fout0X00000709

 • lg

  Nu een vraag over mijn eigen pc.

  Ik had een printer hp1600 deze verwijderd en daar voor in de plaats is een Brother DCP-9020CDW gekomen.

  Als ik deze printer wil instellen als standaard printer dan krijg ik de fout 0X00000709.

  Ik kan wel printen ook wifi via mijn laptop

  Zelfs bij adobe blijft de printer hp1600 staan

  Iemand een goede raad?

  Malwarebytes Anti-Malware 1.75.0.1300

  www.malwarebytes.org

  Databaseversie: v2014.01.23.04

  Windows 7 Service Pack 1 x86 NTFS

  Internet Explorer 11.0.9600.16476

  Olidata :: OLIDATA-PC

  23-1-2014 15:13:45

  mbam-log-2014-01-23 (15-13-45).txt

  Scan type: Snelle scan

  Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

  Uitgeschakelde scan opties: P2P

  Objecten gescand: 230746

  Verstreken tijd: 9 minuut/minuten, 55 seconde(n)

  Geheugenprocessen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden gedetecteerd: 2

  HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr -> Zal worden verwijderd tijdens het herstarten.

  HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr -> Zal worden verwijderd tijdens het herstarten.

  Registerdata gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 2

  C:\Users\Olidata\AppData\Roaming\WindowsLogonS\coinutil.dll (PUP.BitcoinMiner) -> Succesvol in quarantaine geplaatst en verwijderd.

  C:\Users\Olidata\AppData\Roaming\WindowsLogonS\usft_ext.dll (PUP.BitCoinMiner) -> Succesvol in quarantaine geplaatst en verwijderd.

  Logfile of random's system information tool 1.09 (written by random/random)

  Run by Olidata at 2014-01-23 15:55:08

  Microsoft Windows 7 Ultimate Service Pack 1

  System drive C: has 39 GB (51%) free of 76 GB

  Total RAM: 1023 MB (37% free)

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 15:55:17, on 23-1-2014

  Platform: Windows 7 SP1 (WinNT 6.00.3505)

  MSIE: Internet Explorer v11.0 (11.00.9600.16428)

  Boot mode: Normal

  Running processes:

  C:\Windows\system32\taskhost.exe

  C:\Windows\system32\Dwm.exe

  C:\Windows\Explorer.EXE

  C:\Windows\System32\rundll32.exe

  C:\Program Files\Microsoft Security Client\msseces.exe

  C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

  C:\Program Files\Nuance\PaperPort\pptd40nt.exe

  C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

  C:\Program Files\ControlCenter4\BrCtrlCntr.exe

  C:\Program Files\Browny02\Brother\BrStMonW.exe

  C:\Program Files\Windows Sidebar\sidebar.exe

  C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

  C:\Program Files\ControlCenter4\BrCcUxSys.exe

  C:\Program Files\Internet Explorer\iexplore.exe

  C:\Program Files\Internet Explorer\iexplore.exe

  C:\Windows\System32\MsSpellCheckingFacility.exe

  C:\Windows\system32\DeviceDisplayObjectProvider.exe

  C:\Windows\system32\taskeng.exe

  C:\Windows\system32\SearchFilterHost.exe

  C:\Users\Olidata\Desktop\RSIT.exe

  C:\Program Files\trend micro\Olidata.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  F3 - REG:win.ini: load=C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr

  O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

  O4 - HKLM\..\Run: C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office14\BCSSync.exe” /DelayServices

  O4 - HKLM\..\Run: “C:\Program Files\Nuance\PaperPort\IndexSearch.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Nuance\PaperPort\pptd40nt.exe”

  O4 - HKLM\..\Run: C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

  O4 - HKLM\..\Run: C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

  O4 - HKLM\..\Run: C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun

  O4 - HKLM\..\Run: C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN

  O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

  O4 - HKCU\..\Run: C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

  O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105

  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe

  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

  O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

  O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  End of file - 7737 bytes

  ======Scheduled tasks folder======

  C:\Windows\tasks\Adobe Flash Player Updater.job

  ======Registry dump======

  PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

  Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

  “MSC”=C:\Program Files\Microsoft Security Client\msseces.exe

  “USBToolTip”=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

  “Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

  “BCSSync”=C:\Program Files\Microsoft Office\Office14\BCSSync.exe

  “IndexSearch”=C:\Program Files\Nuance\PaperPort\IndexSearch.exe

  “PaperPort PTD”=C:\Program Files\Nuance\PaperPort\pptd40nt.exe

  “PDFHook”=C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

  “PDF5 Registry Controller”=C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

  “ControlCenter4”=C:\Program Files\ControlCenter4\BrCcBoot.exe

  “BrStsMon00”=C:\Program Files\Browny02\Brother\BrStMonW.exe

  “Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe

  “ISUSPM”=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

  “OfficeSyncProcess”=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

  WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

  “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  “SecurityProviders”=credssp.dll

  “ConsentPromptBehaviorAdmin”=5

  “ConsentPromptBehaviorUser”=3

  “EnableUIADesktopToggle”=0

  “dontdisplaylastusername”=0

  “legalnoticecaption”=

  “legalnoticetext”=

  “shutdownwithoutlogon”=1

  “undockwithoutlogon”=1

  “EnableLinkedConnections”=1

  “vidc.mrle”=msrle32.dll

  “vidc.msvc”=msvidc32.dll

  “msacm.imaadpcm”=imaadp32.acm

  “msacm.msg711”=msg711.acm

  “msacm.msgsm610”=msgsm32.acm

  “msacm.msadpcm”=msadp32.acm

  “midimapper”=midimap.dll

  “wavemapper”=msacm32.drv

  “VIDC.UYVY”=msyuv.dll

  “VIDC.YUY2”=msyuv.dll

  “VIDC.YVYU”=msyuv.dll

  “VIDC.IYUV”=iyuv_32.dll

  “vidc.i420”=iyuv_32.dll

  “VIDC.YVU9”=tsbyuv.dll

  “msacm.l3acm”=C:\Windows\System32\l3codeca.acm

  “vidc.cvid”=iccvid.dll

  “wave”=wdmaud.drv

  “midi”=wdmaud.drv

  “mixer”=wdmaud.drv

  “aux”=wdmaud.drv

  “MSVideo8”=VfWWDM32.dll

  “vidc.mjpg”=pvmjpg30.dll

  “vidc.pDAD”=prodad-codec.dll

  “wave4”=wdmaud.drv

  “midi4”=wdmaud.drv

  “mixer4”=wdmaud.drv

  “wave2”=wdmaud.drv

  “midi2”=wdmaud.drv

  “mixer2”=wdmaud.drv

  “wave1”=wdmaud.drv

  “midi1”=wdmaud.drv

  “mixer1”=wdmaud.drv

  “wave3”=wdmaud.drv

  “midi3”=wdmaud.drv

  “mixer3”=wdmaud.drv

  ======File associations======

  .js - edit - C:\Windows\System32\Notepad.exe %1

  .js - open - C:\Windows\System32\WScript.exe “%1” %*

  ======List of files/folders created in the last 1 month======

  2014-01-23 15:07:18 —-D—- C:\Program Files\trend micro

  2014-01-23 15:07:17 —-D—- C:\rsit

  2014-01-15 19:43:28 —-A—- C:\Windows\system32\win32k.sys

  2014-01-15 19:43:27 —-A—- C:\Windows\system32\drivers\netio.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbuhci.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbport.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbohci.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbhub.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbehci.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbd.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbccgp.sys

  2014-01-08 14:15:10 —-D—- C:\Users\Olidata\AppData\Roaming\Zeon

  2014-01-08 14:12:40 —-D—- C:\Users\Olidata\AppData\Roaming\ControlCenter4

  2014-01-08 14:01:30 —-D—- C:\Brother

  2014-01-08 14:01:16 —-D—- C:\Program Files\Browny02

  2014-01-08 14:00:47 —-A—- C:\Windows\system32\BROSNMP.DLL

  2014-01-08 14:00:33 —-N—- C:\Windows\system32\NSSearch.dll

  2014-01-08 14:00:33 —-N—- C:\Windows\system32\BrDctF2S.dll

  2014-01-08 14:00:33 —-N—- C:\Windows\system32\BrDctF2L.dll

  2014-01-08 14:00:32 —-N—- C:\Windows\system32\BrDctF2.dll

  2014-01-08 13:58:35 —-D—- C:\Users\Olidata\AppData\Roaming\InstallShield

  2014-01-06 20:23:36 —-A—- C:\Windows\system32\GPhotos.scr

  2014-01-01 13:03:05 —-D—- C:\Program Files\Spotnet

  2014-01-01 11:25:42 —-D—- C:\Users\Olidata\AppData\Roaming\Newzbin

  ======List of files/folders modified in the last 1 month======

  2014-01-23 15:54:48 —-D—- C:\Windows\system32\drivers

  2014-01-23 15:51:54 —-D—- C:\Windows\system32\config

  2014-01-23 15:49:46 —-D—- C:\Windows\Prefetch

  2014-01-23 15:46:28 —-D—- C:\Windows\Temp

  2014-01-23 15:45:08 —-D—- C:\Windows\System32

  2014-01-23 15:45:08 —-D—- C:\Windows\inf

  2014-01-23 15:45:08 —-A—- C:\Windows\system32\PerfStringBackup.INI

  2014-01-23 15:38:50 —-D—- C:\Windows

  2014-01-23 15:38:04 —-D—- C:\ProgramData\NVIDIA

  2014-01-23 15:37:56 —-D—- C:\Windows\nl-NL

  2014-01-23 15:36:33 —-D—- C:\Users\Olidata\AppData\Roaming\WindowsLogonS

  2014-01-23 15:07:18 —-RD—- C:\Program Files

  2014-01-23 14:42:03 —-D—- C:\Windows\Panther

  2014-01-23 14:42:02 —-D—- C:\Windows\Logs

  2014-01-23 14:42:02 —-D—- C:\Windows\debug

  2014-01-23 14:22:11 —-D—- C:\Program Files\CCleaner

  2014-01-23 14:08:11 —-D—- C:\Windows\system32\NDF

  2014-01-23 13:59:38 —-SHD—- C:\System Volume Information

  2014-01-23 13:19:40 —-D—- C:\Windows\system32\catroot2

  2014-01-22 14:25:56 —-D—- C:\Users\Olidata\AppData\Roaming\Belastingdienst

  2014-01-19 09:27:46 —-A—- C:\Windows\system32\FlashPlayerApp.exe

  2014-01-19 08:32:23 —-N—- C:\Windows\system32\MpSigStub.exe

  2014-01-18 09:47:17 —-A—- C:\Windows\BRRBCOM.INI

  2014-01-16 14:46:51 —-SHD—- C:\Windows\Installer

  2014-01-16 14:46:49 —-HD—- C:\Config.Msi

  2014-01-16 08:50:36 —-D—- C:\Windows\winsxs

  2014-01-16 08:47:19 —-D—- C:\Windows\system32\DriverStore

  2014-01-15 20:01:35 —-D—- C:\Windows\system32\MRT

  2014-01-15 19:58:22 —-A—- C:\Windows\system32\MRT.exe

  2014-01-15 19:43:23 —-D—- C:\Windows\system32\catroot

  2014-01-08 14:15:01 —-D—- C:\Users\Olidata\AppData\Roaming\Nuance

  2014-01-08 14:01:31 —-D—- C:\Program Files\Brother

  2014-01-08 14:01:16 —-D—- C:\Program Files\ControlCenter4

  2014-01-08 14:00:11 —-HD—- C:\Program Files\InstallShield Installation Information

  2014-01-08 13:58:16 —-D—- C:\Program Files\Nuance

  2014-01-08 13:57:44 —-D—- C:\ProgramData\Nuance

  2014-01-08 13:56:23 —-D—- C:\ProgramData\ScanSoft

  2014-01-08 13:55:39 —-D—- C:\Program Files\Common Files\ScanSoft Shared

  2014-01-08 13:24:23 —-D—- C:\Program Files\Common Files

  2014-01-08 12:18:16 —-D—- C:\Windows\rescache

  2014-01-02 10:30:20 —-HD—- C:\ProgramData

  2014-01-01 13:03:34 —-D—- C:\ProgramData\Spotnet

  2014-01-01 12:38:29 —-D—- C:\Users\Olidata\AppData\Roaming\Newsbin

  2013-12-30 16:51:50 —-D—- C:\ProgramData\ControlCenter4

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys

  R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

  R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

  R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys

  R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys

  R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys

  R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys

  R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys

  R3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS\nvm62x32.sys

  R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys

  R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys

  S1 MpKsl9ab50507;MpKsl9ab50507; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B228856E-2D69-41F9-B2D2-14CFA9229FB6}\MpKsl9ab50507.sys

  S3 61883;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys

  S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys

  S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys

  S3 Avc;AVC-apparaat; C:\Windows\system32\DRIVERS\avc.sys

  S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys

  S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys

  S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys

  S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys

  S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys

  S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys

  S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys

  S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys

  S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys

  S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys

  S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys

  S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys

  S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys

  S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys

  S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys

  S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys

  S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys

  S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys

  S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys

  S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys

  S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys

  S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys

  S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe

  R2 MBAMScheduler;MBAMScheduler; e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

  R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe

  R2 NAUpdate;Nero Update; C:\Program Files\Nero\Update\NASvc.exe

  R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe

  R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe

  R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

  R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe

  R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

  R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe

  R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe

  R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

  R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe

  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

  S2 MBAMService;MBAMService; e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

  S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe

  S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

  S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe

  S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

  S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

  S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe

  S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

  S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

  S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

  S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

  —————–EOF—————–

  (einde)

 • Ben

  Hallo lg,

  Je heb een lastige infectie;

  F3 - REG:win.ini: load=C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr

  Ik heb hier een stappenplan die je moet uitvoeren: http://www.malwareremovalguides.info/pum-userwload-trojan-ransom-removal-instructions/

  Als dat is gelukt plaats de verkregen logjes via http://www.mijnbestand.nl/

  Upload elk logje appart en plaats hier dan de linken.

  Plaats daarna ook een nieuw RSIT logje hier.

 • lg

  Ik ben tot stap 5 maar het lukt niet om de pc van de usb op te starten.

  Ik heb nog gekeken in het register maar daar komt de register key niet meer voor na stap 2

  Malwarebytes Anti-Malware 1.75.0.1300

  www.malwarebytes.org

  Databaseversie: v2014.01.24.03

  Windows 7 Service Pack 1 x86 NTFS

  Internet Explorer 11.0.9600.16476

  Olidata :: OLIDATA-PC

  24-1-2014 10:30:52

  mbam-log-2014-01-24 (10-30-52).txt

  Scan type: Volledige scan (C:\|D:\|E:\|F:\|I:\|J:\|K:\|L:\|)

  Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

  Uitgeschakelde scan opties: P2P

  Objecten gescand: 482859

  Verstreken tijd: 1 uur/uren, 44 minuut/minuten, 4 seconde(n)

  Geheugenprocessen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden gedetecteerd: 2

  HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr -> Zal worden verwijderd tijdens het herstarten.

  HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr -> Zal worden verwijderd tijdens het herstarten.

  Registerdata gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 1

  J:\Program Files\Unlocker\eBay_shortcuts_1016.exe (Adware.Clicker) -> Succesvol in quarantaine geplaatst en verwijderd.

  http://www.mijnbestand.nl/Bestand-CK7NGRXAO46B.log

  http://www.mijnbestand.nl/Bestand-YKYACJROCKP6.txt

 • Ben

  Hallo,

  Heb je de reg regel kunnen verwijderen met Kaspersky?

  Want hij staat nog in het RSIT logje.

 • lg

  De regel is verwijderd met Kaspersky

  Maar ga het nogmaals proberen.

  Als ik via regedit kijk dan staat hij er niet meer in.

  Maar ga het nogmaals proberen

 • Ben

  Hallo,

  Doe eerst het volgende en kijk het daarna met kaspersky na;

  Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.

  Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

  Download Zoek.exe naar het bureaublad.

  * Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

  Zoek.exe uitvoeren

  Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  * Dubbelklik vervolgens op Zoek.exe om de tool te starten.

  * Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  * Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:

  * Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

  firefoxlook;

  emptyclsid;

  torpigcheck;

  emptyfolderscheck;delete

  ;r

  “Load”=“”;r

  chromelook;

  standardsearch;

  filesrcm;

  autoclean;

  startupall;

  * Klik nu op de knop "Run script".

  * Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  * Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  * Post het geopende logje in het volgende bericht.

 • lg

  Hierbij het resultaat van zoek.exe

  Zoek.exe v5.0.0.0 Updated 22-Januari-2014

  Tool run by Olidata on vr 24-01-2014 at 13:51:30,01.

  Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86

  Running in: Normal Mode Internet Access Detected

  Launched: C:\Users\Olidata\Desktop\zoek.exe

  ==== System Restore Info ======================

  24-1-2014 13:52:46 Zoek.exe System Restore Point Created Succesfully.

  ==== Torpig Check ======================

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll

  HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll

  ==== Empty Folders Check ======================

  C:\Program Files\AGEIA Technologies deleted successfully

  C:\ProgramData\\Avid deleted successfully

  C:\ProgramData\\Oracle deleted successfully

  C:\Users\Olidata\AppData\Roaming\Newsbin deleted successfully

  C:\Users\Olidata\AppData\Local\FuzeZip deleted successfully

  C:\Users\Olidata\AppData\Local\GHISLER deleted successfully

  ==== Deleting CLSID Registry Keys ======================

  ==== Deleting CLSID Registry Values ======================

  ==== Running Processes ======================

  C:\Windows\System32\smss.exe

  C:\Windows\system32\csrss.exe

  C:\Windows\system32\wininit.exe

  C:\Windows\system32\csrss.exe

  C:\Windows\system32\services.exe

  C:\Windows\system32\lsass.exe

  C:\Windows\system32\lsm.exe

  C:\Windows\system32\winlogon.exe

  C:\Windows\system32\nvvsvc.exe

  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  C:\Program Files\Microsoft Security Client\MsMpEng.exe

  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

  C:\Windows\system32\nvvsvc.exe

  C:\Windows\System32\spoolsv.exe

  C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  C:\Windows\system32\Dwm.exe

  C:\Windows\Explorer.EXE

  C:\Windows\system32\taskhost.exe

  e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

  C:\Program Files\Microsoft Security Client\msseces.exe

  C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

  C:\Program Files\Nuance\PaperPort\pptd40nt.exe

  C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

  C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

  C:\Program Files\Browny02\Brother\BrStMonW.exe

  C:\Program Files\Windows Sidebar\sidebar.exe

  C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

  C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

  C:\Program Files\ControlCenter4\BrCtrlCntr.exe

  C:\Program Files\Browny02\BrYNSvc.exe

  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

  C:\Windows\System32\WUDFHost.exe

  C:\Program Files\ControlCenter4\BrCcUxSys.exe

  C:\Windows\system32\SearchIndexer.exe

  C:\Program Files\Windows Media Player\wmpnetwk.exe

  C:\Windows\system32\DllHost.exe

  C:\Program Files\Nero\Update\NASvc.exe

  C:\Users\Olidata\Desktop\zoek.exe

  C:\Windows\system32\conhost.exe

  C:\Windows\system32\conhost.exe

  C:\Windows\servicing\TrustedInstaller.exe

  C:\Windows\system32\svchost.exe -k DcomLaunch

  C:\Windows\system32\svchost.exe -k RPCSS

  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

  C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

  C:\Windows\system32\svchost.exe -k LocalService

  C:\Windows\system32\svchost.exe -k netsvcs

  C:\Windows\system32\svchost.exe -k GPSvcGroup

  C:\Windows\system32\svchost.exe -k NetworkService

  C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

  C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

  C:\Windows\System32\svchost.exe -k HPZ12

  C:\Windows\System32\svchost.exe -k HPZ12

  C:\Windows\system32\svchost.exe -k imgsvc

  C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

  C:\Windows\System32\svchost.exe -k LocalServicePeerNet

  ==== Deleting Services ======================

  ==== Registry Fix Code ======================

  Windows Registry Editor Version 5.00

  “Load”=“”

  ==== System Specs ======================

  Operating System: Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 32-bits

  Manufacturer: Olidata S.p.A. - Model: System Product Name

  Install Date: 15-10-2012 11:42:20

  Last Boot: 24-1-2014 13:46:33

  Processor: AMD Athlon™64 X2 Dual Core Processor 3800+

  Number of Processors: 2

  Work Station

  Bootmode: Normal boot

  Total RAM: 1023 MB (free 452 MB - 44)

  Computername: OLIDATA-PC

  Domain: WORKGROUP

  User: Olidata (Non-Administrator account)

  Removable Disk: A:\ - - GB (free GB)

  Local Disk: C:\ - NTFS - 74 GB (free 36 GB)

  Local Disk: D:\ - NTFS - 74 GB (free 58 GB)

  Local Disk: E:\ - NTFS - 74 GB (free 58 GB)

  Local Disk: F:\ - NTFS - 74 GB (free 74 GB)

  CD \ DVD Drive: G:\

  CD \ DVD Drive: H:\

  Local Disk: I:\ - NTFS - 74 GB (free 44 GB)

  Local Disk: J:\ - NTFS - 74 GB (free 71 GB)

  Local Disk: K:\ - NTFS - 74 GB (free 55 GB)

  Local Disk: L:\ - NTFS - 74 GB (free 56 GB)

  Removable Disk: M:\ - - GB (free GB)

  Removable Disk: N:\ - - GB (free GB)

  Removable Disk: O:\ - - GB (free GB)

  Removable Disk: P:\ - - GB (free GB)

  Bootdevice: \Device\HarddiskVolume1

  Windows update: 2014-01-15 19:01:44

  Country: Nederland

  Language: NLD

  ==== System Specs (Software) ======================

  Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

  Anti-Spyware: Windows Defender disabled (Outdated)

  Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

  Internet Explorer Version: 11.0.9600.16476

  Adobe Reader version: 11.0.06.70

  ==== Files Recently Created / Modified ======================

  ====== C:\Windows ====

  ====== C:\Users\Olidata\AppData\Local\Temp ====

  2014-01-24 12:09:45 27016D36B811E97BDADABF46204FDF92 9452704 —-a-w- C:\Users\Olidata\AppData\Local\Temp\HitmanPro.exe

  2014-01-24 11:42:13 76874123C258B0FE7A5E7E8F71555D52 10264904 —-a-w- C:\Users\Olidata\AppData\Local\Temp\HitmanPro_x64.exe

  2014-01-24 11:42:13 53EA84B79ADFE09D20281E0F2D1B83F4 143640 —-a-w- C:\Users\Olidata\AppData\Local\Temp\Kickstarter.exe

  ====== Java Cache =====

  ====== C:\Windows\system32 =====

  2014-01-15 18:43:28 1E882889A4314D6DF5DED4F6EC994E72 2349056 —-a-w- C:\Windows\System32\win32k.sys

  ====== C:\Windows\system32\drivers =====

  2014-01-15 18:43:27 5DBD4F73E2A52FEED61DBAB3752E329C 240576 —-a-w- C:\Windows\System32\drivers\netio.sys

  2014-01-15 18:43:26 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 —-a-w- C:\Windows\System32\drivers\usbhub.sys

  2014-01-15 18:43:26 EC2C5AF37B76D7B58C642CB74423DB7A 284672 —-a-w- C:\Windows\System32\drivers\usbport.sys

  2014-01-15 18:43:26 D40855F89B69305140BBD7E9A3BA2DA6 43520 —-a-w- C:\Windows\System32\drivers\usbehci.sys

  2014-01-15 18:43:26 9828C8D14CC2676421778F0DE638CF97 20480 —-a-w- C:\Windows\System32\drivers\usbohci.sys

  2014-01-15 18:43:26 800AABFD625EEFF899F7E5496BDE37AB 24064 —-a-w- C:\Windows\System32\drivers\usbuhci.sys

  2014-01-15 18:43:26 74F805AB12EB0E3E49E469F19FF02640 6016 —-a-w- C:\Windows\System32\drivers\usbd.sys

  2014-01-15 18:43:26 0803FBA9FE829D61AE26EC0BCC910C46 76288 —-a-w- C:\Windows\System32\drivers\usbccgp.sys

  ====== C:\Windows\Tasks ======

  ====== C:\Windows\Temp ======

  ======= C:\Program Files =====

  2014-01-23 14:07:18 ——– d—–w- C:\Program Files\trend micro

  2014-01-08 13:01:16 ——– d—–w- C:\Program Files\Browny02

  2014-01-01 12:03:05 ——– d—–w- C:\Program Files\Spotnet

  ======= C: =====

  ====== C:\Users\Olidata\AppData\Roaming ======

  2014-01-09 07:52:27 ——– d—–w- C:\Users\Olidata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems

  2014-01-08 13:15:10 ——– d—–w- C:\Users\Olidata\AppData\Roaming\Zeon

  2014-01-08 13:12:40 ——– d—–w- C:\Users\Olidata\AppData\Roaming\ControlCenter4

  2014-01-08 12:58:35 ——– d—–w- C:\Users\Olidata\AppData\Roaming\InstallShield

  2014-01-08 12:22:25 ——– d—–w- C:\Users\Olidata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

  2014-01-02 09:30:16 ——– d—–w- C:\Users\Olidata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NewsBin5

  2014-01-01 11:02:33 ——– d—–w- C:\Users\Olidata\AppData\Local\___

  2014-01-01 10:25:42 ——– d—–w- C:\Users\Olidata\AppData\Roaming\Newzbin

  2013-12-31 12:07:45 ——– d—–w- C:\Windows\system32\config\systemprofile\AppData\Local\Google

  ====== C:\Users\Olidata ======

  2014-01-24 12:50:27 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Olidata\Desktop\RSIT.exe

  2014-01-24 11:28:08 ——– d—–w- C:\ProgramData\HitmanPro

  2014-01-24 09:33:59 27016D36B811E97BDADABF46204FDF92 9452704 —-a-w- C:\Users\Olidata\Desktop\HitmanPro.exe

  2014-01-09 07:52:27 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems

  2014-01-08 13:05:09 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother

  2014-01-08 12:56:10 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12

  2014-01-01 12:03:13 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet

  2014-01-01 10:26:47 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Newzbin

  ====== C: exe-files ==

  2014-01-24 12:50:27 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Olidata\Desktop\RSIT.exe

  2014-01-24 12:47:30 DEF664C9A1E049523C491A4E926EDCCA 544 —-a-w- C:\$Recycle.Bin\S-1-5-21-2027718546-528892456-3270658999-1000\$I6R5ANT.exe

  2014-01-24 12:09:45 27016D36B811E97BDADABF46204FDF92 9452704 —-a-w- C:\Users\Olidata\AppData\Local\Temp\HitmanPro.exe

  2014-01-24 11:42:13 76874123C258B0FE7A5E7E8F71555D52 10264904 —-a-w- C:\Users\Olidata\AppData\Local\Temp\HitmanPro_x64.exe

  2014-01-24 11:42:13 53EA84B79ADFE09D20281E0F2D1B83F4 143640 —-a-w- C:\Users\Olidata\AppData\Local\Temp\Kickstarter.exe

  2014-01-24 11:41:16 27016D36B811E97BDADABF46204FDF92 9452704 —-a-w- C:\Users\Olidata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q37GTVN1\HitmanPro.exe

  2014-01-24 09:33:59 27016D36B811E97BDADABF46204FDF92 9452704 —-a-w- C:\Users\Olidata\Desktop\HitmanPro.exe

  2014-01-24 08:45:01 683FDD3D773C58B262DC07CD0C6CE938 10285040 —-a-w- C:\Users\Olidata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y4K13D2V\mbam-setup-1.75.0.1300.exe

  2014-01-23 14:07:19 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Olidata.exe

  2014-01-23 14:06:35 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\$Recycle.Bin\S-1-5-21-2027718546-528892456-3270658999-1000\$R6R5ANT.exe

  2014-01-22 13:24:18 6A8A2E262F26B69861B579AEA1159CCD 177639 ——r- C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013u.exe

  === C: other files ==

  2014-01-24 13:00:59 A29030FB93B2E48EDD124749881406CE 943211 —-a-w- C:\Users\Olidata\AppData\Local\Temp\sysspec\SysSpec.zip

  ==== Startup Registry Enabled ======================

  “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

  “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

  “Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”

  “ISUSPM”=“C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler”

  “OfficeSyncProcess”=“C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”

  “mctadmin”=“C:\Windows\System32\mctadmin.exe”

  “mctadmin”=“C:\Windows\System32\mctadmin.exe”

  “MSC”=“C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”

  “USBToolTip”=“C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe”

  “Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  “BCSSync”=“C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices”

  “IndexSearch”=“C:\Program Files\Nuance\PaperPort\IndexSearch.exe”

  “PaperPort PTD”=“C:\Program Files\Nuance\PaperPort\pptd40nt.exe”

  “PDFHook”=“C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe”

  “PDF5 Registry Controller”=“C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe”

  “ControlCenter4”=“C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun”

  “BrStsMon00”=“C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN”

  “Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”

  “ISUSPM”=“C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler”

  “OfficeSyncProcess”=“C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”

  ==== Task Scheduler Jobs ======================

  C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  ==== Other Scheduled Tasks ======================

  “C:\Windows\system32\tasks\Adobe Flash Player Updater”

  “C:\Windows\system32\tasks\AutoKMS”

  “C:\Windows\system32\tasks\CCleanerSkipUAC”

  “C:\Windows\system32\tasks\CreateChoiceProcessTask”

  “C:\Windows\system32\tasks\SidebarExecute”

  “C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”

  ==== Folders in C:\ProgramData\ 0-6 Months Old ======================

  2013-12-13 14:09:55 ——– d—–w- C:\ProgramData\\Brother

  2013-12-13 14:12:29 ——– d—–w- C:\ProgramData\\Nuance

  2013-12-13 14:12:30 ——– d—–w- C:\ProgramData\\FLEXnet

  2013-12-13 14:13:32 ——– d—–w- C:\ProgramData\\ScanSoft

  2013-12-13 14:14:40 ——– d—–w- C:\ProgramData\\zeon

  2013-12-13 14:18:15 ——– d—–w- C:\ProgramData\\ControlCenter4

  2014-01-24 11:28:08 ——– d—–w- C:\ProgramData\\HitmanPro

  ==== Set IE to Default ======================

  Old Values:

  “Start Page”=“http://www.startnederland.nl/”

  New Values:

  “Start Page”=“http://www.startnederland.nl/”

  ==== All HKCU SearchScopes ======================

  HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

  “DefaultScope”=“{BE2B5E3C-E402-482C-A786-C5A895D3BC33}”

  {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR”

  {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”

  {BE2B5E3C-E402-482C-A786-C5A895D3BC33} Google Url=“http://www.google.nl/search?hl=nl&q={searchTerms}”

  ==== HijackThis Entries ======================

  F3 - REG:win.ini: load=C:\Users\Olidata\LOCALS~1\Temp\mszwbcvd.scr

  O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

  O4 - HKLM\..\Run: C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office14\BCSSync.exe” /DelayServices

  O4 - HKLM\..\Run: “C:\Program Files\Nuance\PaperPort\IndexSearch.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Nuance\PaperPort\pptd40nt.exe”

  O4 - HKLM\..\Run: C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

  O4 - HKLM\..\Run: C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

  O4 - HKLM\..\Run: C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun

  O4 - HKLM\..\Run: C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN

  O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

  O4 - HKCU\..\Run: C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

  O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105

  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe

  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

  O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

  O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  ==== Empty IE Cache ======================

  C:\Users\Olidata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\Olidata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  ==== Empty FireFox Cache ======================

  No FireFox Profiles found

  ==== Empty Chrome Cache ======================

  No Chrome User Data found

  ==== Empty All Flash Cache ======================

  Flash Cache Emptied Successfully

  ==== Empty All Java Cache ======================

  Java Cache cleared successfully

  ==== C:\zoek_backup content ======================

  C:\zoek_backup (files=0 folders=0 0 bytes)

  ==== Empty Temp Folders ======================

  C:\Users\Default\AppData\Local\Temp emptied successfully

  C:\Users\Default User\AppData\Local\Temp emptied successfully

  C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully

  C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

  C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

  C:\Users\Olidata\AppData\Local\Temp will be emptied at reboot

  C:\Windows\Temp will be emptied at reboot

  ==== After Reboot ======================

  ==== Empty Temp Folders ======================

  C:\Windows\Temp successfully emptied

  C:\Users\Olidata\AppData\Local\Temp successfully emptied

  ==== Empty Recycle Bin ======================

  C:\$RECYCLE.BIN successfully emptied

  ==== Deleting Files / Folders ======================

  “C:\Users\Olidata\AppData\Local\VirtualStore” deleted

  ==== EOF on vr 24-01-2014 at 14:30:41,64 ======================

 • lg

  Nogmaals met rescue disk gekeken en nu wel gevonden.

  Wederom malwarebyte draaien?

  F3 is weg

  Logfile of random's system information tool 1.09 (written by random/random)

  Run by Olidata at 2014-01-24 14:44:15

  Microsoft Windows 7 Ultimate Service Pack 1

  System drive C: has 38 GB (50%) free of 76 GB

  Total RAM: 1023 MB (25% free)

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 14:44:20, on 24-1-2014

  Platform: Windows 7 SP1 (WinNT 6.00.3505)

  MSIE: Internet Explorer v11.0 (11.00.9600.16428)

  Boot mode: Normal

  Running processes:

  C:\Windows\system32\Dwm.exe

  C:\Windows\system32\taskhost.exe

  C:\Windows\Explorer.EXE

  C:\Program Files\Microsoft Security Client\msseces.exe

  C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

  C:\Program Files\Nuance\PaperPort\pptd40nt.exe

  C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

  C:\Program Files\Browny02\Brother\BrStMonW.exe

  C:\Program Files\Windows Sidebar\sidebar.exe

  C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

  C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

  C:\Program Files\Adobe\Reader 11.0\Reader\Reader_sl.exe

  C:\Program Files\ControlCenter4\BrCtrlCntr.exe

  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

  C:\Program Files\ControlCenter4\BrCcUxSys.exe

  C:\Windows\system32\SearchFilterHost.exe

  C:\Users\Olidata\Desktop\RSIT.exe

  C:\Program Files\trend micro\Olidata.exe

  C:\Windows\system32\DllHost.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/?ocid=OIE9HP

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnederland.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

  O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

  O4 - HKLM\..\Run: C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Microsoft Office\Office14\BCSSync.exe” /DelayServices

  O4 - HKLM\..\Run: “C:\Program Files\Nuance\PaperPort\IndexSearch.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Nuance\PaperPort\pptd40nt.exe”

  O4 - HKLM\..\Run: C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

  O4 - HKLM\..\Run: C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

  O4 - HKLM\..\Run: C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun

  O4 - HKLM\..\Run: C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN

  O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

  O4 - HKCU\..\Run: C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

  O4 - HKCU\..\Run: “C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE”

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105

  O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000

  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

  O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe

  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  O23 - Service: MBAMScheduler - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

  O23 - Service: MBAMService - Malwarebytes Corporation - e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

  O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

  O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

  O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

  O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  End of file - 7492 bytes

  ======Scheduled tasks folder======

  C:\Windows\tasks\Adobe Flash Player Updater.job

  ======Registry dump======

  PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll

  Groove GFS Browser Helper - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

  “MSC”=C:\Program Files\Microsoft Security Client\msseces.exe

  “USBToolTip”=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe

  “Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

  “BCSSync”=C:\Program Files\Microsoft Office\Office14\BCSSync.exe

  “IndexSearch”=C:\Program Files\Nuance\PaperPort\IndexSearch.exe

  “PaperPort PTD”=C:\Program Files\Nuance\PaperPort\pptd40nt.exe

  “PDFHook”=C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe

  “PDF5 Registry Controller”=C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe

  “ControlCenter4”=C:\Program Files\ControlCenter4\BrCcBoot.exe

  “BrStsMon00”=C:\Program Files\Browny02\Brother\BrStMonW.exe

  “Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe

  “ISUSPM”=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

  “OfficeSyncProcess”=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE

  WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

  “{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

  “SecurityProviders”=credssp.dll

  “ConsentPromptBehaviorAdmin”=5

  “ConsentPromptBehaviorUser”=3

  “EnableUIADesktopToggle”=0

  “dontdisplaylastusername”=0

  “legalnoticecaption”=

  “legalnoticetext”=

  “shutdownwithoutlogon”=1

  “undockwithoutlogon”=1

  “EnableLinkedConnections”=1

  “vidc.mrle”=msrle32.dll

  “vidc.msvc”=msvidc32.dll

  “msacm.imaadpcm”=imaadp32.acm

  “msacm.msg711”=msg711.acm

  “msacm.msgsm610”=msgsm32.acm

  “msacm.msadpcm”=msadp32.acm

  “midimapper”=midimap.dll

  “wavemapper”=msacm32.drv

  “VIDC.UYVY”=msyuv.dll

  “VIDC.YUY2”=msyuv.dll

  “VIDC.YVYU”=msyuv.dll

  “VIDC.IYUV”=iyuv_32.dll

  “vidc.i420”=iyuv_32.dll

  “VIDC.YVU9”=tsbyuv.dll

  “msacm.l3acm”=C:\Windows\System32\l3codeca.acm

  “vidc.cvid”=iccvid.dll

  “wave”=wdmaud.drv

  “midi”=wdmaud.drv

  “mixer”=wdmaud.drv

  “aux”=wdmaud.drv

  “MSVideo8”=VfWWDM32.dll

  “vidc.mjpg”=pvmjpg30.dll

  “vidc.pDAD”=prodad-codec.dll

  “wave4”=wdmaud.drv

  “midi4”=wdmaud.drv

  “mixer4”=wdmaud.drv

  “wave2”=wdmaud.drv

  “midi2”=wdmaud.drv

  “mixer2”=wdmaud.drv

  “wave1”=wdmaud.drv

  “midi1”=wdmaud.drv

  “mixer1”=wdmaud.drv

  “wave3”=wdmaud.drv

  “midi3”=wdmaud.drv

  “mixer3”=wdmaud.drv

  ======File associations======

  .js - edit - C:\Windows\System32\Notepad.exe %1

  .js - open - C:\Windows\System32\WScript.exe “%1” %*

  ======List of files/folders created in the last 1 month======

  2014-01-24 14:30:47 —-SHD—- C:\$RECYCLE.BIN

  2014-01-24 14:06:03 —-D—- C:\Windows\Temp

  2014-01-24 14:06:03 —-A—- C:\Windows\zoek-delete.exe

  2014-01-24 14:05:40 —-D—- C:\Program Files\HiJackThis

  2014-01-24 13:49:39 —-D—- C:\zoek_backup

  2014-01-24 12:28:08 —-D—- C:\ProgramData\HitmanPro

  2014-01-24 11:11:26 —-AD—- C:\Kaspersky Rescue Disk 10.0

  2014-01-23 15:07:18 —-D—- C:\Program Files\trend micro

  2014-01-23 15:07:17 —-D—- C:\rsit

  2014-01-15 19:43:28 —-A—- C:\Windows\system32\win32k.sys

  2014-01-15 19:43:27 —-A—- C:\Windows\system32\drivers\netio.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbuhci.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbport.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbohci.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbhub.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbehci.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbd.sys

  2014-01-15 19:43:26 —-A—- C:\Windows\system32\drivers\usbccgp.sys

  2014-01-08 14:15:10 —-D—- C:\Users\Olidata\AppData\Roaming\Zeon

  2014-01-08 14:12:40 —-D—- C:\Users\Olidata\AppData\Roaming\ControlCenter4

  2014-01-08 14:01:30 —-D—- C:\Brother

  2014-01-08 14:01:16 —-D—- C:\Program Files\Browny02

  2014-01-08 14:00:47 —-A—- C:\Windows\system32\BROSNMP.DLL

  2014-01-08 14:00:33 —-N—- C:\Windows\system32\NSSearch.dll

  2014-01-08 14:00:33 —-N—- C:\Windows\system32\BrDctF2S.dll

  2014-01-08 14:00:33 —-N—- C:\Windows\system32\BrDctF2L.dll

  2014-01-08 14:00:32 —-N—- C:\Windows\system32\BrDctF2.dll

  2014-01-08 13:58:35 —-D—- C:\Users\Olidata\AppData\Roaming\InstallShield

  2014-01-06 20:23:36 —-A—- C:\Windows\system32\GPhotos.scr

  2014-01-01 13:03:05 —-D—- C:\Program Files\Spotnet

  2014-01-01 11:25:42 —-D—- C:\Users\Olidata\AppData\Roaming\Newzbin

  ======List of files/folders modified in the last 1 month======

  2014-01-24 14:44:07 —-D—- C:\Windows

  2014-01-24 14:43:41 —-D—- C:\ProgramData\NVIDIA

  2014-01-24 14:35:06 —-D—- C:\Windows\System32

  2014-01-24 14:35:06 —-A—- C:\Windows\system32\PerfStringBackup.INI

  2014-01-24 14:35:05 —-D—- C:\Windows\inf

  2014-01-24 14:33:58 —-D—- C:\Windows\system32\config

  2014-01-24 14:32:48 —-D—- C:\Windows\Prefetch

  2014-01-24 14:05:40 —-RD—- C:\Program Files

  2014-01-24 13:53:43 —-HD—- C:\ProgramData

  2014-01-24 13:52:42 —-SHD—- C:\System Volume Information

  2014-01-24 13:06:00 —-D—- C:\Windows\system32\drivers

  2014-01-24 12:26:35 —-D—- C:\Windows\ehome

  2014-01-23 15:37:56 —-D—- C:\Windows\nl-NL

  2014-01-23 15:36:33 —-D—- C:\Users\Olidata\AppData\Roaming\WindowsLogonS

  2014-01-23 14:42:03 —-D—- C:\Windows\Panther

  2014-01-23 14:42:02 —-D—- C:\Windows\Logs

  2014-01-23 14:42:02 —-D—- C:\Windows\debug

  2014-01-23 14:22:11 —-D—- C:\Program Files\CCleaner

  2014-01-23 14:08:11 —-D—- C:\Windows\system32\NDF

  2014-01-23 13:19:40 —-D—- C:\Windows\system32\catroot2

  2014-01-22 14:25:56 —-D—- C:\Users\Olidata\AppData\Roaming\Belastingdienst

  2014-01-19 09:27:46 —-A—- C:\Windows\system32\FlashPlayerApp.exe

  2014-01-19 08:32:23 —-N—- C:\Windows\system32\MpSigStub.exe

  2014-01-18 09:47:17 —-A—- C:\Windows\BRRBCOM.INI

  2014-01-16 14:46:51 —-SHD—- C:\Windows\Installer

  2014-01-16 14:46:49 —-HD—- C:\Config.Msi

  2014-01-16 08:50:36 —-D—- C:\Windows\winsxs

  2014-01-16 08:47:19 —-D—- C:\Windows\system32\DriverStore

  2014-01-15 20:01:35 —-D—- C:\Windows\system32\MRT

  2014-01-15 19:58:22 —-A—- C:\Windows\system32\MRT.exe

  2014-01-15 19:43:23 —-D—- C:\Windows\system32\catroot

  2014-01-08 14:15:01 —-D—- C:\Users\Olidata\AppData\Roaming\Nuance

  2014-01-08 14:01:31 —-D—- C:\Program Files\Brother

  2014-01-08 14:01:16 —-D—- C:\Program Files\ControlCenter4

  2014-01-08 14:00:11 —-HD—- C:\Program Files\InstallShield Installation Information

  2014-01-08 13:58:16 —-D—- C:\Program Files\Nuance

  2014-01-08 13:57:44 —-D—- C:\ProgramData\Nuance

  2014-01-08 13:56:23 —-D—- C:\ProgramData\ScanSoft

  2014-01-08 13:55:39 —-D—- C:\Program Files\Common Files\ScanSoft Shared

  2014-01-08 13:24:23 —-D—- C:\Program Files\Common Files

  2014-01-08 12:18:16 —-D—- C:\Windows\rescache

  2014-01-01 13:03:34 —-D—- C:\ProgramData\Spotnet

  2013-12-30 16:51:50 —-D—- C:\ProgramData\ControlCenter4

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys

  R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys

  R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys

  R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys

  R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys

  R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys

  R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys

  R3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS\nvm62x32.sys

  R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys

  R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys

  S1 MpKsl9ab50507;MpKsl9ab50507; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B228856E-2D69-41F9-B2D2-14CFA9229FB6}\MpKsl9ab50507.sys

  S3 61883;61883-eenheidsapparaat; C:\Windows\system32\DRIVERS\61883.sys

  S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys

  S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys

  S3 Avc;AVC-apparaat; C:\Windows\system32\DRIVERS\avc.sys

  S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys

  S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys

  S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys

  S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys

  S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys

  S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys

  S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys

  S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys

  S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys

  S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys

  S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys

  S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys

  S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys

  S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys

  S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys

  S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys

  S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys

  S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys

  S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys

  S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys

  S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys

  S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys

  S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys

  S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe

  R2 MBAMScheduler;MBAMScheduler; e:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

  R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe

  R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe

  R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe

  R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

  R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe

  R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

  R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

  R3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe

  R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

  R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe

  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

  S2 MBAMService;MBAMService; e:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

  S2 NAUpdate;Nero Update; C:\Program Files\Nero\Update\NASvc.exe

  S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

  S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe

  S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

  S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

  S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe

  S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE

  S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe

  S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

  S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe

  S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe

  S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

  S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

  S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

  —————–EOF—————–

 • Ben

  Hallo,

  Doe voor de zekerheid nog maar een scan met Mbam (tu)

 • lg

  Het is snelle scan geworden moet helaas weg over een half uur.

  Fout melding blijft voorals nog.

  Malwarebytes Anti-Malware 1.75.0.1300

  www.malwarebytes.org

  Databaseversie: v2014.01.24.03

  Windows 7 Service Pack 1 x86 NTFS

  Internet Explorer 11.0.9600.16476

  Olidata :: OLIDATA-PC

  24-1-2014 15:03:21

  mbam-log-2014-01-24 (15-03-21).txt

  Scan type: Snelle scan

  Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

  Uitgeschakelde scan opties: P2P

  Objecten gescand: 230626

  Verstreken tijd: 9 minuut/minuten, 11 seconde(n)

  Geheugenprocessen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Mappen gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden gedetecteerd: 0

  (Geen kwaadaardige objecten gedetecteerd)

  (einde)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.