Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 09.09.2018 Gestart door Gebruiker (13-09-2018 10:54:38) Gestart vanaf C:\Users\Gebruiker\Downloads Windows 10 Home Versie 1803 17134.228 (X64) (2018-06-11 20:00:37) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-527120506-1666112006-1758287245-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-527120506-1666112006-1758287245-503 - Limited - Disabled) Gast (S-1-5-21-527120506-1666112006-1758287245-501 - Limited - Disabled) Gebruiker (S-1-5-21-527120506-1666112006-1758287245-1001 - Administrator - Enabled) => C:\Users\Gebruiker WDAGUtilityAccount (S-1-5-21-527120506-1666112006-1758287245-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_1) (Version: 19.1.1 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation) Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9810 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - Uw bedrijfsnaam) Hidden Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.) CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - Uw bedrijfsnaam) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.) DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.) FoneLab for Android 1.1.30 (HKLM-x32\...\{7A7ACBDD-FED6-4ec5-BD26-5549FEB5B968}_is1) (Version: 1.1.30 - Aiseesoft Studio) fotofabriekSoftware 3.8.35 (HKLM-x32\...\fotofabriek_is1) (Version: - 1STEIN Corp.) Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{FEC61634-7B6D-4859-83FD-DDF2E76570F9}) (Version: 12.9.24.3 - HP Inc.) HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation) Kodi (HKU\S-1-5-21-527120506-1666112006-1758287245-1001\...\Kodi) (Version: - XBMC-Foundation) Kodi (HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\...\Kodi) (Version: - XBMC-Foundation) Malwarebytes versie 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-527120506-1666112006-1758287245-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8333 - MyHeritage.com) Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon) Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 344.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.24 - NVIDIA Corporation) NVIDIA PhysX systeemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) OpenOffice 4.1.3 (HKLM-x32\...\{9A20BB10-551A-4D13-AB25-3A67EE3F600C}) (Version: 4.13.9783 - Apache Software Foundation) Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{e0008118-71df-4125-bda8-1e59dd9dca41}) (Version: 10.0.21 - Intel(R) Corporation) Hidden Spotify (HKU\S-1-5-21-527120506-1666112006-1758287245-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB) Spotify (HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated) ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.3 - Nikon) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8516725D5171}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-527120506-1666112006-1758287245-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8516725D5171}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-527120506-1666112006-1758287245-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (Cyberlink) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (Cyberlink) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2014-09-27] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {042B4A0A-49CA-47EB-9C5E-7535F2008F3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.) Task: {06717444-FCDD-4C4F-8E35-09605BF81C2A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] () Task: {1BC86EB4-C99E-4741-85C6-B61ECFA11B99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-06-28] (HP Inc.) Task: {1D00360E-6579-4ACB-AF77-9F77DD27D0C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-06-28] (HP Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {41D84C37-0881-458D-8E7F-E1F3B4282157} - System32\Tasks\AdobeAAMUpdater-1.0-HP-Gebruiker => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {54847C45-8540-4619-8225-EAF6EE47B0E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation) Task: {5D69C79C-32B0-4760-83C8-F513DE815CC2} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {64E9D69F-5D0E-4087-9393-6AA33C7CC03B} - System32\Tasks\AdobeGCInvoker-1.0-HP-Gebruiker => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6FDD7372-14D3-4030-BE8B-DC86BF8D0EC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.) Task: {7888A38A-6C76-486B-8191-2858BDD84A1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation) Task: {7F8E133A-D2FB-4D4B-A971-5D7C0AAB5A5F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {81225E5B-58D9-4CC9-BE77-5EB13BEB3381} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-15] () Task: {8153DFDE-BC2B-406C-9045-E41AC200E90C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-17] (HP Inc.) Task: {96C7C73D-2C3F-4EC9-8B22-DC5DBB19FCEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.) Task: {AC0D544B-4E18-41CE-93E3-4A2571F70FB3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] () Task: {B0B8A384-BE35-4158-8DDE-0FE77A4081FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {B619C96B-E5B2-4C7C-B26E-B5F00D0C6FFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {C89CE2CD-2A43-400A-A115-64BCEE93F276} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {CA096406-52C7-408B-8C34-4ED8212314BD} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-23] (CyberLink Corp.) Task: {E28824AA-4E9F-4532-8CE6-9B20E516A9A2} - \WPD\SqmUpload_S-1-5-21-527120506-1666112006-1758287245-1001 -> Geen bestand <==== AANDACHT Task: {EFA6D419-49B3-4D52-80D0-A9FB3DBA4D06} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.) Task: {F868E070-39F8-4F17-A2F1-24CEF3C2DAFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation) Task: {FFA5F67E-469D-4EF1-9E48-E061D2412128} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2014-03-28 14:31 - 2014-03-28 14:31 - 002110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2014-03-28 14:27 - 2014-03-28 14:27 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2014-03-28 14:27 - 2014-03-28 14:27 - 000035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2014-03-28 14:27 - 2014-03-28 14:27 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2014-03-28 14:48 - 2014-03-28 14:48 - 000367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2014-03-28 14:48 - 2014-03-28 14:48 - 000712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2016-03-01 18:02 - 2014-04-14 19:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2018-02-10 02:12 - 2018-02-10 02:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-08-15 14:27 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2014-03-28 14:36 - 2014-03-28 14:36 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2018-09-12 09:37 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-09-12 09:37 - 2018-08-06 14:20 - 002769768 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-08-11 15:54 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll 2018-08-11 15:54 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll 2018-07-17 17:23 - 2018-07-17 17:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-07-17 17:23 - 2018-07-17 17:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2014-09-03 12:03 - 2014-09-03 12:03 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\lwmzjgto.sys:changelist [2138] AlternateDataStreams: C:\ProgramData\Temp:BC359956 [246] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104316697\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317309\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-527120506-1666112006-1758287245-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg DNS Servers: 192.168.2.254 - 213.75.63.75 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "avast! SecureLine.lnk" HKLM\...\StartupApproved\Run: => "SimplePass" HKLM\...\StartupApproved\Run: => "OPBHOBroker" HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "HPMessageService" HKLM\...\StartupApproved\Run32: => "Family Tree Builder Update" HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-527120506-1666112006-1758287245-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-527120506-1666112006-1758287245-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-527120506-1666112006-1758287245-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-527120506-1666112006-1758287245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09132018104317659\...\StartupApproved\Run: => "Steam" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [UDP Query User{3B356C62-EE71-46B8-9478-6EBE5EFA8815}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{58CD8754-504E-45EB-A287-0288C0A93025}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{7A5C751B-97DB-4B3E-9FBD-3306016DF2D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe FirewallRules: [{AA7463AF-E032-4DE8-827D-FDBE39F0C9D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe FirewallRules: [{640B3B6A-3BDE-43E9-82F5-ACB9396B9BBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{4051F034-0A25-400A-BF76-762819B1D029}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{39413836-BB26-4DAA-A91B-4053EA4A676F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{08E972D8-A429-417A-86E9-7B03C5CAEB23}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{7EFE8F77-6C9D-4096-A8FE-09E79A829C24}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1D11897B-8D4C-4776-B4D7-D569F4040F59}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{979DFDDC-7C7F-426B-A624-79153F26F180}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{FA7B607A-1004-4267-AE09-28A66298F2BB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{82C82C4A-E775-4828-93F7-0C90ED66B43B}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{B4BE46EA-B738-4B0D-BAD4-1BFDE2E85B41}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{EDA80900-2605-4347-A4FE-90C4D7EE5F4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{1D3A84DD-2611-459B-90C9-A03B3CBBF13B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{3E3F3132-0124-4CBC-8F78-8734AD74CAD5}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{7CBD1A3C-341F-48A8-BFC2-6ED6041199D5}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe FirewallRules: [{0E4F9752-2ED8-4EBD-B929-7017D1F66C56}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{D0DE707D-9A28-419C-9B50-57DD9A8A32FD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E9460FA3-5C30-4E50-BB6C-5A58BD841E9F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{439E2647-FE15-482C-AA56-6403E7E2CD11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{6879AB74-1FFB-4183-9392-B82F8E88779A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{F1F31641-D59A-4C4F-9E92-E81CEBB99851}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E835FFC0-6F6B-45D9-BE5D-0C3828C21766}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3AEB5826-1664-4F21-A839-5FEC6E90DF2F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DBBC1A4F-55C6-468E-B78A-B9502C88DD10}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EA266C9D-AC7C-4F59-BBBB-4FA287AA9991}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FA3CB099-1EF5-4D84-8210-FEB0B51ABF5D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{77CD257B-BE1C-4FEB-A80D-32F817805082}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{01220C92-290E-42AC-9EC0-59FE5D1C0FC8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{C3AC8369-DF87-4C8C-B9A2-E3B8CCD81556}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{EB3ACFD6-4299-4CF7-917A-721090BA194F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{D2A5BDFD-1A73-4158-921E-D48162A728E8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{BD538A9D-4B6B-43D3-9A20-4EDA056C0E77}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{ECBEC8FE-7381-4453-A0DC-14378B1CF937}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{3FCFFF5E-C302-4ED8-90B4-D165531A016E}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE FirewallRules: [{FED1FD5A-1CB5-43CB-B212-2C921C8391BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 27-08-2018 10:21:03 Installatieprogramma voor Windows-modules 28-08-2018 11:58:48 Installatieprogramma voor Windows-modules 30-08-2018 09:30:58 Installatieprogramma voor Windows-modules 31-08-2018 12:18:16 Installatieprogramma voor Windows-modules 03-09-2018 21:30:25 Installatieprogramma voor Windows-modules 06-09-2018 09:12:16 Installatieprogramma voor Windows-modules 08-09-2018 21:14:20 Installatieprogramma voor Windows-modules 10-09-2018 11:59:26 Installatieprogramma voor Windows-modules 11-09-2018 21:03:30 Installatieprogramma voor Windows-modules ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (09/12/2018 09:26:37 AM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/12/2018 09:26:37 AM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/12/2018 09:26:36 AM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=50964a88-ab5f-4c91-b70e-66a2eadb5423 (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/12/2018 09:26:35 AM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=4E00205A-2AB1-4423-8F77-CC25B82CDE1D (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/12/2018 09:26:33 AM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=821fe777-bf67-463b-99f0-b2e0e4d9813b (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/12/2018 09:26:33 AM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/11/2018 09:18:40 PM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by : [Errno 11001] getaddrinfo failed)",),)) Error: (09/11/2018 09:18:40 PM) (Source: iumsvc) (EventID: 255) (User: ) Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=776faec3-12f6-4d15-bfaa-9a62564a97cc&DomainId=50964a88-ab5f-4c91-b70e-66a2eadb5423 (Caused by : [Errno 11001] getaddrinfo failed)",),)) Systeemfouten: ============= Error: (09/13/2018 10:43:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/13/2018 10:42:21 AM) (Source: DCOM) (EventID: 10010) (User: HP) Description: De server windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/13/2018 10:39:52 AM) (Source: DCOM) (EventID: 10016) (User: HP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker HP\Gebruiker SID (S-1-5-21-527120506-1666112006-1758287245-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/12/2018 09:54:37 AM) (Source: DCOM) (EventID: 10016) (User: HP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker HP\Gebruiker SID (S-1-5-21-527120506-1666112006-1758287245-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/12/2018 09:35:36 AM) (Source: DCOM) (EventID: 10016) (User: HP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker HP\Gebruiker SID (S-1-5-21-527120506-1666112006-1758287245-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/12/2018 09:23:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/12/2018 09:22:15 AM) (Source: DCOM) (EventID: 10016) (User: HP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker HP\Gebruiker SID (S-1-5-21-527120506-1666112006-1758287245-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/12/2018 09:20:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Windows Defender: =================================== Date: 2018-09-12 09:32:31.320 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.B&threatid=2147729064&enterprise=0 Naam: Trojan:JS/CoinHive.B Id: 2147729064 Ernst: Ernstig Categorie: Trojaans paard Pad: containerfile:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal; file:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal->(SCRIPT0045) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: HP\Gebruiker Procesnaam: C:\Program Files (x86)\Kodi\kodi.exe Handtekeningversie: AV: 1.275.1086.0, AS: 1.275.1086.0, NIS: 1.275.1086.0 Engineversie: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-12 09:32:31.130 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.B&threatid=2147729064&enterprise=0 Naam: Trojan:JS/CoinHive.B Id: 2147729064 Ernst: Ernstig Categorie: Trojaans paard Pad: file:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal->(SCRIPT0045) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: HP\Gebruiker Procesnaam: C:\Program Files (x86)\Kodi\kodi.exe Handtekeningversie: AV: 1.275.1086.0, AS: 1.275.1086.0, NIS: 1.275.1086.0 Engineversie: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-12 09:31:53.209 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.B&threatid=2147729064&enterprise=0 Naam: Trojan:JS/CoinHive.B Id: 2147729064 Ernst: Ernstig Categorie: Trojaans paard Pad: file:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal->(SCRIPT0045) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: HP\Gebruiker Procesnaam: C:\Program Files (x86)\Kodi\kodi.exe Handtekeningversie: AV: 1.275.1086.0, AS: 1.275.1086.0, NIS: 1.275.1086.0 Engineversie: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-12 09:31:47.751 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.B&threatid=2147729064&enterprise=0 Naam: Trojan:JS/CoinHive.B Id: 2147729064 Ernst: Ernstig Categorie: Trojaans paard Pad: containerfile:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal; file:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal->(SCRIPT0045) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: HP\Gebruiker Procesnaam: C:\Program Files (x86)\Kodi\kodi.exe Handtekeningversie: AV: 1.275.1086.0, AS: 1.275.1086.0, NIS: 1.275.1086.0 Engineversie: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-09-12 09:31:43.023 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:JS/CoinHive.B&threatid=2147729064&enterprise=0 Naam: Trojan:JS/CoinHive.B Id: 2147729064 Ernst: Ernstig Categorie: Trojaans paard Pad: file:_C:\Users\Gebruiker\AppData\Roaming\Kodi\userdata\Database\SALTScache.db-wal->(SCRIPT0045) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: HP\Gebruiker Procesnaam: C:\Program Files (x86)\Kodi\kodi.exe Handtekeningversie: AV: 1.275.1086.0, AS: 1.275.1086.0, NIS: 1.275.1086.0 Engineversie: AM: 1.1.15200.1, NIS: 1.1.15200.1 Date: 2018-08-23 10:11:17.434 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.275.23.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15200.1 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2018-08-17 11:40:19.260 Description: Engine van Windows Defender Antivirus is beëindigd als gevolg van een onverwachte fout. Type fout: Crash Uitzonderingscode: 0xc0000005 Bron: Date: 2018-08-11 15:57:58.409 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.273.1228.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15100.1 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage geheugen in gebruik: 82% Totaal fysiek RAM-geheugen: 4018.27 MB Beschikbaar fysiek RAM-geheugen: 683.83 MB Totaal Virtueel geheugen: 4722.27 MB Beschikbaar Virtueel geheugen: 707.77 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:434.72 GB) (Free:23.89 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:19.99 GB) (Free:1.48 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] \\?\Volume{8552a962-23e9-4fbe-9697-cce28b945940}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.37 GB) NTFS \\?\Volume{64a8fcf5-d74f-4313-9153-fd9ea7506033}\ () (Fixed) (Total:1.73 GB) (Free:1.23 GB) NTFS \\?\Volume{ce00e917-bfca-4951-833a-2319663e3d4c}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Eind van Addition.txt ============================