Windows 10 Boot "issue"

Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24

Platform: x64 Windows 10 (Pro), 10.0.16299 (ReleaseId: 1709), Service Pack: 0
Time: 18.11.2017 - 20:04
Language: OS: Dutch (0x413). Display: Dutch (0x413). Non-Unicode: Dutch (0x413)
Elevated: Yes
Ran by: DyllyZ (group: Administrator) on DESKTOP-F5536NE

Chrome: 62.0.3202.94
Firefox: 57.0.0.6525
Edge: 11.0.16299.15
Internet Explorer: 11.0.16299.15

Boot mode: Normal

Running processes:
Number | Path
11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
1 C:\Users\DyllyZ\AppData\Roaming\BitTorrent\BitTorr ent.exe
2 C:\Users\DyllyZ\AppData\Roaming\BitTorrent\updates \7.10.0_44091\bittorrentie.exe
1 C:\Users\DyllyZ\Desktop\HiJackThis.exe
1 C:\Users\DyllyZ\Desktop\MemCompression
2 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
59 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

O4 - HKCU..\StartupApproved\Run: [OneDrive] (2017/11/18)C:\Users\DyllyZ\AppData\Local\Microsoft\OneDriv e\OneDrive.exe /background
O4 - HKLM..\StartupApproved\Run: [SecurityHealth] (1601/01/01)C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O17 - DHCP DNS - 1: 192.168.2.254
O22 - Task (Disabled): \Microsoft\Windows\PushToInstall\LoginCheck - C:\WINDOWS\system32\sc.exe start pushtoinstall login
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UNP\RunUpdateNotificationMgr - C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe
O22 - Task (Disabled): \Microsoft\Windows\Workplace Join\Recovery-Check - C:\WINDOWS\System32\dsregcmd.exe /checkrecovery
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): OneDrive Standalone Update Task-S-1-5-21-1314789830-172498510-431026138-1001 - C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDriveStandaloneUpdater.exe
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegi strationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\Chkdsk\SyspartRepair - C:\WINDOWS\system32\bcdboot.exe %windir% /sysrepair
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterD eviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh - {711001CD-CC1D-4470-9B7E-1EF73849C79E},ExploitGuardPolicy - C:\WINDOWS\System32\MitigationConfiguration.dll
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellula r - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Ar g4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Printing\EduPrintProv - C:\WINDOWS\system32\eduprintprov.exe
O22 - Task (Ready): \Microsoft\Windows\PushToInstall\Registration - C:\WINDOWS\system32\sc.exe start pushtoinstall registration
O22 - Task (Ready): \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powersh ell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden “& %windir%\system32\WindowsPowerShell\v1.0\Modules\S mbShare\DisableUnusedSmb1.ps1 -Scenario Client”
O22 - Task (Ready): \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powersh ell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden “& %windir%\system32\WindowsPowerShell\v1.0\Modules\S mbShare\DisableUnusedSmb1.ps1 -Scenario Server”
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcqui sition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\USB\Usb-Notifications - {E05BE1C8-92A8-4757-B575-ACAECB4E6A40} - C:\Windows\System32\UsbTask.dll
O22 - Task (Ready): \Microsoft\Windows\UpdateOrchestrator\USO_Broker_D isplay - C:\WINDOWS\system32\MusNotification.exe Display
O22 - Task (Ready): \Microsoft\Windows\WaaSMedic\PerformRemediation - C:\WINDOWS\System32\WaaSMedic.exe None
O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O23 - Service R2: @oem56.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
O23 - Service R3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S2: Google Update-service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Google Update-service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe

–
End of file - Time spent: 23 sec. - 16650 bytes, CRC32: FFFFFFFF. Sign: ﹧뜬

This is everything it says. heres the file itself to

Any idea? it’s not a major problem but I think it will slow my pc down in the long run.

ZHP Diag Scan

Download ZHP Diag to your desktop.

1. Right Click Run as Admin.
2. Click the Options button.

Click on Check All
Then Click Validate
Then click close.




2. Click the Scanner button.



When complete please push the report button.
A notepad will open… copy and paste the report in your next reply.

Apologies for the late reply, last night I closed all the programs when I booted the next morning chrome still opens with all it’s tabs.
I tried running this program you suggested, and it stops working at 90% at a certain file. Tried at least 3 times and it stops working on the same file every time.
Sorry brother I am trying here:unsure: I’m glad you are helping me anyway!

edit* now it stops at a different file on 90%
edit #2* it worked after a few “hic ups” here is the log sorry that some things are in dutch let me know if u need any translation (yes I play some oldschool games lol)
~ ZHPDiag v2017.11.19.201 Door Nicolas Coolman (2017/11/19)
~ gestart door DyllyZ (Administrator) (2017/11/19 22:11:35)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ Certificate ZHPDiag: Legal
~ Versie de status: Versie OK
~ Modus: Scanner
~ Rapport: C:\Users\DyllyZ\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\DyllyZ\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Opstarten van het systeem: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 16299) =>.Microsoft Corporation

—\ Internet-browsers (4) - 0s
~ GCIE: Google Chrome v62.0.3202.94
~ MFIE: Mozilla Firefox 57.0 (x64 nl)
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.64.16299.0

—\ Windows productinformatie (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

—\ Software om het systeem te beveiligen (1) - 1s
Windows Defender (Activate) (Protection)

—\ Informatie over het systeem (6) - 0s
~ Operating System: AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 20969.652 MB (88% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 227 GB (47%) free of 476 GB : OK =>.Disk Space

—\ Verbinding met het systeem-modus (3) - 0s
~ Computer Name: DESKTOP-F5536NE
~ User Name: DyllyZ
~ Logged in as Administrator

—\ Overzicht vaste en verwisselbare stations (2) - 0s
~ Drive C: has 227 GB free of 476 GB (System)
~ Drive F: has GB free of 60 GB

—\ Staat van het Windows Security Center (7) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

—\ Zoeken naar bepaalde algemene bestanden (24) - 1s
[MD5.4312C7F7CA8CC13A475CB150EEB5F35E] - 19/11/2017 - (.Microsoft Corporation - Windows Verkenner.) – C:\WINDOWS\Explorer.exe [3894968] =>.Microsoft Windows®
[MD5.731A783A36A8E69A6434D19D98B12A09] - 29/09/2017 - (.Microsoft Corporation - Windows-hostproces (Rundll32).) – C:\WINDOWS\System32\rundll32.exe [71168] =>.Microsoft Corporation
[MD5.BF3E1D9B2360C6BE4CC3094CD2DDC617] - 29/09/2017 - (.Microsoft Corporation - Windows Toepassing Opstarten.) – C:\WINDOWS\System32\Wininit.exe [359584] =>.Microsoft Windows Publisher®
[MD5.D5B5C1E2E7C8AFB93C365D53E80F0BF9] - 17/11/2017 - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) – C:\WINDOWS\System32\wininet.dll [3334144] =>.Microsoft Corporation
[MD5.8B67C13E6C000B14C1551FF07F15242E] - 29/09/2017 - (.Microsoft Corporation - Toepassing Windows-aanmelden.) – C:\WINDOWS\System32\Winlogon.exe [712704] =>.Microsoft Corporation
[MD5.4D487E7D2B047FB929BE00117C09F9EC] - 29/09/2017 - (.Microsoft Corporation - Software Licensing-bibliotheek.) – C:\WINDOWS\System32\sppcomapi.dll [414720] =>.Microsoft Corporation
[MD5.A94E2533A7604E4AA05DCCC675A9F396] - 17/11/2017 - (.Microsoft Corporation - API DLL van DNS Client.) – C:\WINDOWS\System32\dnsapi.dll [739696] =>.Microsoft Windows®
[MD5.0A821BF024E347943D6F5C5180FAEA31] - 17/11/2017 - (.Microsoft Corporation - API DLL van DNS Client.) – C:\WINDOWS\Syswow64\dnsapi.dll [597160] =>.Microsoft Windows®
[MD5.6FB5A2026B16D596DEABF550E7A4BD82] - 29/09/2017 - (.Microsoft Corporation - Ondersteunend functiestuurprogramma van Win.) – C:\WINDOWS\System32\drivers\AFD.sys [614296] =>.Microsoft Windows®
[MD5.6191B9B2EE0E8CB957C683B9B341CC86] - 29/09/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\WINDOWS\System32\drivers\atapi.sys [28568] =>.Microsoft Windows®
[MD5.9E82A95D77AC78C84BA75FF896B060BF] - 29/09/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.6D83565C1652E80447EDEA6947FA89D7] - 29/09/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\WINDOWS\System32\drivers\Cdrom.sys [159744] =>.Microsoft Corporation
[MD5.9910E9CFF5ECDCB225F82E72CE9DE459] - 29/09/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\WINDOWS\System32\drivers\DfsC.sys [151040] =>.Microsoft Corporation
[MD5.99A34FD1F6431A10D8C3BB50E170D0F2] - 29/09/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\WINDOWS\System32\drivers\HDAudBus.sys [86016] =>.Microsoft Corporation
[MD5.56FF074E50F9042FD2856AB3418F4B18] - 29/09/2017 - (.Microsoft Corporation - i8042-poortstuurprogramma.) – C:\WINDOWS\System32\drivers\i8042prt.sys [105984] =>.Microsoft Corporation
[MD5.7BEC2AF23F586EFF0DB4DBF4331B0C70] - 29/09/2017 - (.Microsoft Corporation - IP Network Address Translator.) – C:\WINDOWS\System32\drivers\IpNat.sys [214016] =>.Microsoft Corporation
[MD5.6FC2E733C7172B6BFAD383B108E56F92] - 29/09/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\WINDOWS\System32\drivers\MRxSmb.sys [496536] =>.Microsoft Windows®
[MD5.401C17200AA0433D94EA61695F111DC3] - 29/09/2017 - (.Microsoft Corporation - MBT Transport driver.) – C:\WINDOWS\System32\drivers\netBT.sys [316928] =>.Microsoft Corporation
[MD5.4738811FFC33F2AC222FB2B82C14BECF] - 17/11/2017 - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) – C:\WINDOWS\System32\drivers\ntfs.sys [2400664] =>.Microsoft Windows®
[MD5.2E07EC2C1622F5E7B535D62DCD61F3AB] - 29/09/2017 - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) – C:\WINDOWS\System32\drivers\Parport.sys [98816] =>.Microsoft Corporation
[MD5.E0220BB6580D34001D4D1D133052DAA4] - 29/09/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\WINDOWS\System32\drivers\Rasl2tp.sys [106496] =>.Microsoft Corporation
[MD5.DF83769C92527DB50653F8FB57D001FF] - 30/09/2017 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\WINDOWS\System32\drivers\rdpdr.sys [182784] =>.Microsoft Corporation
[MD5.571D82ABAC428D902ACA0CF60373C039] - 29/09/2017 - (.Microsoft Corporation - TDI Translation Driver.) – C:\WINDOWS\System32\drivers\tdx.sys [121240] =>.Microsoft Windows®
[MD5.6AF9BCB1FFD127B8F4E7E7B9FF9351EA] - 29/09/2017 - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) – C:\WINDOWS\System32\drivers\volsnap.sys [401304] =>.Microsoft Windows®

—\ Niet-Microsoft NT services die niet uitgeschakeld zijn (3) - 1s
O23 - Service: Google Update-service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.9.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation
O23 - Service: @oem56.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixe (VIAKaraokeService) . (.VIA Technologies, Inc. - Service binary.) - C:\WINDOWS\System32\viakaraokesrv.exe =>.VIA Technologies, Inc.

—\ Niet-Microsoft services (GSR) (SR = Running, SS = gestopt) (5) - 19s
SS - Auto [17/11/2017] [ 153168] Google Update-service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [17/11/2017] [ 153168] Google Update-service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [12/11/2017] [ 194000] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [29/01/2016] [ 932728] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe =>.NVIDIA Corporation®
SR - Auto [22/06/2015] [ 36504] @oem56.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixe (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\WINDOWS\System32\viakaraokesrv.exe =>.VIA Technologies Inc.®

—\ Taken die zijn gepland in de automatische modus (Register) (75) - 2s
O38 - TASK: {0319D346-9E60-4CE2-B937-EF6C981CC0F1} [64Bits][\Microsoft\Windows\PushToInstall\Registration] - (.Microsoft Corporation - Service Control Manager Configuration Tool.) – C:\WINDOWS\system32\sc.exe [69120] =>.Microsoft Corporation
O38 - TASK: {03BAB3F3-7CFB-408A-9756-70F45BE325AC} [64Bits][\Microsoft\Windows\Autochk\Proxy] - (.Microsoft Corporation - Proxy-DLL voor Autochk.) – C:\Windows\System32\acproxy.dll [12800] =>.Microsoft Corporation
O38 - TASK: {04E9E27D-20BA-4966-9A08-59E136EAC4E1} [64Bits][\Microsoft\Windows\SpacePort\SpaceAgentTask] - (.Microsoft Corporation - Instellingen voor opslagruimten.) – C:\WINDOWS\system32\SpaceAgent.exe [131584] =>.Microsoft Corporation
O38 - TASK: {050A5370-17EE-4E6A-B284-96457EC5083E} [64Bits][\Microsoft\Windows\SMB\UninstallSMB1ServerTask] - (.Microsoft Corporation - Windows PowerShell.) – C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe [449024] =>.Microsoft Corporation
O38 - TASK: {0621FDBB-ADD5-44B7-A2AB-8288118B6295} [64Bits][\Microsoft\Windows\Feedback\Siuf\DmClient] - (.Microsoft Corporation - Microsoft Feedback SIUF Deployment Manager.) – C:\WINDOWS\system32\dmclient.exe [102912] =>.Microsoft Corporation
O38 - TASK: {08ECD6F8-3E70-482C-9F54-C96A9C1A773F} [64Bits][\Microsoft\Windows\Management\Provisioning\Logon] - (.Microsoft Corporation - Provisioning package runtime processing too.) – C:\WINDOWS\system32\ProvTool.exe [70656] =>.Microsoft Corporation
O38 - TASK: {094D21E3-BC2F-4072-BEC5-2D1BE0417152} [64Bits][\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan] - (.Microsoft Corporation - Microsoft Malware Protection Command Line U.) – C:\Program Files\Windows Defender\MpCmdRun.exe [442576] =>.Microsoft Corporation®
O38 - TASK: {12C7A205-44E6-4207-88E3-630593B5974E} [64Bits][\Microsoft\Windows\Management\Provisioning\Cellula r] - (.Microsoft Corporation - Provisioning package runtime processing too.) – C:\WINDOWS\system32\ProvTool.exe [70656] =>.Microsoft Corporation
O38 - TASK: {158D3281-FEB3-47C2-87B9-EE652382C0AB} [64Bits][\Microsoft\Windows\Application Experience\StartupAppTask] - (.Microsoft Corporation - DLL-bestand voor opstartcontroltaak.) – C:\Windows\System32\Startupscan.dll [17920] =>.Microsoft Corporation
O38 - TASK: {17A68EC1-555F-454C-9497-A48240207E9F} [64Bits][\Microsoft\Windows\Workplace Join\Recovery-Check] - (.Microsoft Corporation - Opdrachtregelprogramma DSREG.) – C:\WINDOWS\System32\dsregcmd.exe [730624] =>.Microsoft Corporation
O38 - TASK: {1998879B-4D36-441C-9AD2-D58AC7C09D1C} [64Bits][\Microsoft\Windows\Subscription\EnableLicenseAcqui sition] - (.Microsoft Corporation - Acquire License From Store.) – C:\WINDOWS\System32\ClipRenew.exe [136600] =>.Microsoft Windows®
O38 - TASK: {2646432D-A31A-41EC-88D5-495FF767E1ED} [64Bits][\Microsoft\Windows\Time Zone\SynchronizeTimeZone] - (.Microsoft Corporation - TimeZone Sync Task.) – C:\WINDOWS\system32\tzsync.exe [61440] =>.Microsoft Corporation
O38 - TASK: {26810429-E00E-44DC-8EB3-0F924A856085} [64Bits][\Microsoft\Windows\Shell\FamilySafetyMonitor] - (.Microsoft Corporation - Controle Family Safety.) – C:\WINDOWS\System32\wpcmon.exe [1430248] =>.Microsoft Windows®
O38 - TASK: {2C807F3D-B764-4990-BE1A-C2466CA7CF8E} [64Bits][\Microsoft\Windows\Clip\License Validation] - (.Microsoft Corporation - Client License Platform migration tool.) – C:\WINDOWS\System32\ClipUp.exe [1263592] =>.Microsoft Windows Publisher®
O38 - TASK: {32274688-6925-4C3C-AC5D-E7F3278E9F9E} [64Bits][\Microsoft\Windows\Speech\SpeechModelDownloadTask] - (.Microsoft Corporation - Speech Model Download Executable.) – C:\Windows\System32\speech_onecore\common\SpeechMo delDownload.exe [169984] =>.Microsoft Corporation
O38 - TASK: {35C5876F-4F40-40A8-BB53-714EACD45D58} [64Bits][\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector] - (.Microsoft Corporation - Windows Diagnostische module voor schijffou.) – C:\Windows\System32\dfdts.dll [45056] =>.Microsoft Corporation
O38 - TASK: {36713542-0103-4035-B316-A447E72506AC} [64Bits][\Microsoft\Windows\PushToInstall\LoginCheck] - (.Microsoft Corporation - Service Control Manager Configuration Tool.) – C:\WINDOWS\system32\sc.exe [69120] =>.Microsoft Corporation
O38 - TASK: {36EECAE1-3E34-4A61-8394-42D7F23F0455} [64Bits][\Microsoft\Windows\WwanSvc\NotificationTask] - (.Microsoft Corporation - Draadloze achtergrondtaak.) – C:\WINDOWS\System32\WiFiTask.exe [461720] =>.Microsoft Windows®
O38 - TASK: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} [64Bits][\Microsoft\Windows\WindowsUpdate\sih] - (.Microsoft Corporation - SIH-client.) – C:\WINDOWS\System32\sihclient.exe [266752] =>.Microsoft Corporation
O38 - TASK: {37449A31-039E-4B1D-8F13-E8C24D7833D4} [64Bits][\Microsoft\Windows\WindowsUpdate\sihboot] - (.Microsoft Corporation - SIH-client.) – C:\WINDOWS\System32\sihclient.exe [266752] =>.Microsoft Corporation
O38 - TASK: {37E715E6-383C-4ADF-813E-10FF9F50D9F7} [64Bits][\Microsoft\Windows\Chkdsk\SyspartRepair] - (.Microsoft Corporation - Bcdboot utility.) – C:\WINDOWS\system32\bcdboot.exe [209920] =>.Microsoft Corporation
O38 - TASK: {3CCB06C8-477E-448F-8459-C21906EA3503} [64Bits][\GoogleUpdateTaskMachineUA] - (.Google Inc. - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc®
O38 - TASK: {413CF529-FF68-4D79-94FA-C5160AFFA654} [64Bits][\Microsoft\Windows\Windows Media Sharing\UpdateLibrary] - (.Microsoft Corporation - Toepassing voor configuratie van Windows Me.) – C:\Program Files\Windows Media Player\wmpnscfg.exe [69120] =>.Microsoft Corporation
O38 - TASK: {483FAC9D-5977-47EF-80D1-80E063A3AAAB} [64Bits][\Microsoft\Windows\AppID\PolicyConverter] - (.Microsoft Corporation - AppID Policy Converter Task.) – C:\WINDOWS\system32\appidpolicyconverter.exe [158720] =>.Microsoft Corporation
O38 - TASK: {4FC5FA4E-102D-41FF-AD93-38654F2D12F2} [64Bits][\microsoft\windows\applicationdata\appuriverifieri nstall] - (.Microsoft Corporation - Controleprogramma voor registratie van App.) – C:\WINDOWS\system32\AppHostRegistrationVerifier.ex e [109056] =>.Microsoft Corporation
O38 - TASK: {5267392F-5BB8-45A6-AD93-10211E2F8850} [64Bits][\Microsoft\Windows\SpacePort\SpaceManagerTask] - (.Microsoft Corporation - Storage Spaces Manager.) – C:\WINDOWS\system32\spaceman.exe [35328] =>.Microsoft Corporation
O38 - TASK: {568AC0B6-44BB-4D3E-B7CB-D4649085FAB7} [64Bits][\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization] - (.Microsoft Corp. - Disk Defragmenter Module.) – C:\WINDOWS\system32\defrag.exe [185856] =>.Microsoft Corp.
O38 - TASK: {57767235-7BD5-491C-B881-28C24F11F7A3} [64Bits][\GoogleUpdateTaskMachineCore] - (.Google Inc. - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168] =>.Google Inc®
O38 - TASK: {5A201377-91EE-4904-B2C6-9F7D7456A03F} [64Bits][\Microsoft\Windows\Device Information\Device] - (.Microsoft Corporation - Device Census.) – C:\WINDOWS\system32\devicecensus.exe [34712] =>.Microsoft Windows®
O38 - TASK: {5AF6264F-742B-4E02-8FFC-30E5A5D31117} [64Bits][\Microsoft\Windows\UpdateOrchestrator\USO_Broker_D isplay] - (.Microsoft Corporation - MusNotificationBroker.) – C:\WINDOWS\System32\MusNotification.exe [325632] =>.Microsoft Corporation
O38 - TASK: {5C020530-D866-421B-B15E-7EB9C7FA4D3B} [64Bits][\Microsoft\Windows\DiskCleanup\SilentCleanup] - (.Microsoft Corporation - Schijfruimte opschonen voor Windows.) – C:\WINDOWS\system32\cleanmgr.exe [219648] =>.Microsoft Corporation
O38 - TASK: {5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB} [64Bits][\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser] - (.Microsoft Corporation - Mobile Broadband Account Experience Parser.) – C:\WINDOWS\System32\MbaeParserTask.exe [114176] =>.Microsoft Corporation
O38 - TASK: {61BAF05A-8050-481F-9368-9B62A53BC9C5} [64Bits][\microsoft\windows\applicationdata\appuriverifierd aily] - (.Microsoft Corporation - Controleprogramma voor registratie van App.) – C:\WINDOWS\system32\AppHostRegistrationVerifier.ex e [109056] =>.Microsoft Corporation
O38 - TASK: {64527507-F4A0-48D6-9F72-62868629EA5D} [64Bits][\Microsoft\Windows\UpdateOrchestrator\Maintenance Install] - (.Microsoft Corporation - UsoClient.) – C:\WINDOWS\System32\usoclient.exe [39424] =>.Microsoft Corporation
O38 - TASK: {650751B8-0586-401C-95FF-65523D62D989} [64Bits][\Microsoft\Windows\UpdateOrchestrator\Schedule Scan] - (.Microsoft Corporation - UsoClient.) – C:\WINDOWS\System32\usoclient.exe [39424] =>.Microsoft Corporation
O38 - TASK: {67889EEC-D7B4-43D3-B82C-D0DBA3522591} [64Bits][\Microsoft\Windows\WCM\WiFiTask] - (.Microsoft Corporation - Draadloze achtergrondtaak.) – C:\WINDOWS\System32\WiFiTask.exe [461720] =>.Microsoft Windows®
O38 - TASK: {6831246E-D3E2-469C-9079-23FA53AC7712} [64Bits][\Microsoft\Windows\Printing\EduPrintProv] - (.Microsoft Corporation - Printer Provision Utility for EDU.) – C:\WINDOWS\system32\eduprintprov.exe [95232] =>.Microsoft Corporation
O38 - TASK: {68800700-7480-4254-8876-FD69E4DACC4A} [64Bits][\Microsoft\Windows\WaaSMedic\PerformRemediation] - (.Microsoft Corporation - WaasMedic.) – C:\WINDOWS\System32\WaaSMedic.exe [348160] =>.Microsoft Corporation
O38 - TASK: {6AF2B5AF-12F7-4A18-8717-7EE7080D2E29} [64Bits][\Microsoft\Windows\ApplicationData\CleanupTemporar yState] - (.Microsoft Corporation - Windows Application Data API Server.) – C:\Windows\System32\Windows.Storage.ApplicationDat a.dll [367336] =>.Microsoft Windows®
O38 - TASK: {6D1394F6-AC40-473C-8454-0B65CAC7E062} [64Bits][\Microsoft\Windows\Subscription\LicenseAcquisition] - (.Microsoft Corporation - Acquire License From Store.) – C:\WINDOWS\System32\ClipRenew.exe [136600] =>.Microsoft Windows®
O38 - TASK: {6F0BC9E8-7975-4BBA-BA11-1B177AA4EBB4} [64Bits][\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers] - (.Microsoft Corporation - Module voor installeren van stuurprogramma’.) – C:\WINDOWS\System32\drvinst.exe [160256] =>.Microsoft Corporation
O38 - TASK: {724A82BA-0CD9-4932-A8F8-AE155346DC7A} [64Bits][\Microsoft\Windows\Workplace Join\Automatic-Device-Join] - (.Microsoft Corporation - Opdrachtregelprogramma DSREG.) – C:\WINDOWS\System32\dsregcmd.exe [730624] =>.Microsoft Corporation
O38 - TASK: {771D6169-4626-4297-84CD-06D2147969AC} [64Bits][\OneDrive Standalone Update Task-S-1-5-21-1314789830-172498510-431026138-1001] - (.Microsoft Corporation - Standalone Updater.) – C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDriveStandaloneUpdater.exe [2296008] =>.Microsoft Corporation®
O38 - TASK: {823907E4-225B-4EF7-AF4B-8BD3F3493491} [64Bits][\Microsoft\Windows\Bluetooth\UninstallDeviceTask] - (.Microsoft Corporation - Taak Bluetooth-apparaat verwijderen.) – C:\Windows\System32\BthUdTask.exe [40448] =>.Microsoft Corporation
O38 - TASK: {82B5AAEF-39CD-42E6-839C-D4724378C033} [64Bits][\Microsoft\Windows\UPnP\UPnPHostConfig] - (.Microsoft Corporation - Service Control Manager Configuration Tool.) – C:\Windows\System32\sc.exe [69120] =>.Microsoft Corporation
O38 - TASK: {9160FE70-F649-4EE5-A397-C280356DC99E} [64Bits][\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance] - (.Microsoft Corporation - Microsoft Malware Protection Command Line U.) – C:\Program Files\Windows Defender\MpCmdRun.exe [442576] =>.Microsoft Corporation®
O38 - TASK: {9202D2AF-F1E6-4D6B-AA7E-FC0654E3635A} [64Bits][\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange] - (.Microsoft Corporation - Base Filtering Engine.) – C:\Windows\System32\bfe.dll [841216] =>.Microsoft Corporation
O38 - TASK: {95812E91-F632-41D2-BA27-1B515BFBF299} [64Bits][\Microsoft\Windows\RemoteAssistance\RemoteAssistan ceTask] - (.Microsoft Corporation - COM-server voor Windows Hulp op afstand.) – C:\Windows\System32\raserver.exe [128000] =>.Microsoft Corporation
O38 - TASK: {9A02A269-2B74-4524-A37D-23538013CC0F} [64Bits][\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver] - (.Microsoft Corporation - Windows Probleemoplossing voor schijfproble.) – C:\WINDOWS\system32\DFDWiz.exe [51712] =>.Microsoft Corporation
O38 - TASK: {9C7D670F-D8AA-4310-B11E-79D3738AB035} [64Bits][\Microsoft\Windows\DiskFootprint\Diagnostics] - (.Microsoft Corporation - DiskSnapshot.exe.) – C:\WINDOWS\system32\disksnapshot.exe [87040] =>.Microsoft Corporation
O38 - TASK: {A5CB45C2-450F-4B10-B73A-7F91D4D8639A} [64Bits][\Microsoft\Windows\SMB\UninstallSMB1ClientTask] - (.Microsoft Corporation - Windows PowerShell.) – C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe [449024] =>.Microsoft Corporation
O38 - TASK: {A7C57A41-D764-4AAB-BBDE-BB8DAA2BE5DD} [64Bits][\Microsoft\Windows\UNP\RunUpdateNotificationMgr] - (.Microsoft Corporation - Update Notification Pipeline Manager.) – C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [378264] =>.Microsoft Windows®
O38 - TASK: {A8E38795-E6D5-44C1-83B8-D3D0811ACE2E} [64Bits][\Microsoft\Windows\ApplicationData\DsSvcCleanup] - (.Microsoft Corporation - Data Sharing Service Maintenance Driver.) – C:\WINDOWS\system32\dstokenclean.exe [12800] =>.Microsoft Corporation
O38 - TASK: {AE29E8A6-9708-4CB5-8282-D7F7291DCC34} [64Bits][\Microsoft\Windows\Location\WindowsActionDialog] - (.Microsoft Corporation - Windows Action Dialog Broker.) – C:\WINDOWS\System32\WindowsActionDialog.exe [59392] =>.Microsoft Corporation
O38 - TASK: {B2B85895-09A2-4BC3-BBF9-9B74780BFE62} [64Bits][\Microsoft\Windows\SharedPC\Account Cleanup] - (.Microsoft Corporation - SharedPC.AccountManager.) – C:\WINDOWS\System32\Windows.SharedPC.AccountManage r.dll [194560] =>.Microsoft Corporation
O38 - TASK: {B38EADAA-FBBE-4A90-BAE4-3F6BCC5C5BC7} [64Bits][\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) – C:\WINDOWS\system32\compattelrunner.exe [139064] =>.Microsoft Corporation®
O38 - TASK: {BC40FCF6-98AA-466D-98D4-D4D532C3007D} [64Bits][\Microsoft\Windows\NlaSvc\WiFiTask] - (.Microsoft Corporation - Draadloze achtergrondtaak.) – C:\WINDOWS\System32\WiFiTask.exe [461720] =>.Microsoft Windows®
O38 - TASK: {C05CF805-420D-41C7-9E13-86ED6E546B7E} [64Bits][\Microsoft\Windows\Sysmain\WsSwapAssessmentTask] - (.Microsoft Corporation - Host voor Superfetch-service.) – C:\Windows\System32\sysmain.dll [970240] =>.Microsoft Corporation
O38 - TASK: {C42E840C-33B0-4DE9-A05C-A828D3511B1D} [64Bits][\Microsoft\Windows\Windows Defender\Windows Defender Verification] - (.Microsoft Corporation - Microsoft Malware Protection Command Line U.) – C:\Program Files\Windows Defender\MpCmdRun.exe [442576] =>.Microsoft Corporation®
O38 - TASK: {C8252966-561E-44F5-8E10-113984BF4843} [64Bits][\Microsoft\Windows\Time Synchronization\SynchronizeTime] - (.Microsoft Corporation - Service Control Manager Configuration Tool.) – C:\WINDOWS\system32\sc.exe [69120] =>.Microsoft Corporation
O38 - TASK: {C89FB80E-7881-4C3F-9506-00342D8BC3F1} [64Bits][\Microsoft\Windows\MUI\LPRemove] - (.Microsoft Corporation - Opruimen van MUI-taalpakket.) – C:\WINDOWS\system32\lpremove.exe [58368] =>.Microsoft Corporation
O38 - TASK: {CF842F82-5CE4-44CE-93D4-750EE07191DC} [64Bits][\Microsoft\Windows\Defrag\ScheduledDefrag] - (.Microsoft Corp. - Disk Defragmenter Module.) – C:\WINDOWS\system32\defrag.exe [185856] =>.Microsoft Corp.
O38 - TASK: {D0218C70-9C99-4043-BF17-667E1AE5C42E} [64Bits][\Microsoft\Windows\UpdateOrchestrator\Reboot] - (.Microsoft Corporation - MusNotificationBroker.) – C:\WINDOWS\System32\MusNotification.exe [325632] =>.Microsoft Corporation
O38 - TASK: {D0A89826-6023-4661-975D-0CE62FBF194D} [64Bits][\Microsoft\Windows\Location\Notifications] - (.Microsoft Corporation - Locatiemelding.) – C:\WINDOWS\System32\LocationNotificationWindows.ex e [67584] =>.Microsoft Corporation
O38 - TASK: {D2E38DD0-019E-42DB-B34D-2CE5DC12ED7A} [64Bits][\Microsoft\Windows\AppID\VerifiedPublisherCertStor eCheck] - (.Microsoft Corporation - AppID Certificate Store Verification Task.) – C:\WINDOWS\system32\appidcertstorecheck.exe [18944] =>.Microsoft Corporation
O38 - TASK: {D80AA3A2-189B-4A11-8828-511E6BAE5426} [64Bits][\Microsoft\Windows\Windows Error Reporting\QueueReporting] - (.Microsoft Corporation - Windows Problem Reporting.) – C:\WINDOWS\system32\wermgr.exe [194456] =>.Microsoft Windows®
O38 - TASK: {DE51FC11-6C38-440A-A9D2-2A0602690914} [64Bits][\Microsoft\Windows\Application Experience\ProgramDataUpdater] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) – C:\WINDOWS\system32\compattelrunner.exe [139064] =>.Microsoft Corporation®
O38 - TASK: {DE83C09C-269F-43B7-B5FF-970204B5D88E} [64Bits][\Microsoft\Windows\Windows Defender\Windows Defender Cleanup] - (.Microsoft Corporation - Microsoft Malware Protection Command Line U.) – C:\Program Files\Windows Defender\MpCmdRun.exe [442576] =>.Microsoft Corporation®
O38 - TASK: {E0D45B22-1A56-43FE-854C-DAFD1DDA1D61} [64Bits][\Microsoft\Windows\DUSM\dusmtask] - (.Microsoft Corporation - DUSM Task.) – C:\WINDOWS\System32\dusmtask.exe [34816] =>.Microsoft Corporation
O38 - TASK: {E3DBE120-A4C2-4CD4-A364-C51992B36C98} [64Bits][\Microsoft\Windows\SystemRestore\SR] - (.Microsoft Corporation - Achtergrondtaken voor Microsoft® Windows Sy.) – C:\WINDOWS\system32\srtasks.exe [56832] =>.Microsoft Corporation
O38 - TASK: {E5182B77-08AA-49E5-AE8E-806A8F509499} [64Bits][\Microsoft\Windows\WindowsUpdate\Scheduled Start] - (.Microsoft Corporation - Service Control Manager Configuration Tool.) – C:\Windows\System32\sc.exe [69120] =>.Microsoft Corporation
O38 - TASK: {E52928DD-BCA2-4E32-9B84-FFA7606694BE} [64Bits][\Microsoft\XblGameSave\XblGameSaveTask] - (.Microsoft Corporation - XblGameSave Standby Task.) – C:\WINDOWS\System32\XblGameSaveTask.exe [31744] =>.Microsoft Corporation
O38 - TASK: {EAE44DBA-F158-4EAA-8864-BCB05E36C20E} [64Bits][\Microsoft\Windows\Customer Experience Improvement Program\Consolidator] - (.Microsoft Corporation - Windows SQM-consolidatie.) – C:\WINDOWS\System32\wsqmcons.exe [91136] =>.Microsoft Corporation
O38 - TASK: {F0A590C9-9AA0-48BB-B8D4-77D99A67BB0B} [64Bits][\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup] - (.Microsoft Corporation - AppX Deployment Client DLL.) – C:\Windows\System32\AppxDeploymentClient.dll [688064] =>.Microsoft Windows®
O38 - TASK: {F6027CB3-9A58-415A-80F2-B1404204D4F5} [64Bits][\Microsoft\Windows\Feedback\Siuf\DmClientOnScenari oDownload] - (.Microsoft Corporation - Microsoft Feedback SIUF Deployment Manager.) – C:\WINDOWS\system32\dmclient.exe [102912] =>.Microsoft Corporation

—\ Toepassingen gelanceerd tijdens het opstarten van het systeem (5) - 0s
O4 - HKLM..\Run: [SecurityHealth] . (.Microsoft Corporation - Windows Defender notification icon.) – C:\Program Files\Windows Defender\MSASCuiL.exe =>.Microsoft Windows®
O4 - HKCU..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-19..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) – C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-1314789830-172498510-431026138-1001..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) – C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®

—\ Gestarte processen (16) - 2s
[MD5.00000000000000000000000000000000] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.9.) – C:\WINDOWS\system32\nvvsvc.exe [0] [PID.1424] =>.NVIDIA Corporation
[MD5.00000000000000000000000000000000] - (.VIA Technologies, Inc. - Service binary.) – c:\windows\system32\viakaraokesrv.exe [0] [PID.2976] =>.VIA Technologies, Inc.
[MD5.0ED3C7171461FD6C8BF8C29898644C45] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) – C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1209912] [PID.5936] =>.NVIDIA Corporation®
[MD5.00000000000000000000000000000000] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.9.) – C:\WINDOWS\system32\nvvsvc.exe [0] [PID.1912] =>.NVIDIA Corporation
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.7640] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.5540] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.1456] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.8124] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.1192] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.6560] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.6020] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.6112] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.6800] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.3736] =>.Google Inc®
[MD5.B981F64E0F02088D317FBF73E49E4265] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312] [PID.4912] =>.Google Inc®
[MD5.579D44335F9A686047EA77F20C8DC12C] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\DyllyZ\AppData\Roaming\ZHP\ZHPDiag3.exe [2929536] [PID.988] =>.Nicolas Coolman

—\ Google Chrome, start, zoeken, extensies (19) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://abs.twimg.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://analytics.twitter.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pbs.twimg.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchelpforum.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchf2-jew4efcjsvzg0rz43cny.stackpathdns.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://syndication.twitter.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://twitter.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.reddit.com
G2 - GCE: Preference [DyllyZ][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [DyllyZ][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [DyllyZ][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [DyllyZ][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [DyllyZ][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [DyllyZ][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [DyllyZ][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [DyllyZ][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [DyllyZ][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

—\ IE, start, zoeken, URLSearchHook, Phishing (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internetbrowser.) (11.00.16299.15 (WinBuild.160101.0800)) – C:\Windows\System32\ieframe.dll =>.Microsoft Corporation

—\ Internet Explorer, proxybeheer (3) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft

—\ Analyse - IniFiles, Autoloading programma’s (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

—\ Hosts-bestand omleiding (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

—\ Algemene snelkoppelingen opstarten (63) - 2s
O4 - GS\Desktop [Administrator]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\DyllyZ\AppData\Roaming\BitTorrent\BitTorr ent.exe =>.BitTorrent Inc®
O4 - GS\Desktop [Administrator]: gta_sa - Snelkoppeling.lnk . (…) C:\Program Files (x86)\Rockstar games\GTA San Andreas\gta_sa.exe
O4 - GS\Desktop [Administrator]: SporeApp - Snelkoppeling.lnk . (.Maxis, a division of Electronic Arts Inc. - Spore.) C:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe =>.Maxis, a division of Electronic Arts Inc.
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\DyllyZ\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrator]: Bestandsoverdracht via Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®
O4 - GS\Desktop [DyllyZ]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\DyllyZ\AppData\Roaming\BitTorrent\BitTorr ent.exe =>.BitTorrent Inc®
O4 - GS\Desktop [DyllyZ]: gta_sa - Snelkoppeling.lnk . (…) C:\Program Files (x86)\Rockstar games\GTA San Andreas\gta_sa.exe
O4 - GS\Desktop [DyllyZ]: SporeApp - Snelkoppeling.lnk . (.Maxis, a division of Electronic Arts Inc. - Spore.) C:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe =>.Maxis, a division of Electronic Arts Inc.
O4 - GS\Desktop [DyllyZ]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\DyllyZ\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [DyllyZ]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [DyllyZ]: Bestandsoverdracht via Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [DyllyZ]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [DyllyZ]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [DyllyZ]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [DyllyZ]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Gast]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\DyllyZ\AppData\Roaming\BitTorrent\BitTorr ent.exe =>.BitTorrent Inc®
O4 - GS\Desktop [Gast]: gta_sa - Snelkoppeling.lnk . (…) C:\Program Files (x86)\Rockstar games\GTA San Andreas\gta_sa.exe
O4 - GS\Desktop [Gast]: SporeApp - Snelkoppeling.lnk . (.Maxis, a division of Electronic Arts Inc. - Spore.) C:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe =>.Maxis, a division of Electronic Arts Inc.
O4 - GS\Desktop [Gast]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\DyllyZ\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Gast]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Gast]: Bestandsoverdracht via Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Gast]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [Gast]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Gast]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [Gast]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®
O4 - GS\Desktop [WDAGUtilityAccount]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\DyllyZ\AppData\Roaming\BitTorrent\BitTorr ent.exe =>.BitTorrent Inc®
O4 - GS\Desktop [WDAGUtilityAccount]: gta_sa - Snelkoppeling.lnk . (…) C:\Program Files (x86)\Rockstar games\GTA San Andreas\gta_sa.exe
O4 - GS\Desktop [WDAGUtilityAccount]: SporeApp - Snelkoppeling.lnk . (.Maxis, a division of Electronic Arts Inc. - Spore.) C:\Program Files (x86)\Electronic Arts\SPORE\Sporebin\SporeApp.exe =>.Maxis, a division of Electronic Arts Inc.
O4 - GS\Desktop [WDAGUtilityAccount]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\DyllyZ\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [WDAGUtilityAccount]: Bestandsoverdracht via Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [WDAGUtilityAccount]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\TaskBar [WDAGUtilityAccount]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [WDAGUtilityAccount]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Programs [WDAGUtilityAccount]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Grand Theft Auto V.lnk . (.Rockstar Games - Grand Theft Auto V Launcher.) C:\Program Files (x86)\Rockstar games\Grand Theft Auto V\GTAVLauncher.exe =>.Take-Two Interactive Software, Inc.®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: The Elder Scrolls IV Oblivion.lnk . (.Bethesda Softworks - Oblivion.) C:\Program Files (x86)\Mr DJ\The Elder Scrolls IV Oblivion\Oblivion.exe =>.Bethesda Softworks
O4 - GS\CommonDesktop [Public]: The Witcher 2 - Assassins of Kings Enhanced Edition.lnk . (.CD Projekt RED - The Witcher 2 Launcher Application.) C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\Launcher.exe =>.CD Projekt RED
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\DyllyZ\AppData\Local\Microsoft\OneDrive\O neDrive.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\internet explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Kladblok.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Verbinding met extern bureaublad.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Knipprogramma.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Stappenbeschrijving.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Toepassing Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS-viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Speciale tekens.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

—\ Domeinadres wijzigingen van de DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{9272c2b0-323a-41aa-9485-90a71e9b0bb5}: DhcpNameServer = 192.168.2.254 =>.Local IP Adress

—\ Aanvullend Protocol (19) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX-besturingselement voor videostreams.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX-besturingselement voor videostreams.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) – C:\Windows\System32\tbauth.dll =>.Microsoft Corporation

—\ Geïnstalleerde software (14) - 3s
O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKCU][64Bits] – BitTorrent =>.BitTorrent Inc®
O42 - Logiciel: Fraps (remove only) - (.Beepa.) [HKLM][64Bits] – Fraps =>.Beepa
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Grand Theft Auto V - (..) [HKLM][64Bits] – R3JhbmRUaGVmdEF1dG9W_is1
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] – OneDriveSetup.exe =>.Microsoft Corporation®
O42 - Logiciel: Mozilla Firefox 57.0 (x64 nl) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 57.0 (x64 nl) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA-configuratiescherm 341.95 - (.NVIDIA Corporation.) [HKLM][64Bits] – {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: SPORE™ - (.Electronic Arts.) [HKLM][64Bits] – {9DF0196F-B6B8-4C3A-8790-DE42AA530101} =>.Electronic Arts®
O42 - Logiciel: The Elder Scrolls IV Oblivion version 1.2.0416.00 - (.Mr DJ.) [HKLM][64Bits] – The Elder Scrolls IV Oblivion_is1 =>.Mr DJ
O42 - Logiciel: The Witcher 2 - Assassins of Kings Enhanced Edition - (.GOG.com.) [HKLM][64Bits] – The Witcher 2 - Assassins of Kings Enhanced Edition_is1 =>.GOG.com
O42 - Logiciel: WinRAR 5.50 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®

—\ HKCU & HKLM Software Keys (32) - 3s
HKLM\SOFTWARE\Wow6432Node\AMD =>.AMD
HKLM\SOFTWARE\Wow6432Node\Bethesda Softworks =>.Bethesda Softworks
HKLM\SOFTWARE\Wow6432Node\CD Projekt RED =>.CD Projekt RED
HKLM\SOFTWARE\Wow6432Node\EA Games =>.EA Games
HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Foxit Software =>.Foxit Software
HKLM\SOFTWARE\Wow6432Node\Fraps =>.Beepa
HKLM\SOFTWARE\Wow6432Node\GNU =>.GNU
HKLM\SOFTWARE\Wow6432Node\GOG.com =>.GOG.com
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\Rockstar Games =>.Rockstar Games
HKLM\SOFTWARE\Wow6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CD Projekt RED =>.CD Projekt RED
HKCU\SOFTWARE\Fraps3 =>.Beepa
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Rockstar Games =>.Rockstar Games
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation

—\ Inhoud van mappen programma (114) - 1s
O43 - CFD: 29/09/2017 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\internet explorer =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 17/11/2017 - D – C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 17/11/2017 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\VIA =>.VIA Technologies Inc.®
O43 - CFD: 17/11/2017 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\windows nt =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - SHD – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - HD – C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Program Files (x86)\Electronic Arts =>.Electronic Arts®
O43 - CFD: 18/11/2017 - D – C:\Program Files (x86)\GOG.com =>.GOG.com
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 18/11/2017 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Mr DJ =>.Mr DJ
O43 - CFD: 19/11/2017 - D – C:\Program Files (x86)\Rockstar games =>.Rockstar Games
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\windows nt =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - SHD – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 17/11/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps =>.Fraps Games
O43 - CFD: 18/11/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com =>.GOG.com
O43 - CFD: 29/09/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls IV Oblivion
O43 - CFD: 18/11/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 17/11/2017 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\ProgramData\Bureaublad
O43 - CFD: 17/11/2017 - [0] SHD – C:\ProgramData\Documenten =>.Corel Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\ProgramData\Menu Start =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 17/11/2017 - D – C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 19/11/2017 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\ProgramData\Sjablonen =>.Sjablonen
O43 - CFD: 29/09/2017 - [0] D – C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - D – C:\ProgramData\WindowsHolographicDevices =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Program Files (x86)\Common Files\system =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 19/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\BitTorrent
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\Google =>.Google
O43 - CFD: 17/11/2017 - SD – C:\Users\DyllyZ\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\SPORE
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 19/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\DyllyZ\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Local\ConnectedDevicesPlat form =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] D – C:\Users\DyllyZ\AppData\Local\DBG =>.DBG
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\DyllyZ\AppData\Local\Geschiedenis =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Google =>.Google
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/11/2017 - [0] D – C:\Users\DyllyZ\AppData\Local\Oblivion =>.Games Software
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - [0] D – C:\Users\DyllyZ\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 19/11/2017 - D – C:\Users\DyllyZ\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\DyllyZ\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Local\The Witcher 2 =>.Atari Inc
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 19/11/2017 - D – C:\Users\DyllyZ\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 17/11/2017 - [0] D – C:\Users\DyllyZ\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 02/02/2008 - D – C:\Users\DyllyZ\Desktop\GTA San Andreas
O43 - CFD: 29/09/2017 - RD – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - RD – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - RD – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 29/09/2017 - D – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - RD – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - RD – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - RD – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\Users\DyllyZ\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\Default\AppData\Local\Geschiedenis =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Geschiedenis =>.Microsoft Corporation
O43 - CFD: 30/09/2017 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 29/09/2017 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 17/11/2017 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 18/11/2017 - D – C:\WINDOWS\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation

—\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Shell-uitbreidings-DLL voor Beveili.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Gebruikersinterface voor caching aan client.) – C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation

—\ Search Context Menu Handlers (SCMH) (26) - 1s
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client-shelluitbreiding.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH1: ModernSharing [64Bits] - {e2bf9676-5f8f-435c-97eb-11607a5bedf7} . (.Microsoft Corporation - Shelluitbreidingen voor delen.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - Gemeenschappelijk DLL-bestand van Windows S.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shelluitbreidingen voor delen.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Werkmappen shell-uitbreiding.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - Gemeenschappelijk DLL-bestand van Windows S.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - Gemeenschappelijk DLL-bestand van Windows S.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - Gemeenschappelijk DLL-bestand van Windows S.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client-shelluitbreiding.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Gebruikersinterface voor caching aan client.) – C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shelluitbreidingen voor delen.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Werkmappen shell-uitbreiding.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - Gemeenschappelijk DLL-bestand van Windows S.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) – C:\WINDOWS\System32\nvshext.dll =>.NVIDIA Corporation
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shelluitbreidingen voor delen.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: WorkFolders [64Bits] - {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} . (.Microsoft Corporation - Microsoft (C) Werkmappen shell-uitbreiding.) – C:\Windows\System32\WorkfoldersShell.dll =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - Gemeenschappelijk DLL-bestand van Windows S.) – C:\Windows\System32\shell32.dll =>.Microsoft Windows®
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - Gebruikersinterface voor caching aan client.) – C:\WINDOWS\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: PintoStartScreen [64Bits] - {470C0EBD-5D73-4d58-9CED-E91E22E23282} . (.Microsoft Corporation - App-resolver.) – C:\Windows\System32\appresolver.dll =>.Microsoft Windows®
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) – C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - Windows Shell-uitbreidings-DLL voor Beveili.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client-shelluitbreiding.) – C:\Program Files\Windows Defender\shellext.dll =>.Microsoft Windows®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Shelluitbreidingen voor delen.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

—\ Image File Execution Options (10) - 0s
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - Hulpprogramma voor installeren van IE 7.0 z.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML-toepassingshost.) [MitigationOptions\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - App voor Spooler-subsysteem.) [MitigationOptions\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Hostproces voor Windows-services.) [MinimumStackCommitInBytes\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Hostproces voor Windows-services.) [MitigationAuditOptions\17660905521152] =>.Microsoft Windows Publisher®

—\ Overzicht van de drivers (51) - 5s
O58 - SDL:2017/09/29 14:41:02 A . (.LSI - LSI 3ware SCSI Storport Driver.) – C:\WINDOWS\System32\drivers\3ware.sys [107416] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) – C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) – C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\WINDOWS\System32\drivers\amdsbs.sys [258592] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\WINDOWS\System32\drivers\amdxata.sys [27032] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\WINDOWS\System32\drivers\arcsas.sys [131992] =>.Microsoft Windows®
O58 - SDL:2013/05/17 11:13:26 A . (. - ATK0110 ACPI Utility.) – C:\WINDOWS\System32\drivers\ASACPI.sys [17280] =>.ASUSTeK Computer Inc.®
O58 - SDL:2017/09/29 14:41:02 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) – C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) – C:\WINDOWS\System32\drivers\bxvbda.sys [533912] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) – C:\WINDOWS\System32\drivers\cht4dx64.sys [141208] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) – C:\WINDOWS\System32\drivers\cht4sx64.sys [357272] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T5/T6 Chip.) – C:\WINDOWS\System32\drivers\cht4vx64.sys [1723288] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:01 A . (.QLogic Corporation - QLogic 10 GigE VBD.) – C:\WINDOWS\System32\drivers\evbda.sys [3419032] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\WINDOWS\System32\drivers\HpSAMD.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iagpio.sys [36864] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) – C:\WINDOWS\System32\drivers\iai2c.sys [91648] =>.Intel(R) Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.s ys [88576] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520] =>.Intel Corporation
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) – C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592] =>.Intel Corporation
O58 - SDL:2017/09/29 14:41:01 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/09/29 14:40:59 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) – C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) – C:\WINDOWS\System32\drivers\iaStorAV.sys [674200] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\WINDOWS\System32\drivers\iaStorV.sys [412056] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - InfiniBand Fabric Bus Driver.) – C:\WINDOWS\System32\drivers\ibbus.sys [526232] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas.sys [108064] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103320] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) – C:\WINDOWS\System32\drivers\lsi_sss.sys [82840] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\megasas.sys [59800] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\MegaSas2i.sys [63520] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\WINDOWS\System32\drivers\megasr.sys [575896] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - MLX4 Bus Driver.) – C:\WINDOWS\System32\drivers\mlx4_bus.sys [842648] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) – C:\WINDOWS\System32\drivers\mvumis.sys [63896] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - NetworkDirect Support Filter Driver.) – C:\WINDOWS\System32\drivers\ndfltr.sys [108952] =>.Microsoft Windows®
O58 - SDL:2016/03/28 22:25:32 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) – C:\WINDOWS\System32\drivers\nvlddmkm.sys [12928568] =>.NVIDIA Corporation®
O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\WINDOWS\System32\drivers\nvraid.sys [150424] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\WINDOWS\System32\drivers\nvstor.sys [166296] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas2i.sys [58776] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) – C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:03 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) – C:\WINDOWS\System32\drivers\rt640x64.sys [604160] =>.Realtek
O58 - SDL:2017/09/29 14:41:14 RA . (.Realtek - Realtek PCIe GBE Family Controller Flight.) – C:\WINDOWS\System32\drivers\rteth.sys [59904] =>.Realtek
O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid2.sys [44952] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\WINDOWS\System32\drivers\sisraid4.sys [81816] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) – C:\WINDOWS\System32\drivers\stexstor.sys [31128] =>.Microsoft Windows®
O58 - SDL:2015/06/22 02:49:50 A . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) – C:\WINDOWS\System32\drivers\viahduaa.sys [701136] =>.VIA Technologies Inc.®
O58 - SDL:2015/06/22 02:49:50 A . (.Creative Technology Ltd. - Creative Audio Driver.) – C:\WINDOWS\System32\drivers\VMfilt64.sys [42192] =>.VIA Technologies Inc.®
O58 - SDL:2017/09/29 14:41:02 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\WINDOWS\System32\drivers\vsmraid.sys [166808] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) – C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305560] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinMad.) – C:\WINDOWS\System32\drivers\winmad.sys [32152] =>.Microsoft Windows®
O58 - SDL:2017/09/29 14:41:02 A . (.Mellanox - Kernel WinVerbs.) – C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®

—\ Meest recente bestanden gewijzigd of gemaakt (gebruiker) (1) - 2s
O61 - LFC: 2017/11/18 07:21:47 A . (..) – C:\Users\DyllyZ\Downloads\Fallout 3 - GOTY repack Mr DJ\Setup.exe [22139209]

—\ Bestandsassociaties mogelijk aangepast (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\WINDOWS\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Startprogramma voor de module Logboeken.) – C:\WINDOWS\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (…) – %1" %*
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Register-editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S

—\ Startmenu Internet (12) - 0s
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [64Bits][HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [64Bits][HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

—\ Zoekmachines in internetbrowsers (1) - 4s
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

—\ Geeft een opsomming van de dienst begin door Svchost (49) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\WINDOWS\System32\certprop.dll [188928] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL-bestand voor Server-service.) – C:\WINDOWS\System32\srvsvc.dll [270848] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Groepbeleidclient.) – C:\WINDOWS\System32\gpsvc.dll [1275904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE-extensie.) – C:\WINDOWS\System32\ikeext.dll [984064] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service die IPv6-connectiviteit via een IPv.) – C:\WINDOWS\System32\iphlpsvc.dll [820224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Dll-bestand voor de Secondary Logon-service.) – C:\WINDOWS\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information-service.) – C:\WINDOWS\System32\appinfo.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI -detectieservice.) – C:\WINDOWS\System32\iscsiexe.dll [150528] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost-service.) – C:\WINDOWS\System32\eapsvc.dll [109056] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler-service.) – C:\WINDOWS\System32\schedsvc.dll [880640] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\WINDOWS\System32\wbem\WMIsvc.dll [220160] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - Userenv.) – C:\WINDOWS\System32\profsvc.dll [407040] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service voor Extern bureaublad-configuratie.) – C:\WINDOWS\System32\sessenv.dll [387584] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Probleemrapporten en oplossingen.) – C:\WINDOWS\System32\wercplsupport.dll [108544] =>.Microsoft Corporation
O83 - Search Svchost Services: PushToInstall (PushToInstall) . (.Microsoft Corporation - PushToInstall.) – C:\WINDOWS\System32\PushToInstall.dll [254976] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) – C:\WINDOWS\System32\Windows.SharedPC.AccountManage r.dll [194560] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) – C:\WINDOWS\System32\XblGameSave.dll [1272320] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natuurlijke-authenticatieservice.) – C:\WINDOWS\System32\NaturalAuth.dll [795136] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) – C:\WINDOWS\System32\TokenBroker.dll [1230848] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service Geolocatie.) – C:\WINDOWS\System32\lfsvc.dll [46080] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) – C:\WINDOWS\System32\XblAuthManager.dll [1107968] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infraroodmonitor.) – C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Beheer van automatisch inbellen van Externe.) – C:\WINDOWS\System32\rasauto.dll [104960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Verbindingsbeheer voor RAS.) – C:\WINDOWS\System32\rasmans.dll [930304] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamisch interfacebeheer.) – C:\WINDOWS\System32\mprdim.dll [491520] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification-service (SENS).) – C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Helper-onderdelen voor Microsoft NAT.) – C:\WINDOWS\System32\ipnathlp.dll [600576] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telefoonserver.) – C:\WINDOWS\System32\tapisrv.dll [307200] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update-agent.) – C:\WINDOWS\System32\wuaueng.dll [2781696] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\WINDOWS\System32\qmgr.dll [1345536] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL-bestand voor Windows Shell Services.) – C:\WINDOWS\System32\shsvcs.dll [613376] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service-DLL.) – C:\WINDOWS\System32\Windows.Internal.Management.dl l [702464] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) – C:\WINDOWS\System32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight-instellingen.) – C:\WINDOWS\System32\flightsettings.dll [779264] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows-systeemservice voor pushmeldingen.) – C:\WINDOWS\System32\WpnService.dll [284672] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) – C:\WINDOWS\System32\XboxNetApiSvc.dll [1143808] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator-kerngeheugen.) – C:\WINDOWS\System32\usocore.dll [1288704] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) – C:\WINDOWS\System32\usermgr.dll [951808] =>.Microsoft Corporation
O83 - Search Svchost Services: InstallService (InstallService) . (.Microsoft Corporation - InstallService.) – C:\WINDOWS\System32\InstallService.dll [1306624] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL-bestand voor Windows Shell-themaservice.) – C:\WINDOWS\System32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE-service.) – C:\WINDOWS\System32\bdesvc.dll [387072] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Apparaatinstallatiebeheer.) – C:\WINDOWS\System32\DeviceSetupManager.dll [237568] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Netwerk instellen.) – C:\WINDOWS\System32\NetSetupSvc.dll [307712] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant-se.) – C:\WINDOWS\System32\ncasvc.dll [170496] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account-service.) – C:\WINDOWS\System32\wlidsvc.dll [2223104] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) – C:\WINDOWS\System32\XboxGipSvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software-installatieservice.) – C:\WINDOWS\System32\appmgmts.dll [196096] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL-bestand voor Computer Browser-service.) – C:\WINDOWS\System32\browser.dll [132608] =>.Microsoft Corporation

—\ Microsoft Installer-bestanden (1) - 0s
[MD5.F0EE2E7F283866A2A0FEA9BE2D12A979] [WIS][2017/11/17 20:54:40] (.Google Inc. - Google Update Helper.) – C:\WINDOWS\Installer\1a5cda.msi [40960] =>.Google Inc.

—\ Extra scan (O88) (3) - 0s
HKLM\Software\Classes*\ShellEx\ContextMenuHandlers \WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHa ndlers\WinRAR32 =>.SUP.Orphan

—\ Samenvatting van elementen gevonden op uw werkstation (1) - 0s
https://nicolascoolman.eu/2017/09/12...es-orphelines/ =>.SUP.Orphan

~ Unselected Options:
~ End of the scan, 10331 items in 08mn18s (694)(0)

Please perform a clean boot on the machine and let me know the results, this will give me time to review your logs.

Just performed a clean boot and the same issue occurs

Sorry for the delay… an update

Still eperiencing the same problem.

@DyllyZ Still having issues?

You could try to turn off use sign-in info to auto finish setting up device after update or restart in Windows 10.
For Windows 10 (Version 1709), select the Start button, select Settings > Accounts > Sign-in options, then make sure Use my sign in info to automatically finish setting up my device after an update or restart is turned off.
For previous versions of Windows 10, select the Start button, select Settings > Update & security > Window Update > Advanced options, then select the check box next to Use my sign in info to automatically finish setting up my device after an update.
This setting is causing many problems, the other solution is to ensure you close all open programs/apps before shutting down.

Any update for us DyllZ? If unreplied to within 48hrs this thread will be closed.