start CreateRestorePoint: (Secure Driver Updater.) C:\Program Files (x86)\Secure Driver Updater\SDU.exe () C:\Users\Johan\AppData\Roaming\Event Monitor\em.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe GroupPolicy\User: Restrictie <==== AANDACHT GroupPolicyUsers\S-1-5-21-3157429923-292206502-2485843891-1001\User: Restrictie <==== AANDACHT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://nl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EtD0ByCyDtCzzyEtCyE0CzyyBtN0D0Tzu0StCzytCtAtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FzytAyD0BtDtCtGtB0E0D0FtG0ByDyEtBtGtByCyC0FtGzztC0AtDyDyEtD0Czz0CtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FyC0DtB0DyEyEtGtAyEzzyEtGyE0FtC0BtGzzyByD0BtGtAtBtCtDtB0AtD0E0E0AtAyD2QtN0A0LzutB%26cr%3D14935247%26a%3Dwbf_frmr_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://nl.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_13¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EtD0ByCyDtCzzyEtCyE0CzyyBtN0D0Tzu0StCzytCtAtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FzytAyD0BtDtCtGtB0E0D0FtG0ByDyEtBtGtByCyC0FtGzztC0AtDyDyEtD0Czz0CtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FyC0DtB0DyEyEtGtAyEzzyEtGyE0FtC0BtGzzyByD0BtGtAtBtCtDtB0AtD0E0E0AtAyD2QtN0A0LzutB%26cr%3D14935247%26a%3Dwbf_frmr_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKU\S-1-5-21-3157429923-292206502-2485843891-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.nl/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EtD0ByCyDtCzzyEtCyE0CzyyBtN0D0Tzu0StCzytCtAtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FzytAyD0BtDtCtGtB0E0D0FtG0ByDyEtBtGtByCyC0FtGzztC0AtDyDyEtD0Czz0CtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FyC0DtB0DyEyEtGtAyEzzyEtGyE0FtC0BtGzzyByD0BtGtAtBtCtDtB0AtD0E0E0AtAyD2QtN0A0LzutB%26cr%3D14935247%26a%3Dwbf_frmr_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EtD0ByCyDtCzzyEtCyE0CzyyBtN0D0Tzu0StCzytCtAtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FzytAyD0BtDtCtGtB0E0D0FtG0ByDyEtBtGtByCyC0FtGzztC0AtDyDyEtD0Czz0CtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FyC0DtB0DyEyEtGtAyEzzyEtGyE0FtC0BtGzzyByD0BtGtAtBtCtDtB0AtD0E0E0AtAyD2QtN0A0LzutB%26cr%3D14935247%26a%3Dwbf_frmr_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EtD0ByCyDtCzzyEtCyE0CzyyBtN0D0Tzu0StCzytCtAtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FzytAyD0BtDtCtGtB0E0D0FtG0ByDyEtBtGtByCyC0FtGzztC0AtDyDyEtD0Czz0CtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FyC0DtB0DyEyEtGtAyEzzyEtGyE0FtC0BtGzzyByD0BtGtAtBtCtDtB0AtD0E0E0AtAyD2QtN0A0LzutB%26cr%3D14935247%26a%3Dwbf_frmr_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_frmr_17_13¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0EtD0ByCyDtCzzyEtCyE0CzyyBtN0D0Tzu0StCzytCtAtN1L2XzutAtFtBzytFtAtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StD0FzytAyD0BtDtCtGtB0E0D0FtG0ByDyEtBtGtByCyC0FtGzztC0AtDyDyEtD0Czz0CtByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0FyC0DtB0DyEyEtGtAyEzzyEtGyE0FtC0BtGzzyByD0BtGtAtBtCtDtB0AtD0E0E0AtAyD2QtN0A0LzutB%26cr%3D14935247%26a%3Dwbf_frmr_17_13%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE BHO-x32: Geen Naam -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Geen bestand CHR HKLM\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - CHR HKLM-x32\...\Chrome\Extension: [bmlggjgglgmlgbendppbpmkpakefkmkd] - CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [144864 2017-03-22] (Byte Technologies LLC) R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-03-28] () 2017-07-03 17:57 - 2017-07-04 21:50 - 00000286 _____ C:\Windows\Tasks\SecureDriverUpdater_UPDATES.job 2017-07-03 17:57 - 2017-07-03 19:06 - 00003036 _____ C:\Windows\System32\Tasks\SecureDriverUpdater_UPDATES 2017-07-03 17:54 - 2017-07-03 17:54 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\sdu 2017-07-03 16:48 - 2017-07-04 22:56 - 00003178 _____ C:\Windows\System32\Tasks\SecureDriverUpdaterRunAtStartup 2017-07-03 16:48 - 2017-07-03 16:48 - 00001067 _____ C:\Users\Public\Desktop\Secure Driver Updater.lnk 2017-07-03 16:48 - 2017-07-03 16:48 - 00000000 ____D C:\Users\Johan\AppData\Roaming\sdu 2017-07-03 16:48 - 2017-07-03 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Driver Updater 2017-07-03 16:46 - 2017-07-03 16:48 - 00000000 ____D C:\Program Files (x86)\Secure Driver Updater 2017-07-04 22:55 - 2017-03-30 08:27 - 00000000 ____D C:\Users\Johan\AppData\Roaming\Event Monitor 2017-07-04 22:50 - 2017-03-28 14:57 - 00000000 ____D C:\ProgramData\AVAST Software ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Geen bestand ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Geen bestand Task: {4E4F4779-CA1D-4923-9BDD-44C64AE49033} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-03-22] (Byte Technologies LLC) <==== AANDACHT Task: {53B513BD-28E0-4596-8462-DED2A7EF4305} - System32\Tasks\RunAtStartup => C:\Users\Johan\AppData\Roaming\Event Monitor\em.exe [2017-05-29] () <==== AANDACHT Task: {58911FBB-2912-4F13-92E1-BE7F6CEE55B1} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-03-22] (Byte Technologies LLC) <==== AANDACHT Task: {E3EC2678-0BFC-422C-8E3C-BAAC17E592D2} - System32\Tasks\SecureDriverUpdaterRunAtStartup => C:\Program Files (x86)\Secure Driver Updater\SDU.exe [2017-07-03] (Secure Driver Updater.) Task: {EBE464CA-65B3-4A49-AFF5-738381A63772} - System32\Tasks\SecureDriverUpdater_UPDATES => C:\Program Files (x86)\Secure Driver Updater\SDU.exe [2017-07-03] (Secure Driver Updater.) Task: C:\Windows\Tasks\SecureDriverUpdater_UPDATES.job => C:\Program Files (x86)\Secure Driver Updater\SDU.exe AlternateDataStreams: C:\Users\Johan\Downloads\launch (10).ica:icasource [114] Hosts: Reboot: end