "C:\PROGRA~2\MYFUNC~2\bar\1.bin\5msrchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: MyFunCards_5m Browser Plugin Loader => C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbrmon.exe
cmd: winmgmt /resetrepository
EmptyTemp:
Reboot:

*****************

Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => is succesvol verwijderd
C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst
C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\WINDOWS\system32\GroupPolicy\User => is succesvol verplaatst
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-3241837054-988920231-2416323044-1004\User => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C59E3C1-B3F2-4227-9FE6-078B49A20FF3}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C59E3C1-B3F2-4227-9FE6-078B49A20FF3}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1ACEFC4E-F075-4554-929D-864BB546A3D7}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1ACEFC4E-F075-4554-929D-864BB546A3D7}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3653BACD-A39D-41FC-B311-1130FA91D63F}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3653BACD-A39D-41FC-B311-1130FA91D63F}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56425F73-BF37-429A-8021-8B93257577FD}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56425F73-BF37-429A-8021-8B93257577FD}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63E222EF-5962-4B32-9858-38EB96D7222D}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63E222EF-5962-4B32-9858-38EB96D7222D}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FCA1DC6-8F72-47BA-92CA-1D4C062F3E76}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FCA1DC6-8F72-47BA-92CA-1D4C062F3E76}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80A80D17-16B2-4532-BFAE-19C508A6003E}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80A80D17-16B2-4532-BFAE-19C508A6003E}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9099B8A2-1D1F-4AF6-A156-FBC1D42AE67F}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9099B8A2-1D1F-4AF6-A156-FBC1D42AE67F}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{971753FE-881D-406D-B2E3-6C16C39A8DDD}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{971753FE-881D-406D-B2E3-6C16C39A8DDD}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3B518D3-33C6-4BD8-8545-F5F41BB4CCF2}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3B518D3-33C6-4BD8-8545-F5F41BB4CCF2}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD84B3AB-6373-4069-9A4E-1449D0EE02CC}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD84B3AB-6373-4069-9A4E-1449D0EE02CC}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1108341-A21C-41CE-AB66-F283605E4A33}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1108341-A21C-41CE-AB66-F283605E4A33}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => is succesvol verwijderd
"HKU\S-1-5-21-3241837054-988920231-2416323044-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f4c28532-b9d0-4950-a2df-e83f9929242b}" => is succesvol verwijderd
"HKU\S-1-5-21-3241837054-988920231-2416323044-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\" => niet gevonden
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => waarde met succes hersteld
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8D07A14-80DB-47D8-AB9E-7733455165F1} => is succesvol verwijderd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{631acb68-57c3-48af-9cc5-fcec0837ffd3} => is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{631acb68-57c3-48af-9cc5-fcec0837ffd3} => is succesvol verwijderd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5e9b421-c309-41de-9014-800a2adcdeb0} => is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{d5e9b421-c309-41de-9014-800a2adcdeb0} => is succesvol verwijderd
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{210f1b36-3b7f-41a4-b5da-3eb87f5a56c2}" => is succesvol verwijderd
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{0b84b4b4-8af8-4f1f-91fe-074a666f6425}" => is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{0b84b4b4-8af8-4f1f-91fe-074a666f6425} => is succesvol verwijderd
HKLM\Software\Classes\PROTOCOLS\Handler\livecall => is succesvol verwijderd
HKLM\Software\Classes\PROTOCOLS\Handler\msnim => is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@MyFunCards_5m.com/Plugin => is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\FilmFanaticService => is succesvol verwijderd
FilmFanaticService => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\idsvc => is succesvol verwijderd
idsvc => service is succesvol verwijderd
C:\Program Files (x86)\GUTD375.tmp => is succesvol verplaatst
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => is succesvol verwijderd
C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grillades _ Grilliate.lnk => snelkoppeling argument is succesvol verwijderd
C:\ProgramData\TEMP => ":AB689DEA" ADS is succesvol verwijderd
C:\ProgramData\TEMP => ":EB603FE4" ADS is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FilmFanatic AppIntegrator 32-bit => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FilmFanatic AppIntegrator 64-bit => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FilmFanatic EPM Support => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FilmFanatic Search Scope Monitor => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyFunCards Home Page Guard 64 bit => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyFunCards Search Scope Monitor => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyFunCards_5m Browser Plugin Loader => is succesvol verwijderd

========= winmgmt /resetrepository =========

Opnieuw instellen van WMI-opslag is mislukt
Foutcode:	0x8007041B
Faciliteit:	Win32
Beschrijving:	Er is een stopcode gestuurd naar een service waarvan andere gestarte services afhankelijk zijn.


========= Einde van CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82920616 B
Java, Flash, Steam htmlcache => 522 B
Windows/system/drivers => 11855392 B
Edge => 2312 B
Chrome => 74346763 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 13844 B
Users => 13844 B
ProgramData => 13844 B
Public => 13844 B
systemprofile => 13844 B
systemprofile32 => 13972 B
LocalService => 13972 B
NetworkService => 26644388 B
Rickske => 63843724 B
Katinka => 88914282 B
Joachim => 131482621 B
Gast => 131518481 B
DefaultAppPool => 131532325 B

RecycleBin => 98875 B
EmptyTemp: => 708.9 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Einde van Fixlog 16:14:18 ====