start:: CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3409791781-31244116-3819798477-1001\...\Run: [com.messenger] => "C:\Users\declercq\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (Geen bestand) Task: {03E61879-F37E-4606-833A-40DC85F204F6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {11F8AB5D-39EA-4CBD-8BAF-A1849D4B957D} - System32\Tasks\TUDsDownloader => C:\Program Files\Norton Utilities Premium\activesync.exe -appexecutable nup.exe -tuds (Geen bestand) Task: {1AC51C34-4693-4298-AC95-73EBC229D1C0} - System32\Tasks\DistromaticSearchProtect-hourly => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe --start --launcher=hourly-task (Geen bestand) <==== AANDACHT Task: {1C3BB90A-8E5B-45A2-87DF-0A3729976D8F} - System32\Tasks\Norton Utility\ActiveSync-NortonUtility => C:\Program Files\Norton Utilities\ActiveBridge.exe -appexecutable NUP.exe -ammode (Geen bestand) Task: {2AB51305-A5BD-4FE3-9DF7-0ECDA48B6EBF} - System32\Tasks\Outbyte\PC Repair\Start PC Repair оn logon => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe [9509768 2021-12-02] (Outbyte Computing Pty Ltd -> Outbyte) <==== AANDACHT Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Geen bestand) Task: {46B1921F-3BBC-40F1-8A96-08B996B54F8A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {4D5EF471-F9BB-426E-B9E4-E7FB9F69952B} - System32\Tasks\Outbyte\PC Repair\NewDeceptors => C:\Program Files (x86)\Outbyte\PC Repair\PCRepair.exe [9509768 2021-12-02] (Outbyte Computing Pty Ltd -> Outbyte) <==== AANDACHT Task: {7392AF78-E077-4769-9DF7-95C5DE93F53B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {768AA709-BA60-48B4-8BA7-9F0E70CDE06F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {76B5A14C-7EFB-4877-B763-F1C01EC65879} - System32\Tasks\{77E179D0-E811-476A-B6A1-DBF3284B9C73} => C:\windows\system32\pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe" Task: {84B9886D-63ED-46B4-8AD7-3B6C45921F50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {8E262FD8-55F5-48DA-85D2-EA29D05F8995} - \WPD\SqmUpload_S-1-5-21-3409791781-31244116-3819798477-1001 -> Geen bestand <==== AANDACHT Task: {90FE4C8B-608A-443C-A478-D26CCDBC0963} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {979B917-C825-4918-89F9-1CE6B28A739E} - System32\Tasks\Norton Security with Backup\Norton Security Online Error Processor => C:\Program Files\Norton Security\{1093FBFC-B00B-44EB-AAB2-83EF84D24F1C}\Engine\22.21.8.62\SymErr.exe /submit (Geen bestand) Task: {9EEED81B-C471-4706-B462-6E30D98447DA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (Geen bestand Task: {A79D77A7-C020-43B1-86EF-967AE06D4240} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {B5B57777-F4CF-4776-BF29-6A9F1562AA4A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {B9713625-4F52-4760-9DA9-095CC1BBD883} - System32\Tasks\DistromaticSearchProtect-logon => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe --start --launcher=logon-task (Geen bestand) <==== AANDACHT Task: {C8041C26-3BF0-401F-A96C-BCA1E0F0C20E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {D97E386A-898D-429C-B25C-E566B535F2FB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {EB8FFEB2-8551-4F94-986F-3A35EFDF86BE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {EE61B7C7-C938-4800-8BD0-2662063FFDBC} - \Optimize Start Menu Cache Files-S-1-5-21-3409791781-31244116-3819798477-1001 -> Geen bestand <==== AANDACHT Task: {F973CC42-A6CE-4AF1-A0A6-859314953E5B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Users\declercq\Desktop\Picasa3\npPicasa3.dll [Geen bestand] S3 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [194632 2018-05-15] (APN LLC -> APN LLC.) R0 B12EA549; C:\WINDOWS\System32\drivers\B12EA549.sys [478392 2016-09-11] (Kaspersky Lab -> Kaspersky Lab ZAO) 2022-01-27 16:24 - 2022-01-27 16:26 - 022958832 _____ (Outbyte) C:\Users\declercq\mfc100u_dll-outbyte-pc-repair.exe oogle Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.35.453\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3409791781-31244116-3819798477-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\declercq\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => Geen bestand ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasserie Astene _ De wachtzaal_ eten, drinken, brasserie fietsroute, menu.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=gobkgnkggflfmeiohbphlcihepgnfbkh ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasserie Noordhof Drongen - Home.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=igmghjdjbdlhgaffbhpcfgonbfagihia ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brasserie Priorij Van Elsegem - Kleine Markt Oudenaarde - Een oase van Gezelligheid.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bkhaejmdemklipjdjhjjdgdmmceiaonn ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\de afspanning.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ijjkckgenfdndbhpofbjkmgfpdkalhlk ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eetgelegenheden _ Stad Oudenaarde.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bdjllepnooafcajglcfmckeajobknjac ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\European Disability Card _ Een kaart om de toegang van personen met een handicap tot cultuur, sport en vrijetijdsbesteding te verg.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jdgbpikcpmdnijijnoiekopdgianackkShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fotocadeau nl.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=fncimkllpojcnggffipbpbkeijcdaifm ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handicap & invaliditeit - Parkeerkaart personen met een handicap - Burger.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=npbafipaladhmfiglegibbghhegjchhp ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Het weer in BelgiË _ onze verwachtingen - KMI (1).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ogmlaaejljmaniglchjkmfmfkbjflndg --app-url=hxxp://www.meteo.be/meteo/view/nl/65239-Home.html ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Het weer in BelgiË _ onze verwachtingen - KMI.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ogmlaaejljmaniglchjkmfmfkbjflndg ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home - Zwalmkoets.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jjbemkddfiobckmaooafkjefljenefdp ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home _ KMSK Deinze.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=cpgnkngkegknljehdhgkdihecjihemja ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Informatie en onlinediensten voor burgers – socialezekerheid.be _.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=kkphilkaghjpgenfnaiagijdfahkbomp ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mijn eBox - Kaarten.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=lelgokkehojpllnpidbhfdifhekelnkp ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Handicap - Sociale Zekerheid.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jpmpkbgpppnjkgoeggjiphnfgplmlelm ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\my minfin.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ohlpjodadbcfgcnadcjacphdkgcmeimj ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NMBS - Dienstregeling, Biljetten, Abonnementen en Tarieven.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=aoghdpcpihejjacfaeipehmcmfgikjej --app-url=hxxp://www.belgianrail.be/nl/Home.aspx ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Noodweer _ online weerblog _ natuur _ onweer en bliksem (1).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nohbalfembnklpcilnlinjbljfpadlja --app-url=hxxp://www.noodweer.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Noodweer _ online weerblog _ natuur _ onweer en bliksem.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nohbalfembnklpcilnlinjbljfpadlja ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Restaurant Foodbart Deinze - Innocent salads, guilty burgers, soep - wraps.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=lmmbifdchjiakpbbcafddfdhccmhfpae ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\t'Veer Oudenaarde.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dapbjcgnjcghfficckedgbjocmmabnbf ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taverne restaurant Ter Biestmolen te Zwalm.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eebblcldjhcjgjckpbghkpkcihamifoa ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uitvaartzorg D'Hondt - Begrafenissen Oudenaarde (1).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=mhpdjmoamkcoffaejfiggimpnilbgmmn --app-url=hxxps://www.uitvaartmetstijl.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uitvaartzorg D'Hondt - Begrafenissen Oudenaarde.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=mhpdjmoamkcoffaejfiggimpnilbgmmn ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weekendmenu _ Restaurants Colmar.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=eninabncgddcfpkhkekpbmkfoofhiehg ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Welkom bij Domino's Friends.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=ooceimjhpemmahfgjbbjfpdkfejffcdk ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wikipedia, de vrije encyclopedie (1).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=kkjelngaceackognigpfemnjfbbbikfh --app-url=hxxps://nl.wikipedia.org/wiki/Hoofdpagina ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wikipedia, de vrije encyclopedie.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=kkjelngaceackognigpfemnjfbbbikfh ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Witte Gids - De eerste Telefoongids van BelgiË.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=faaffphmbfniphekncnbjfidhfmfminl ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Music.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod AlternateDataStreams: C:\Users\declercq\OneDrive\Documenten\hondenafebeelding.jpeg:3or4kl4x13tuuug3Byamue2s4b [87] AlternateDataStreams: C:\Users\declercq\OneDrive\Documenten\hondenafebeelding.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] SearchScopes: HKU\S-1-5-21-3409791781-31244116-3819798477-1001 -> DefaultScope {672B5291-7710-4435-80D1-C9D126949F88} URL = hxxps://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11412&p2=%5EBBK%5EOSJ000%5EYY%5EBE&gct=&itbv=12.18.0.82&apn_uid=CBBD6D95-BE20-4C1B-9161-6501B07D5F15&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=cr_38.0.2125.111&doi=2014-11-10&trgb=CR&q={searchTerms}&pt=tb SearchScopes: HKU\S-1-5-21-3409791781-31244116-3819798477-1001 -> {0CEC8D30-3D77-4982-B279-A096434D6796} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11412&pf=V7&p2=^BBK^OSJ000^YY^BE&gct=&itbv=12.18.0.82&apn_uid=CBBD6D95-BE20-4C1B-9161-6501B07D5F15&apn_ptnrs=BBK&apn_dtid=^OSJ000^YY^BE&apn_dbr=cr_38.0.2125.111&doi=2014-11-10&trgb=CR&q={searchTerms}&psv=&pt=tb SearchScopes: HKU\S-1-5-21-3409791781-31244116-3819798477-1001 -> {672B5291-7710-4435-80D1-C9D126949F88} URL = hxxps://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11412&p2=%5EBBK%5EOSJ000%5EYY%5EBE&gct=&itbv=12.18.0.82&apn_uid=CBBD6D95-BE20-4C1B-9161-6501B07D5F15&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=cr_38.0.2125.111&doi=2014-11-10&trgb=CR&q={searchTerms}&pt=tb SearchScopes: HKU\S-1-5-21-3409791781-31244116-3819798477-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&l=dis&prt=NGC&chn=1000&geo=BE&ver=22.21.11.46&locale=BE_en&guid=9E177AC0-694B-49D6-8254-1FB6A2FC5B8E&doi=2022-01-27&o=APN11913&vendorConfigured=iac&cmpgn=dec21&gct=kwd&qsrc=2869 SearchScopes: HKU\S-1-5-21-3409791781-31244116-3819798477-1001 -> {D8BE3A33-647D-4ABF-B426-7BAD5292B009} URL = SearchScopes: HKU\S-1-5-21-3409791781-31244116-3819798477-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: Search App by Ask -> {4F524A2D-5350-4500-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2018-05-15] (APN LLC -> APN LLC.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Geen bestand BHO-x32: Search App by Ask -> {4F524A2D-5350-4500-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2018-05-15] (APN LLC -> APN LLC.) BHO-x32: HP etwork Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Geen bestand Toolbar: HKLM - Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll [2018-05-15] (APN LLC -> APN LLC.) Toolbar: HKLM-x32 - Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll [2018-05-15] (APN LLC -> APN LLC.) HKU\S-1-5-21-3409791781-31244116-3819798477-1001\...\StartupApproved\Run: => "com.messenger" CMD: netsh advfirewall reset EmptyTemp: Reboot: end::