Extra scanresultaten van Farbar Recovery Scan Tool (x86) Versie: 02-11-2017 02 Gestart door Glowing Starter (08-11-2017 19:47:22) Gestart vanaf C:\Users\Glowing Starter\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-06-01 12:46:26) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-70928346-524487458-456366203-500 - Administrator - Disabled) Gast (S-1-5-21-70928346-524487458-456366203-501 - Limited - Disabled) Glowing Starter (S-1-5-21-70928346-524487458-456366203-1000 - Administrator - Enabled) => C:\Users\Glowing Starter HomeGroupUser$ (S-1-5-21-70928346-524487458-456366203-1005 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160} AV: Norman Security Suite (Disabled - Up to date) {D038CA80-26F3-90BF-94AA-03C4D945E661} AS: Norman Security Suite (Disabled - Up to date) {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC} AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated) Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) BibleWorks 8 (HKLM\...\{B038A58E-EAF0-44CB-ADCA-3895ECD0812D}) (Version: 1.00.000 - BibleWorks) BisonCam (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.96.1728.10.9 - BisonCam) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-70928346-524487458-456366203-1000\...\Dropbox) (Version: 38.4.27 - Dropbox, Inc.) f.lux (HKU\S-1-5-21-70928346-524487458-456366203-1000\...\Flux) (Version: - f.lux Software LLC) Filternet (HKLM\...\{D43F5471-28BA-4CEF-A8D8-CF84D8BB0E17}) (Version: - ) Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.2.2 - Sentelic) Google Chrome (HKLM\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software) Hotkey 3.0021 (HKLM\...\{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 3.00.0021 - NoteBook) Hidden Hotkey 3.0021 (HKLM\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 3.00.0021 - NoteBook) HP ENVY 5530 series Basissoftware van het apparaat (HKLM\...\{6560F669-8994-4DC0-8FB7-8342C6623176}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP ENVY 5530 series Help (HKLM\...\{35A1FA23-AD44-4E6E-9CFD-AAC967677B13}) (Version: 30.0.0 - Hewlett Packard) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation) Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.) Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Liedboek Concordantie v 1.6 voor Windows (HKLM\...\{F39759AE-2F69-489B-9CF4-6D3A8F24EE2E}_is1) (Version: 1.6 - Uitgeverij Boekencentrum) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-70928346-524487458-456366203-1000\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation) Microsoft OneNote Home and Student 2016 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.8625.2121 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.4.0.6486 - Mozilla) Mozilla Thunderbird 52.4.0 (x86 nl) (HKLM\...\Mozilla Thunderbird 52.4.0 (x86 nl)) (Version: 52.4.0 - Mozilla) Nero 7 Essentials (HKLM\...\{F63C7908-08EA-46F5-9EDF-DFF9FD231043}) (Version: 7.02.5016 - Nero AG) NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - ) Norton Security (HKLM\...\NS) (Version: 22.11.0.41 - Symantec Corporation) Norton Security Scan (HKLM\...\NSS) (Version: 4.6.1.103 - Symantec Corporation) Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-70928346-524487458-456366203-1000\...\Octoshape add-in for Adobe Flash Player) (Version: - ) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2121 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden PDFill FREE PDF Editor Basic (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 14.0 - PlotSoft LLC) Photo Transport (HKLM\...\{CDC7F188-3A08-45C3-8C3C-99BE32911949}) (Version: 1.0.2 - CASIO COMPUTER CO., LTD.) Productverbeteringsonderzoek voor HP ENVY 5530 series (HKLM\...\{A383DE56-BA80-4128-8A14-5C052608B29B}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5943 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0126 - REALTEK Semiconductor Corp.) REOptimizer (HKU\S-1-5-21-70928346-524487458-456366203-1000\...\REOptimizer) (Version: - ) Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.) Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) trotux - Uninstall (HKLM\...\{7828879E-BAE9-4620-A979-9F6FCD1A8055}) (Version: - ) <==== AANDACHT Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) VideoCam Suite (HKLM\...\{5F638781-7754-411F-974C-F20F27292E24}) (Version: 1.00.000 - Panasonic) Hidden Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR (HKLM\...\WinRAR archiver) (Version: - ) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-70928346-524487458-456366203-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-04] (Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () ContextMenuHandlers1_S-1-5-21-70928346-524487458-456366203-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-70928346-524487458-456366203-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-70928346-524487458-456366203-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {1FBFC653-5FA0-422C-B10B-D57F230AE618} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation) Task: {2A836A31-84DA-40F3-99DF-F92EF2E545D1} - System32\Tasks\{2961EA2E-DE8B-46B1-8923-D8382D47CC02} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\ Task: {393FC695-193E-4120-A712-679B585CEEE2} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-04] (Symantec Corporation) Task: {3A68EFDD-2777-4978-9AC5-F7806D100C50} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: {452EA210-BB0C-47BA-803D-97425D9F11A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.) Task: {50570973-65F8-44DA-BDC2-E0ECE04487AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {5DD941F0-FFFF-449B-AFB0-71A6B0846201} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-10-04] (Symantec Corporation) Task: {63E57A4B-5B61-46C8-95BF-22086865A3C9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-10-20] () Task: {88B06E85-AD5C-4493-809E-6B052B9EAB19} - System32\Tasks\{E2F86A55-F45F-4F93-9DED-9FA795006F76} => C:\Windows\system32\pcalua.exe -a D:\games\VirtualHottie2\Setup.exe -d D:\games\VirtualHottie2 Task: {8963E97A-6E14-47DB-99CB-D6C21E0A2D9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-27] (Adobe Systems Incorporated) Task: {89D0BD5F-2D64-46B9-BDCA-0D21FFD45B2A} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {9488168A-B2DC-4C96-A350-1F4DA9F4957C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000Core => C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {96CFCA8A-B64A-4990-AE49-D7F45F01B98C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd) Task: {9C270E11-A90D-47F5-B72B-F94BB4EB3324} - System32\Tasks\{56432B7F-354E-412F-ADAA-502F5B378332} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Virtual Hottie 2\Default\Setup.exe" -d "C:\Program Files\Virtual Hottie 2\Default" Task: {A01816BE-3D14-498A-AA1A-789FA52C2784} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000UA => C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {AEB0BAD7-AC3F-440C-8B23-BEF13545305B} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-04] (Symantec Corporation) Task: {BF5861C3-EE3C-40E1-B540-959B1CA2FD26} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.11.0.41\WSCStub.exe [2017-10-04] (Symantec Corporation) Task: {C0319732-D367-467E-A2AA-46CCC0CCE4E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-31] (Microsoft Corporation) Task: {D6995CA0-7A9C-4792-A0D6-C4488405010D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-10-20] () Task: {D71D0780-1B4D-4978-A8BD-3F70B447E21E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.) Task: {FFBB2F9E-BD6D-47AE-AE1C-4264F14D6E3B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000Core.job => C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-70928346-524487458-456366203-1000UA.job => C:\Users\Glowing Starter\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Geladen Modules (gefilterd) ============== 2010-06-01 14:25 - 2009-02-18 20:57 - 000028672 _____ () C:\Program Files\BisonCam\KBHookDLL.dll 2014-03-14 19:26 - 2012-08-31 15:01 - 000151552 _____ () C:\Windows\System32\HP1100LM.DLL 2013-03-16 20:17 - 2012-08-31 15:01 - 000069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL 2009-10-06 16:31 - 2009-10-06 16:31 - 000031744 _____ () C:\Program Files\Hotkey\PowerBiosServer.exe 2010-06-01 13:52 - 2009-08-31 05:43 - 000053248 _____ () C:\Program Files\FSP\KbdHook.dll 2010-06-01 13:52 - 2009-08-31 05:43 - 000073728 _____ () C:\Program Files\FSP\FspLib.dll 2009-10-06 15:54 - 2009-10-06 15:54 - 002409984 _____ () C:\Program Files\Hotkey\Hotkey.exe 2009-06-06 13:50 - 2009-06-06 13:50 - 000019968 _____ () C:\Program Files\Hotkey\Audiodll.dll 2006-12-11 01:10 - 2006-12-11 01:10 - 000049152 _____ () C:\Program Files\Hotkey\AudioControlDLL.dll 2017-09-07 17:12 - 2017-09-07 17:12 - 000077824 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-11-03 10:59 - 2017-11-01 12:58 - 000724288 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll 2017-11-03 10:59 - 2017-11-01 12:58 - 002002752 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll 2017-10-20 10:58 - 2017-11-01 12:57 - 000100296 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000018888 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\select.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000020800 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000035792 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000694224 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000021848 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000130512 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 001856848 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000022864 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2017-11-03 10:59 - 2017-11-01 12:57 - 000145864 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2017-11-03 10:59 - 2017-11-01 12:58 - 000116688 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2017-10-20 10:58 - 2017-11-01 12:57 - 000105928 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32api.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000022864 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000062784 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000024528 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32event.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000040248 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\fastpath.pyd 2017-11-03 10:59 - 2017-11-01 12:57 - 000020936 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000124880 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32file.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000116176 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32security.pyd 2017-11-03 10:59 - 2017-11-01 12:58 - 000392656 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2017-10-20 10:58 - 2017-11-01 13:01 - 000392512 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000026456 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000024016 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000175560 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32gui.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000030160 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000043472 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32process.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000026056 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32job.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000048592 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32service.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000057808 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000021824 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000023368 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000022856 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000066392 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 001796920 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000084424 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\sip.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 001956152 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 003859264 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000154440 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000521024 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000050496 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000042304 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000131384 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000218944 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000204096 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000025432 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000060880 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32print.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000054608 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000024016 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32profile.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000022864 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000028616 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\win32ts.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000022360 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000021848 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000022360 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000027488 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-10-20 10:58 - 2017-11-01 12:57 - 000349128 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2017-10-20 10:58 - 2017-11-01 13:01 - 000023896 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000025424 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2017-11-03 10:59 - 2017-11-01 12:58 - 000036296 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\librsync.dll 2017-11-03 10:59 - 2017-11-01 13:01 - 000181056 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2017-10-20 10:58 - 2017-11-01 13:01 - 000030536 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000024368 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\libEGL.DLL 2017-11-03 10:59 - 2017-11-01 13:01 - 001638200 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2017-10-20 10:58 - 2017-11-01 13:01 - 000026456 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000545080 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000359224 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2017-11-03 10:59 - 2017-11-01 13:01 - 000038208 _____ () C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd 2017-08-24 13:10 - 2017-08-24 13:10 - 023854576 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll 2016-12-23 19:10 - 2016-12-23 19:10 - 000323152 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\sqlite.dll 2017-07-31 23:31 - 2017-07-31 23:31 - 072940016 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll 2017-09-22 07:07 - 2017-09-21 05:57 - 003011928 _____ () C:\Program Files\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-22 07:07 - 2017-09-21 05:57 - 000086872 _____ () C:\Program Files\Google\Chrome\Application\61.0.3163.100\libegl.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Windows\system32\msln.exe:f312fc16291504f990341efb17191ac7 [866] AlternateDataStreams: C:\Users\Glowing Starter:zylomtest [0] AlternateDataStreams: C:\Users\Glowing Starter:zylomtr{000HQ7FF-AD7A-3FG3-1EMN-28M5NPU00VRD} [34] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts Inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2010-12-30 16:42 - 2009-06-10 22:39 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-70928346-524487458-456366203-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Glowing Starter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.58.153.220 - 62.58.48.30 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\startupreg: Norman ZANDA => C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{783F747C-051F-477D-B4DC-D6793D6371F0}] => (Allow) svchost.exe FirewallRules: [TCP Query User{2C69C9E4-0C8F-4C0C-9261-7217EC45B337}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [UDP Query User{C62A6446-FB67-400E-B3E8-FB34C783FD03}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [TCP Query User{FE072C8E-4361-408C-80A7-225625814ED8}C:\users\glowing starter\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe] => (Allow) C:\users\glowing starter\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe FirewallRules: [UDP Query User{A2BC9DB8-A0F2-4705-80FE-155A4439C177}C:\users\glowing starter\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe] => (Allow) C:\users\glowing starter\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe FirewallRules: [{A10CE794-F013-4040-A71D-8B1884995575}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{F0B3E830-8BD4-47E9-9501-11A56F997520}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{44C96CA7-B276-49BB-87EA-E735DD908D09}] => (Allow) C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{24541824-9EA3-41BE-8171-62BB216CB8C0}] => (Allow) C:\Users\Glowing Starter\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{96553530-F2BD-4CDC-AFD3-3BB39003A5AE}] => (Allow) LPort=9100 FirewallRules: [{901C0CC9-4BB2-4138-9F77-34B2DCD46220}] => (Allow) LPort=427 FirewallRules: [{6181E0DD-8576-47D6-90A7-1578E9B5E62B}] => (Allow) LPort=161 FirewallRules: [{88E35A35-33F0-4019-A826-018B60EE597A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{0F864A12-ECBC-4CC8-80E7-6A06743F22DE}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0B80CC26-7B14-4629-8FA3-4FC309B588C1}] => (Allow) LPort=2869 FirewallRules: [{D3707C97-9EB3-403D-90C7-111897080C01}] => (Allow) LPort=1900 FirewallRules: [{94926180-F49A-43A2-B5F8-B5EEDFE8F050}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{C7DC2C60-5D84-424C-8FAC-C85BEEAE4E26}C:\users\glowing starter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\glowing starter\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{37C905F6-44DE-4FB0-AF30-F0AA33AC08F9}C:\users\glowing starter\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\glowing starter\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{E8DBABAA-4517-44D3-B373-175E5C611F43}] => (Allow) C:\Users\Glowing Starter\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{112BAE32-E5EC-4ECF-9519-B5C5E2429C84}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe FirewallRules: [{3E084DFA-5E4E-4455-BE84-BEE47C10FF17}] => (Allow) C:\Program Files\Popcorn Time\Updater.exe FirewallRules: [{D2AC1A3F-8996-455A-ABED-A0379D7F34F8}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{BE53A13B-C795-4574-960E-0E5805E3489D}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe FirewallRules: [{9749AD82-EB38-4C44-9A8B-9AF8A55499F8}] => (Allow) LPort=5357 FirewallRules: [{C6B3859A-6AA2-45C0-B6A9-58E2D5A87A55}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{7A782785-E05D-4329-8CE5-5FFD2F1F9696}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 30-10-2017 14:00:35 Restore Point Created by FRST 31-10-2017 13:53:35 Revo Uninstaller's restore point - trotux - Uninstall 31-10-2017 13:57:27 Revo Uninstaller's restore point - Logos Bible Software 31-10-2017 13:57:44 Removed Logos Bible Software 31-10-2017 14:16:02 Windows Update 08-11-2017 11:31:49 Restore Point Created by FRST ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/08/2017 11:31:39 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {f566ff1d-f8bf-4f3b-98e1-02a428a231de} Error: (11/08/2017 09:47:49 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (11/07/2017 10:08:05 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (11/06/2017 10:34:33 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (11/05/2017 01:41:07 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (11/04/2017 10:44:11 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (11/03/2017 10:06:25 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (11/02/2017 10:45:01 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (10/31/2017 01:53:24 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {179eaeb6-aba3-436e-b702-28df53153765} Error: (10/31/2017 10:36:04 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\HP\HP ENVY 5530 series\DriverStore\Yeti\V3\amd64\hpinkinsC311.exe' niet maken. Kan afhankelijke assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Systeemfouten: ============= Error: (11/06/2017 05:09:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: eeCtrl Error: (11/06/2017 10:30:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: eeCtrl Error: (11/05/2017 05:01:46 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: De server {2EAD57C2-492A-4713-A340-8272B88BFF1B} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd. Error: (11/05/2017 01:34:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: eeCtrl Error: (11/04/2017 11:04:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: Wlansvc. Error: (11/04/2017 10:38:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: eeCtrl Error: (11/03/2017 07:48:57 PM) (Source: BROWSER) (EventID: 8032) (User: ) Description: De Browser-service heeft te vaak de reservelijst op transport \Device\NetBT_Tcpip_{A4E30119-DCA7-4F99-8F61-DEA22BEEC64F} niet kunnen ophalen. De reservebrowser is gestopt. Error: (11/03/2017 04:51:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: eeCtrl Error: (11/03/2017 10:05:22 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: De server {87DC457B-B35D-48AC-BD42-BDF35EF623CE} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd. Error: (11/03/2017 10:02:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: eeCtrl ==================== Geheugen info =========================== Processor: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz Percentage geheugen in gebruik: 57% Totaal fysiek RAM-geheugen: 3004.87 MB Beschikbaar fysiek RAM-geheugen: 1281.78 MB Totaal Virtueel geheugen: 6008.06 MB Beschikbaar Virtual geheugen: 4031.35 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:185.55 GB) (Free:60.76 GB) NTFS Drive d: () (Fixed) (Total:112.44 GB) (Free:112.18 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 96E90656) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=185.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=112.4 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================