Start:: CloseProcesses: HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe /hideui (Geen bestand) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Geen bestand) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Geen bestand) S2 Cachedrv server; "C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe" [X] S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [X] S3 ObDrvMonPCRSrv; C:\Program Files (x86)\Outbyte\PC Repair\DrvMonX64.sys [186544 2021-06-30] (Outbyte Computing Pty Ltd -> Outbyte) 2022-01-27 16:27 - 2022-01-27 16:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Outbyte 2022-01-27 16:27 - 2022-01-27 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outbyte 2022-01-27 16:26 - 2022-01-27 16:26 - 000000000 ____D C:\ProgramData\Outbyte AV: Norton Security Online (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D} AV: Norton Security Online (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Norton Security Online (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} AV: Norton Security Online (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} FW: Norton Security Online (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} FW: Norton Security Online (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} FW: Norton Security Online (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6} FW: Norton Security Online (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36} ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-11824848430.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x658099d3 -pinnedTimeHigh 0x01cfcd31 -securityFlags 0x00000000 -tileType 0x00000000 -url 0x0000001b hxxp://www.test-aankoop.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-16162627080.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x63b6318c -pinnedTimeHigh 0x01cf9c6f -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000028 hxxp://www.azstvdeinze.be/homepage.aspx? ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-16628279520.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0xdade1019 -pinnedTimeHigh 0x01cf9c6d -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000021 hxxp://www.politiedeinzezulte.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17113156970.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x21b5de61 -pinnedTimeHigh 0x01cfbfd7 -securityFlags 0x00000000 -tileType 0x00000001 -url 0x00000032 hxxp://seniorennet.be/Magazine/rubriek/sennet-life ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-20577641640.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x85e3466d -pinnedTimeHigh 0x01cf9f92 -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000026 hxxp://www.belgianrail.be/nl/Home.aspx ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-21216354960.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x1a9f3b73 -pinnedTimeHigh 0x01cf9ba6 -securityFlags 0x00000000 -tileType 0x00000000 -url 0x00000029 hxxp://www.octaplus.be/nl/vraag-antwoord/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-3939477320.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x3707d67a -pinnedTimeHigh 0x01cfced2 -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000021 hxxp://www.skynet.be/nieuws-sport ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-8602389470.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x92c82dff -pinnedTimeHigh 0x01cfdfa5 -securityFlags 0x00000000 -tileType 0x00000004 -url 0x0000001c hxxp://kfcmerelbekejeugd.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-886676790.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x5999312d -pinnedTimeHigh 0x01cfdaee -securityFlags 0x00000000 -tileType 0x00000004 -url 0x0000001e hxxp://www.delijn.be/index.htm ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-9513911450.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x0c58936a -pinnedTimeHigh 0x01cfa12f -securityFlags 0x00000000 -tileType 0x00000003 -url 0x00000014 hxxp://www.bing.com/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\11962643900.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0xe3474622 -pinnedTimeHigh 0x01cf9c7f -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000019 hxxp://www.buienradar.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\1360327450.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x2d38c064 -pinnedTimeHigh 0x01cf9c6f -securityFlags 0x00000000 -tileType 0x00000000 -url 0x00000032 hxxp://www.deinze.be/fb111symd935bxib1bxib213.aspx ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\15054717210.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x0d605142 -pinnedTimeHigh 0x01cf98ed -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000032 hxxps://www.beobank.be/nl/BeobankOnline/Login.aspx ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\19401889920.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0xf463c32b -pinnedTimeHigh 0x01cf98ed -securityFlags 0x00000000 -tileType 0x00000001 -url 0x00000031 hxxps://www.bnpparibasfortis.be/private/Start.asp ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\2934525400.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x14374cd1 -pinnedTimeHigh 0x01cfb8a0 -securityFlags 0x00000000 -tileType 0x00000004 -url 0x00000017 hxxp://www.noodweer.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\4902269340.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000003 -pinnedTimeLow 0x6a0934e4 -pinnedTimeHigh 0x01cfbb13 -securityFlags 0x00000000 -tileType 0x00000001 -url 0x00000015 hxxp://www.radio2.be/ ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_pjkljhegncpnkpknbcohdijeoejaedia\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pjkljhegncpnkpknbcohdijeoejaedia ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_npfkoakaabdallkcdbpkkhfilkkngakh\Deezer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=npfkoakaabdallkcdbpkkhfilkkngakh ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_mgndgikekgjfcpckkfioiadnlibdjbkf\Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=mgndgikekgjfcpckkfioiadnlibdjbkf ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_lladnkjpkgllkjcnajoldahfjjoggjjh\http___www.hln.be_.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=lladnkjpkgllkjcnajoldahfjjoggjjh ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_apdfllckaahabafndbhieahigkjlhalf\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=apdfllckaahabafndbhieahigkjlhalf ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aohghmighlieiainnegkcijnfilokake\Documenten.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=aohghmighlieiainnegkcijnfilokake ShortcutWithArgument: C:\Users\declercq\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_aapocclcgogkmnckokdopfmhonfmgoek\Presentaties.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=aapocclcgogkmnckokdopfmhonfmgoek ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fotocadeau nl.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=fncimkllpojcnggffipbpbkeijcdaifm ShortcutWithArgument: C:\Users\declercq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\https___deinze.parkindigo.be_Account_Login_ReturnUrl=%2FDeinze%2FEid%2FStartEid%3FResponseAction%3DValidateEidNew.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=cfeahbjpjbinnhakkkfdmcfpdkppeemh CMD: winmgmt /resetrepository Reboot: End::