Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 30.01.2019 Gestart door Willem Blaas (02-02-2019 11:41:32) Run:1 Gestart vanaf C:\Users\Willem Blaas\Desktop Geladen Profielen: Willem Blaas (Beschikbare Profielen: defaultuser0 & Willem Blaas) Boot Modus: Normal ============================================== fixlist inhoud: ***************** CreateRestorePoint: CloseProcesses: HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [Advanced SystemCare 12] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto SearchScopes: HKU\S-1-5-21-752935264-2207249693-1250420677-1001 -> {49AA4A95-9DDE-4EF6-8C8B-89AB3C896A5B} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => Geen bestand BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll => Geen bestand FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [niet gevonden] FF user.js: detected! => C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\user.js [2018-11-20] CHR NewTab: Default -> Not-active:"chrome-extension://dnckbjbhoclehoieokgiecdiakbaoodg/newtabproduct.html", Not-active:"chrome-extension://emilpohamjafokgdhoggckjldbpkbhlh/newtabproduct.html", Not-active:"chrome-extension://gnmjknmalpknlmhpbfmnidbgkncebohg/newtabproduct.html", Active:"chrome-extension://fmgkbbgmfadinoembkciofacghellcmj/newtabproduct.html", Active:"chrome-extension://icbhbegbnafpiiaomogcddhhjpijpikp/newtabproduct.html", Active:"chrome-extension://jhmonpjmhgcjcacmnipddbdlphindcpn/newtabproduct.html", Not-active:"chrome-extension://dhjghcdeopofofdgnmfcnmgmfmbplpmm/newtabproduct.html", Not-active:"chrome-extension://nladljmabboanhihfkjacnnkgjhnokhj/new-tab.html", Not-active:"chrome-extension://ikecjjeekejbjbibeaogbfcpplilghbb/newtab/newtab.html" CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx S2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X] S2 Dashlane Upgrade Service; "C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe" [X] S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X] S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X] U3 aswbdisk; geen ImagePath S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [X] S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [X] S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X] 2019-02-02 10:28 - 2017-05-05 10:05 - 000000000 ____D C:\Program Files (x86)\IObit 2019-02-02 10:27 - 2017-05-05 10:06 - 000000000 ____D C:\ProgramData\ProductData 2019-02-02 10:27 - 2017-05-05 10:05 - 000000000 ____D C:\Users\Willem Blaas\AppData\LocalLow\IObit 2019-02-02 10:25 - 2018-03-11 14:57 - 000000000 ____D C:\Program Files (x86)\EaseUS 2019-02-02 10:25 - 2017-08-29 16:42 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\IIIQF ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Geen bestand ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> Geen bestand ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> Geen bestand Task: {1D84216E-6993-46E9-8B7B-2471DDB45F4A} - System32\Tasks\Opera scheduled Autoupdate 1509374158 => C:\Users\Willem Blaas\AppData\Local\Programs\Opera\launcher.exe Task: {7959CE97-E4F4-4EB2-A0D0-966D6AD55A47} - System32\Tasks\ASC12_SkipUac_Willem Blaas => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: {AFF85724-67A1-46FC-89CA-6818C3184265} - System32\Tasks\Uninstaller_SkipUac_Willem_Blaas => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {BE4489DE-5050-4A3D-B4BF-441141A87078} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\localhost -> localhost FirewallRules: [{17B8503D-CA2F-4EF0-912C-64A3A221781C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe Geen bestand FirewallRules: [{96329045-2D9E-4126-9FCE-EBBEFD5733A0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe Geen bestand Hosts: EmptyTemp: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. "HKU\S-1-5-21-752935264-2207249693-1250420677-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 12" => is succesvol verwijderd HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49AA4A95-9DDE-4EF6-8C8B-89AB3C896A5B} => is succesvol verwijderd HKLM\Software\Classes\CLSID\{49AA4A95-9DDE-4EF6-8C8B-89AB3C896A5B} => niet gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => is succesvol verwijderd HKLM\Software\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => is succesvol verwijderd HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} => is succesvol verwijderd HKLM\Software\Wow6432Node\Classes\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} => is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com => pad is succesvol verwijderd C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com => pad is succesvol verwijderd C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\user.js => is succesvol verplaatst "Chrome NewTab" => is succesvol verwijderd HKLM\SOFTWARE\Google\Chrome\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => is succesvol verwijderd HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => is succesvol verwijderd HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => is succesvol verwijderd HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => is succesvol verwijderd HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade => is succesvol verwijderd HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nladljmabboanhihfkjacnnkgjhnokhj => is succesvol verwijderd HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam => is succesvol verwijderd HKLM\System\CurrentControlSet\Services\AdvancedSystemCareService12 => is succesvol verwijderd AdvancedSystemCareService12 => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\Dashlane Upgrade Service => is succesvol verwijderd Dashlane Upgrade Service => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\AscFileFilter => is succesvol verwijderd AscFileFilter => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\AscRegistryFilter => is succesvol verwijderd AscRegistryFilter => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\aswbdisk => is succesvol verwijderd aswbdisk => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\cpuz143 => is succesvol verwijderd cpuz143 => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\IMFMBRProtect => is succesvol verwijderd IMFMBRProtect => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\IMFSafeBox => is succesvol verwijderd IMFSafeBox => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\iobit_monitor_server => is succesvol verwijderd iobit_monitor_server => service is succesvol verwijderd C:\Program Files (x86)\IObit => is succesvol verplaatst C:\ProgramData\ProductData => is succesvol verplaatst C:\Users\Willem Blaas\AppData\LocalLow\IObit => is succesvol verplaatst C:\Program Files (x86)\EaseUS => is succesvol verplaatst C:\Users\Willem Blaas\AppData\Local\IIIQF => is succesvol verplaatst HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => is succesvol verwijderd HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => niet gevonden HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => is succesvol verwijderd HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => is succesvol verwijderd HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ShellConverter => is succesvol verwijderd HKLM\Software\Classes\CLSID\{30A4E07E-068A-4d91-8F05-691283A1336B} => niet gevonden HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => is succesvol verwijderd HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => niet gevonden HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => is succesvol verwijderd HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => niet gevonden HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => is succesvol verwijderd HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => niet gevonden "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D84216E-6993-46E9-8B7B-2471DDB45F4A}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D84216E-6993-46E9-8B7B-2471DDB45F4A}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1509374158 => is succesvol verplaatst "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1509374158" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7959CE97-E4F4-4EB2-A0D0-966D6AD55A47}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7959CE97-E4F4-4EB2-A0D0-966D6AD55A47}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\ASC12_SkipUac_Willem Blaas => is succesvol verplaatst "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC12_SkipUac_Willem Blaas" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFF85724-67A1-46FC-89CA-6818C3184265}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFF85724-67A1-46FC-89CA-6818C3184265}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Willem_Blaas => is succesvol verplaatst "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Willem_Blaas" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE4489DE-5050-4A3D-B4BF-441141A87078}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE4489DE-5050-4A3D-B4BF-441141A87078}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => niet gevonden HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => is succesvol verwijderd HKU\S-1-5-21-752935264-2207249693-1250420677-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17B8503D-CA2F-4EF0-912C-64A3A221781C}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{96329045-2D9E-4126-9FCE-EBBEFD5733A0}" => is succesvol verwijderd C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst Hosts met succes hersteld. =========== EmptyTemp: ========== BITS transfer queue => 8413184 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9554951 B Java, Flash, Steam htmlcache => 7724897 B Windows/system/drivers => 1051893 B Edge => 10965 B Chrome => 15992627 B Firefox => 7594849 B Opera => 156540 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 8120 B LocalService => 0 B NetworkService => 0 B NetworkService => 0 B defaultuser0 => 7298 B Willem Blaas => 86494170 B RecycleBin => 35689165 B EmptyTemp: => 164.7 MB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 11:42:33 ====