Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 06-06-2019
Gestart door YpY (07-06-2019 18:53:35) Run:1
Gestart vanaf C:\Users\YpY\Desktop
Geladen Profielen: YpY (Beschikbare Profielen: YpY)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Task: {252C2470-AE57-41CB-B2A7-B2E6B1E5588E} - \SpyHunter4Startup -> Geen bestand <==== AANDACHT
Task: {DC6440A8-6761-4DBE-BA54-282A9A224301} - \0615pizUpdateInfo -> Geen bestand <==== AANDACHT
SearchScopes: HKLM -> DefaultScope waarde ontbreekt
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
Toolbar: HKU\S-1-5-21-4038081757-550974096-142076149-1001 -> Geen Naam - {472734EA-242A-422B-ADF8-83D1E48CC825} -  Geen bestand
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [Geen bestand]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
S2 TomTomHOMEService; "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" [X]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-08-03] (Enigma Software Group USA, LLC -> )
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [X]
2019-05-30 19:10 - 2015-07-20 12:40 - 000000000 ____D C:\Users\YpY\AppData\Roaming\IObit
C:\Users\YpY\AppData\Local\{97FDA3A6-84FD-493D-BA9D-5CE3CA8CAF70}
C:\Users\YpY\AppData\Local\{A4BAB8C5-3FC5-480B-B15E-7EA975A66001}
C:\Users\YpY\AppData\Local\{FC7413C4-0425-4CFC-81B4-FD67A7302590}
C:\Users\YpY\AppData\Local\{FCA3FA8C-B76B-4D49-809D-0770EC3245CC}
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\YpY\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\YpY\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Geen bestand
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Geen bestand
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\ProgramData\Temp:1198CD34 [137]
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [136]
AlternateDataStreams: C:\ProgramData\Temp:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\Temp:5925E400 [286]
AlternateDataStreams: C:\ProgramData\Temp:680086AB [174]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [119]
AlternateDataStreams: C:\ProgramData\Temp:8173A019 [131]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [133]
AlternateDataStreams: C:\ProgramData\Temp:C46995DA [129]
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 [104]
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4 [147]
FirewallRules: [TCP Query User{B94DF15D-566A-4ACA-B019-71F449ED96A8}C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe Geen bestand
FirewallRules: [UDP Query User{D0B72366-115F-4D9B-836B-FFC4B539F837}C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe] => (Block) C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe Geen bestand
FirewallRules: [TCP Query User{E814A57D-8E0D-4D7B-86E3-B1F25AAA08B7}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe Geen bestand
FirewallRules: [UDP Query User{AA77B8FB-055A-4341-8C99-F08E1A61CBB0}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe Geen bestand
FirewallRules: [{BF43AF06-9B7F-4C50-8179-EAFC72461956}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe Geen bestand
FirewallRules: [{C2762BAC-01F3-4D1E-8AC4-8681A6C0B558}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe Geen bestand
FirewallRules: [{0CF7C795-C759-43C3-94DF-963277883FC6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe Geen bestand
FirewallRules: [{3DE20183-7930-4E79-9351-AC07F1ABC9C4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe Geen bestand
EmptyTemp:

*****************

Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => is succesvol verwijderd
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot" => is succesvol verwijderd
"HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE" => is succesvol verwijderd
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot" => is succesvol verwijderd
"HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE" => is succesvol verwijderd
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot" => is succesvol verwijderd
"HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE" => is succesvol verwijderd
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{252C2470-AE57-41CB-B2A7-B2E6B1E5588E} => is succesvol verwijderd
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{252C2470-AE57-41CB-B2A7-B2E6B1E5588E} => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => niet gevonden
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC6440A8-6761-4DBE-BA54-282A9A224301} => is succesvol verwijderd
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC6440A8-6761-4DBE-BA54-282A9A224301} => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0615pizUpdateInfo" => niet gevonden
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
"HKU\S-1-5-21-4038081757-550974096-142076149-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825}" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => niet gevonden
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0 => is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\TomTomHOMEService => is succesvol verwijderd
TomTomHOMEService => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\EsgScanner => is succesvol verwijderd
EsgScanner => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\esgiguard => is succesvol verwijderd
esgiguard => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\IUFileFilter => is succesvol verwijderd
IUFileFilter => service is succesvol verwijderd
C:\Users\YpY\AppData\Roaming\IObit => is succesvol verplaatst
C:\Users\YpY\AppData\Local\{97FDA3A6-84FD-493D-BA9D-5CE3CA8CAF70} => is succesvol verplaatst
C:\Users\YpY\AppData\Local\{A4BAB8C5-3FC5-480B-B15E-7EA975A66001} => is succesvol verplaatst
C:\Users\YpY\AppData\Local\{FC7413C4-0425-4CFC-81B4-FD67A7302590} => is succesvol verplaatst
C:\Users\YpY\AppData\Local\{FCA3FA8C-B76B-4D49-809D-0770EC3245CC} => is succesvol verplaatst
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => is succesvol verwijderd
HKU\S-1-5-21-4038081757-550974096-142076149-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => is succesvol verwijderd
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{0365FE2C-F183-4091-AC82-BFC39FB75C49} => niet gevonden
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => niet gevonden
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => niet gevonden
C:\Windows => ":nlsPreferences" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":1198CD34" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":2430E4FC" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":430C6D84" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":5925E400" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":680086AB" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":798A3728" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":8173A019" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":93DE1838" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":C46995DA" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":DFC5A2B2" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":E79EFDA4" ADS is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B94DF15D-566A-4ACA-B019-71F449ED96A8}C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0B72366-115F-4D9B-836B-FFC4B539F837}C:\users\ypy\appdata\roaming\torrentstream\engine\tsengine.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E814A57D-8E0D-4D7B-86E3-B1F25AAA08B7}C:\program files (x86)\vuze\azureus.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AA77B8FB-055A-4341-8C99-F08E1A61CBB0}C:\program files (x86)\vuze\azureus.exe" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BF43AF06-9B7F-4C50-8179-EAFC72461956}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2762BAC-01F3-4D1E-8AC4-8681A6C0B558}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CF7C795-C759-43C3-94DF-963277883FC6}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DE20183-7930-4E79-9351-AC07F1ABC9C4}" => is succesvol verwijderd

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7450926 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 575062299 B
Edge => 0 B
Chrome => 103424 B
Firefox => 1095095338 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 54605 B
Public => 0 B
ProgramData => 0 B
systemprofile => 49747 B
systemprofile32 => 57170 B
LocalService => 33125 B
NetworkService => 2624519718 B
YpY => 535532610 B

RecycleBin => 1382588355 B
EmptyTemp: => 5.8 GB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Einde van Fixlog 19:19:33 ====