Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 10.02.2018 02
Gestart door Rev (11-02-2018 15:30:45) Run:1
Gestart vanaf C:\Users\Rev\Desktop
Geladen Profielen: Rev (Beschikbare Profielen: Rev)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start
CreateRestorePoint:
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} =>  -> Geen bestand
2017-11-01 16:16 - 2017-11-01 16:16 - 002685400 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareShellExtension.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 004743640 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareTray.exe
2017-11-01 16:16 - 2017-11-01 16:16 - 011753944 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\rpc_client.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 003717592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\RCF.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000147416 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_filesystem-vc140-mt-1_65_1.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000032728 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_system-vc140-mt-1_65_1.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000790488 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_log-vc140-mt-1_65_1.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000039896 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_chrono-vc140-mt-1_65_1.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000125400 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_thread-vc140-mt-1_65_1.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000067544 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_date_time-vc140-mt-1_65_1.dll
2017-11-01 16:16 - 2017-11-01 16:16 - 000526296 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_locale-vc140-mt-1_65_1.dll
C:\Program Files\adaware
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service"
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-342513448-3340910327-1555185532-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [TCP Query User{8167C722-7EE9-4832-8A27-0A6F7AE38009}C:\users\rev\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\rev\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [UDP Query User{DF266C20-A235-4704-AC3B-BB58B0DD2EB1}C:\users\rev\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\rev\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [TCP Query User{3016A05E-9EA0-40C6-BDC0-FA8910300BFA}C:\users\rev\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\rev\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [UDP Query User{61504BC5-0073-4E82-8ECE-56CC21A77F4F}C:\users\rev\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\rev\appdata\local\temp\bduninstall\x64\pcsftool.exe
HKLM\...\Run: [AdAwareTray] => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareTray.exe [4743640 2017-11-01] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
GroupPolicy: Restrictie <==== AANDACHT
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~2\IObit\IOBITM~1\SURFIN~1\BrowerProtect\ASCPlugin_Protection.dll => Geen bestand
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll => Geen bestand
Toolbar: HKU\S-1-5-21-342513448-3340910327-1555185532-1001 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Geen bestand
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => niet gevonden
FF HKU\S-1-5-21-342513448-3340910327-1555185532-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 => niet gevonden
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
S2 adawareantivirusservice; C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareService.exe [587832 2017-11-01] ()
U1 aswbdisk; geen ImagePath
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
2018-02-10 10:35 - 2018-02-10 10:35 - 000000000 ____D C:\Users\Rev\AppData\Local\adaware
EmptyTemp:
end
*****************

Herstelpunt is succesvol gemaakt.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\NP8ShellExtension" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{9C4B85B8-956C-49BF-9BA5-101384E562B2} => sleutel niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareShellExtension.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareTray.exe" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\rpc_client.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\RCF.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_filesystem-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_system-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_log-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_chrono-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_thread-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_date_time-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_locale-vc140-mt-1_65_1.dll" => niet gevonden
"C:\Program Files\adaware" => niet gevonden
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => sleutel niet gevonden
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => sleutel niet gevonden
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => is succesvol verwijderd
HKU\S-1-5-21-342513448-3340910327-1555185532-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => sleutel niet gevonden
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8167C722-7EE9-4832-8A27-0A6F7AE38009}C:\users\rev\appdata\local\temp\bduninstall\x32\pcsftool.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF266C20-A235-4704-AC3B-BB58B0DD2EB1}C:\users\rev\appdata\local\temp\bduninstall\x32\pcsftool.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3016A05E-9EA0-40C6-BDC0-FA8910300BFA}C:\users\rev\appdata\local\temp\bduninstall\x64\pcsftool.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{61504BC5-0073-4E82-8ECE-56CC21A77F4F}C:\users\rev\appdata\local\temp\bduninstall\x64\pcsftool.exe" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdAwareTray" => niet gevonden
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => is succesvol verwijderd
C:\Windows\system32\GroupPolicy\Machine => is succesvol verplaatst
C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => sleutel niet gevonden
HKLM\Software\Wow6432Node\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => sleutel niet gevonden
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}" => is succesvol verwijderd
"HKLM\Software\Wow6432Node\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664}" => is succesvol verwijderd
"HKU\S-1-5-21-342513448-3340910327-1555185532-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => sleutel niet gevonden
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com" => is succesvol verwijderd
"HKU\S-1-5-21-342513448-3340910327-1555185532-1001\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com" => is succesvol verwijderd
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => is succesvol verwijderd
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => is succesvol verwijderd
adawareantivirusservice => dienst niet gevonden.
HKLM\System\CurrentControlSet\Services\aswbdisk => sleutel kon niet worden verwijderd, sleutel kan beschermd zijn
"HKLM\System\CurrentControlSet\Services\cpuz143" => is succesvol verwijderd
cpuz143 => dienst is succesvol verwijderd
"C:\Users\Rev\AppData\Local\adaware" => niet gevonden

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41469563 B
Java, Flash, Steam htmlcache => 1265 B
Windows/system/drivers => 1239961 B
Edge => 0 B
Chrome => 0 B
Firefox => 401535271 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558278 B
systemprofile32 => 120238 B
LocalService => 16384 B
NetworkService => 0 B
Rev => 261018575 B

RecycleBin => 5336425727 B
EmptyTemp: => 5.7 GB tijdelijke gegevens verwijderd.

================================

Resultaat van geplande bestanden te verplaatsen (Boot Modus: Normal) (Datum&Tijd: 11-02-2018 15:36:19)


Resultaat van geplande sleutels te verwijderen na herstart:

HKLM\System\CurrentControlSet\Services\aswbdisk => sleutel kon niet worden verwijderd, sleutel kan beschermd zijn

==== Eind van Fixlog 15:36:19 ====