start CreateRestorePoint: AV: McAfee Virusscan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09} AV: McAfee Virusscan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72} CustomCLSID: HKU\S-1-5-21-2367610798-4097354111-2988090014-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\lodew\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2367610798-4097354111-2988090014-1001_Classes\CLSID\{642ccb6b-4be1-471e-bc61-606dd9dc7c79}\localserver32 -> "C:\Program Files\inPixio\inPixio Photo 11\PhotoStudioIP11.exe" -ToastActivated => Geen bestand CustomCLSID: HKU\S-1-5-21-2367610798-4097354111-2988090014-1001_Classes\CLSID\{6A58E66D-AE86-4BEF-9BF5-A375DF185CEC}\localserver32 -> C:\Program Files\PSOFT\progeCAD 2019 Professional ENG\pcad.exe => Geen bestand CustomCLSID: HKU\S-1-5-21-2367610798-4097354111-2988090014-1001_Classes\CLSID\{DCCEA499-B586-410B-9959-771731445D06}\localserver32 -> "C:\Program Files\PSOFT\progeCAD 2020 Professional ENG\pcad.exe" => Geen bestand CustomCLSID: HKU\S-1-5-21-2367610798-4097354111-2988090014-1001_Classes\CLSID\{FA2BF485-F80D-4116-9489-EB5539F2D2F9}\localserver32 -> C:\Program Files\PSOFT\progeCAD 2020 Professional ENG\pcad.exe => Geen bestand ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Geen bestand ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> Geen bestand ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Geen bestand ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> Geen bestand ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers1_S-1-5-21-2367610798-4097354111-2988090014-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\lodew\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll -> Geen bestand ContextMenuHandlers6_S-1-5-21-2367610798-4097354111-2988090014-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\lodew\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll -> Geen bestand BHO-x32: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Geen bestand FirewallRules: [{DF501320-E9E5-448B-8271-F29EE7E5F8BB}] => (Allow) BiglyBT.exe => Geen bestand FirewallRules: [{C7F8E084-9CD0-4C6E-9BE8-FD947539A884}] => (Allow) BiglyBT.exe => Geen bestand FirewallRules: [{A6F1EA0D-CA8A-4374-BCFB-C0EF9574156F}] => (Allow) BiglyBT.exe => Geen bestand FirewallRules: [{E81D77DD-499D-4B1D-A206-6FE6609280DD}] => (Allow) BiglyBT.exe => Geen bestand FirewallRules: [{FCE532AF-8791-4C4E-BE5B-B1D4FDF5BC47}] => (Allow) BiglyBT.exe => Geen bestand FirewallRules: [{69DF20DB-7C91-44EE-A62A-3D148DB6F9D8}] => (Allow) BiglyBT.exe => Geen bestand FirewallRules: [{50FDD3BF-E58C-4623-A29F-2D05A5727A75}] => (Allow) BiglyBT.exe => Geen bestand GroupPolicy: Restrictie ? <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT Task: {09424AA5-AE74-4F79-92C5-2884EEB7C92F} - System32\Tasks\AdvancedWindowsManager #1 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== AANDACHT Task: {0B63F6D7-C7E8-4DEF-A448-3EB4018D16BE} - System32\Tasks\AdvancedWindowsManager #3 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== AANDACHT Task: {217C4DDF-FA80-4957-A2F8-0A793E45C617} - System32\Tasks\AdvancedWindowsManager #2 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== AANDACHT Task: {471D8003-9A2B-4C69-B802-49BBF89E7874} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe C:\Program Files\Common Files\McAfee Task: {76364D18-FEE3-42EA-9752-D44A66D94162} - System32\Tasks\AdvancedWindowsManager #5 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== AANDACHT C:\Program Files (x86)\AW Manager "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" is ontgrendeld. <==== AANDACHT Task: {AD760012-AF13-4DCC-B06B-916E35845BD4} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} Task: {B6241B53-1F56-4114-85CB-08E7C4049EC8} - System32\Tasks\AdvancedUpdater => C:\Program Files (x86)\AW Manager\Windows Manager\Windows Updater.exe [1010800 2021-04-12] (Microleaves LTD -> AW Manager) <==== AANDACHT Task: {E17F23FC-5E83-478B-87F4-35B6D7DDCA53} - System32\Tasks\AdvancedWindowsManager #4 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== AANDACHT Task: {E48E3C76-E310-4663-BFDC-54AE61E52CDE} - System32\Tasks\AdvancedWindowsManager #6 => C:\Program Files (x86)\AW Manager\Windows Manager\AdvancedWindowsManager.exe <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => niet gevonden C:\Program Files\McAfee S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2019-08-22] (McAfee, Inc. -> McAfee, LLC) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107448 2019-08-31] (McAfee, Inc. -> McAfee LLC.) S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2019-08-22] (McAfee, Inc. -> McAfee, LLC) U3 aspnet_state; geen ImagePath S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X] 2021-08-15 09:52 - 2021-08-15 09:52 - 000000000 ____D C:\ProgramData\AW Manager 2021-08-10 16:44 - 2021-08-10 16:45 - 000003932 _____ C:\WINDOWS\system32\Tasks\AdvancedUpdater 2021-08-10 16:44 - 2021-08-10 16:45 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #6 2021-08-10 16:44 - 2021-08-10 16:45 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #5 2021-08-10 16:44 - 2021-08-10 16:45 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #4 2021-08-10 16:44 - 2021-08-10 16:45 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #3 2021-08-10 16:44 - 2021-08-10 16:45 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #2 2021-08-10 16:44 - 2021-08-10 16:45 - 000003928 _____ C:\WINDOWS\system32\Tasks\AdvancedWindowsManager #1 2021-08-10 16:44 - 2021-08-10 16:44 - 000000000 ____D C:\Program Files (x86)\AW Manager EmptyTemp: end