start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, <==== AANDACHT
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT
IFEO\dismHost.exe: [Debugger] nul
IFEO\EOSNOTIFY.EXE: [Debugger] nul
IFEO\InstallAgent.exe: [Debugger] nul
IFEO\MusNotification.exe: [Debugger] nul
IFEO\remsh.exe: [Debugger] nul
IFEO\SIHClient.exe: [Debugger] nul
IFEO\taskmgr.exe: [Debugger] D:\SOFTWARE DATA\ClassicTaskmgr\tm.exe
IFEO\UpdateAssistant.exe: [Debugger] nul
IFEO\UsoClient.exe: [Debugger] nul
IFEO\WaaSMedic.exe: [Debugger] nul
IFEO\Windows10Upgrade.exe: [Debugger] nul
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] nul
GroupPolicyScripts: Restrictie <==== AANDACHT
Task: {177A5A75-73CA-42E8-A3D6-6B0FD4F3F9CD} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D} (Geen bestand) 
Task: {20941459-27F7-4B4C-9CFA-7523C6174CAA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (Geen bestand)
Task: {5E8D9046-0787-44EE-8737-A17E114A7503} - geen bestandpad
Task: {75270836-243E-4AC8-A611-875C8ACC6D89} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cistray.exe (Geen bestand)
Task: {887BDE32-1787-4DEF-966D-3D8B9D598F49} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (Geen bestand)
Task: {B7682EB3-D521-43C9-9C11-976B951962E2} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cis.exe --telemetry (Geen bestand)Task: {DE9080CE-AA53-4034-905A-0F1D9FD22AD6} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} (Geen bestand)
Task: {EA4D90E9-6403-42EF-8773-D19C0E0313BA} - geen bestandpad
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
S2 SU10Guard; D:\stopupdates10portable\SU10Guard.exe [X]
U4 CmdAgent; geen ImagePath
C:\Users\DAngelo\AppData\Roaming\{DEFF2822-D82B-3A15-E33D-4B2EF4C3566F}
CustomCLSID: HKU\S-1-5-21-1537985491-808888407-4021727109-1001_Classes\CLSID\{A79E6AD0-4356-8A15-CE5C-038D242B8295}\InprocServer32 -> geen bestandpad
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} =>  -> Geen bestand
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> Geen bestand
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Geen bestand
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> Geen bestand
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} =>  -> Geen bestand
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Geen bestand
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Geen bestand
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Geen bestand
2018-07-01 21:42 - 2018-07-01 21:40 - 002119168 _____ (WinAbility® Software Corporation) [Bestand niet getekend] C:\Program Files\Folder Guard\FGuard64.dll
AlternateDataStreams: C:\ProgramData:Duplicate$Photo$Cleaner [132]
AlternateDataStreams: C:\ProgramData:iSpring Solutions [140]
AlternateDataStreams: C:\ProgramData:iSpring Suite 8 [76]
AlternateDataStreams: C:\Users\All Users:Duplicate$Photo$Cleaner [132]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [140]
AlternateDataStreams: C:\Users\All Users:iSpring Suite 8 [76]
AlternateDataStreams: C:\ProgramData\Application Data:Duplicate$Photo$Cleaner [132]
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Solutions [140]
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Suite 8 [76]
AlternateDataStreams: C:\Users\D'Angelo\Application Data:iSpring Solutions [140]
AlternateDataStreams: C:\Users\D'Angelo\Application Data:iSpring Suite 8 [76]
AlternateDataStreams: C:\Users\D'Angelo\AppData\Roaming:iSpring Solutions [140]
AlternateDataStreams: C:\Users\D'Angelo\AppData\Roaming:iSpring Suite 8 [76]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FGUARD64 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FGUARD64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FGUARD64 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FGUARD64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VipreEdgeProtection => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WebExaminer => ""="Driver"
HKLM\...\regfile\DefaultIcon:  <==== AANDACHT
BHO: Geen Naam -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> Geen bestand
Toolbar: HKLM - Geen Naam - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  Geen bestand
FirewallRules: [{8BF4B8B2-5128-4E62-A21B-67CEBE7DB736}] => (Allow) BiglyBT.exe => Geen bestand
DISM /online /Get-Features /Format:table 
CMD: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP" /s
EmptyTemp:
Reboot:
end::