start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [EaseUS FixTool] => "C:\Program Files (x86)\EaseUS\EaseUS Tools M\bin\UpdateExe.exe" autostart (Geen bestand)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT
HKU\S-1-5-21-3562429682-1266904798-2973062435-1001\...\Run: [] => [X]
GroupPolicy: Restrictie ? <==== AANDACHT
Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
Task: {8B6577FD-6478-4FF7-A0FF-5E2A342299B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3562429682-1266904798-2973062435-1001Core => C:\Users\patri\AppData\Local\Google\Update\GoogleUpdate.exe  /c (Geen bestand)
Task: {46FE3F31-E6D9-45DD-8F82-3F0F6FFFF48B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3562429682-1266904798-2973062435-1001UA => C:\Users\patri\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler (Geen bestand)
Task: {7C6DBD4B-0FB5-4BEA-B302-85B745D275A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  /DeviceScanR6 (Geen bestand)
Task: {CDDFDF07-D271-41AA-B50F-456D15DF2741} - System32\Tasks\HPJumpStartLaunch => "C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"  (Geen bestand)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Geen bestand)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe  ReadyToReboot (Geen bestand)
Task: {203ED527-797D-4891-A3DF-4C234FC49E71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC EngagedRebootReminder (Geen bestand)
Task: {5E9DCC79-FA7A-4743-AE1B-5901055AD802} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery EngagedRebootReminder (Geen bestand)
Task: {EB0FEFBE-0E53-419D-AACC-B2990B016293} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe  Display (Geen bestand)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Geen bestand)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
U3 AVG Business Console Client Antivirus Service; geen ImagePath
U3 AVG Firewall; geen ImagePath
U3 avgBcc; geen ImagePath
U3 avgbdisk; geen ImagePath
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
2024-04-12 08:28 - 2024-04-22 12:14 - 000000000 ____D C:\Program Files\MiniTool ShadowMaker
2024-04-12 08:28 - 2024-04-22 12:13 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2024-04-12 08:28 - 2021-03-26 11:07 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2024-04-12 08:28 - 2021-03-26 11:07 - 000019152 _____ C:\WINDOWS\system32\pwdrvio.sys
2024-04-12 08:28 - 2021-03-26 11:07 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
CustomCLSID: HKU\S-1-5-21-3562429682-1266904798-2973062435-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3562429682-1266904798-2973062435-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3562429682-1266904798-2973062435-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3562429682-1266904798-2973062435-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> geen bestandpad
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Geen bestand
FirewallRules: [{E9924941-2B86-4D62-9126-A33B2391EBFA}] => (Allow) C:\Users\patri\AppData\Local\Temp\7zS7BB1\HP.EasyStart.exe => Geen bestand
FirewallRules: [{1EEA8F87-5EB5-49DB-9F99-76CB27D5B64C}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Geen bestand
FirewallRules: [{6AE50D08-6057-4B45-ADC9-CC231C93F3A2}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Geen bestand
FirewallRules: [{42325395-2529-45F7-9CDD-B562D395E8AB}] => (Allow) C:\Program Files\Fortect\MainService.exe => Geen bestand
FirewallRules: [{2838A86C-CFCB-4A2A-9B98-F601CBA5479D}] => (Allow) C:\Program Files\Fortect\MainService.exe => Geen bestand
EmptyTemp:
End::