This topic is locked
Help,
Startpage is http://tikotin.com/
if I change it to google.be, it comes back.
windows open while surfing, like http://exclusive-rew...159791426425156
very distirbing.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by User (administrator) on PC_BUSSINES on 15-03-2015 13:36:58
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available profiles: User)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Nederlands (Nederland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\Softex\OmniPass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [mbot_be_13] => [X]
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-12] (Google Inc.)
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\...\MountPoints2: {c5b9bf51-6909-11e4-a34e-001bfc97586a} - E:\DTE_Privacy_launcher.exe
HKU\S-1-5-18\...\Run: [Picasa Media Detector] => C:\Program Files\Picasa2\PicasaMediaDetector.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.websse...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.websse...Z3RXXXX5MA76Z3R
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.websse...q={searchTerms}
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://tikotin.com
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://tikotin.com
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.websse...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.websse...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> DefaultScope 1AE3244F33ED4BF5B51960D970818C66 URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> 1AE3244F33ED4BF5B51960D970818C66 URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> {249B52F7-4E23-4B29-AF44-301875F10B5E} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.websse...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.mystart.c...q={searchTerms}
BHO: MediaBar -> {28387537-e3f9-4ed7-860c-11e69af4a8a0} -> C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll No File
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: UrlHelper Class -> {474597C5-AB09-49d6-A4D5-2E8D7341384E} -> C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll No File
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live Aanmelden - Help -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28] (Google Inc.)
Toolbar: HKLM - MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28] (Google Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-3988253976-802080291-3916808085-1004 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-28] (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 172.19.243.50
Tcpip\..\Interfaces\{C25BB66B-77AC-4196-863C-4478A13F7C78}: [NameServer] 134.184.250.7,134.184.15.13
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.websse...Z3RXXXX5MA76Z3R
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default
FF NewTab:
FF DefaultSearchEngine: webssearches
FF DefaultSearchUrl: hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://tikotin.com
FF Keyword.URL:
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2010-01-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2010-01-29] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2010-01-29] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\user.js [2015-01-07]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-02-25] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32(76).dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-01-29] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2010-01-29] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-01-29] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSWF32.dll [2006-11-09] ()
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\searchplugins\bingp.xml [2014-03-17]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml [2011-07-09]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\vandale-nl.xml [2010-02-25]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\webssearches.xml [2014-09-22]
FF Extension: Media+PlayerVidEd2.5 - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\Extensions\[email protected] [2015-01-08]
FF Extension: Fast Start - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\Extensions\[email protected] [2014-09-22]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2014-03-17]
FF Extension: Packard Bell Settings - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2007-11-09]
FF Extension: Talkback - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2007-11-09]
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007-11-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\extensions\[email protected]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\extensions
FF HKU\S-1-5-21-3988253976-802080291-3916808085-1004\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\93clg68m.default\extensions
FF Extension: Google Toolbar for Firefox - C:\PROGRA~1\MOZILL~1\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007-11-09]
FF Extension: Packard Bell Settings - C:\PROGRA~1\MOZILL~1\extensions\[email protected] [2007-11-09]
FF Extension: Talkback - C:\PROGRA~1\MOZILL~1\extensions\[email protected] [2007-11-09]
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://istart.websse...Z3RXXXX5MA76Z3R
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Media+PlayerVidEd2.5) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniiadklfgdhjcmmkpggffjngihaaoip [2015-01-07]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16]
CHR Extension: (ogpnmalfbjmndgkplccigakhbphkefol) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol [2015-01-11]
CHR Extension: (Quick start) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-09-22]
CHR HKLM\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files\mystarttb\chrome-newtab-search.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-09-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S4 NACAgent; C:\Program Files\Cisco\Cisco NAC Agent\NACAgent.exe [783616 2010-08-19] (Cisco Systems, Inc.)
S4 omniserv; C:\Program Files\Softex\OmniPass\OmniServ.exe [40960 2006-12-15] (Softex Inc.) [File not signed]
S4 rcores; C:\Windows\rcore.exe [4686336 2014-12-29] () [File not signed]
S4 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2006-12-11] (Syntek America Inc.)
S4 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 scores; C:\Windows\score.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [139144 2006-12-15] (AuthenTec, Inc.)
S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [12544 2006-10-31] (Genesys Logic)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-03-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [6272 2006-10-27] ()
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36560 2006-09-27] (Sonic Solutions) [File not signed]
R3 StkCMini; C:\Windows\System32\DRIVERS\StkCMini.sys [1132544 2006-12-22] (Syntek)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 usbscan; system32\DRIVERS\usbscan.sys [X]
S1 wpnfd_1_10_0_5; system32\drivers\wpnfd_1_10_0_5.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 13:36 - 2015-03-15 13:38 - 00017972 _____ () C:\Users\User\Desktop\FRST.txt
2015-03-15 13:35 - 2015-03-15 13:37 - 00000000 ____D () C:\FRST
2015-03-15 13:33 - 2015-03-15 13:33 - 01135104 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2015-03-15 13:20 - 2015-03-15 13:20 - 00000977 _____ () C:\Windows\system32\TeamViewer10_Hooks.log
2015-03-15 13:20 - 2015-03-15 13:20 - 00000843 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-03-15 13:20 - 2015-03-15 13:20 - 00000831 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-03-15 13:20 - 2015-03-15 13:20 - 00000831 _____ () C:\ProgramData\Desktop\TeamViewer 10.lnk
2015-02-13 10:54 - 2015-02-13 10:54 - 00001154 _____ () C:\Users\User\Desktop\Internet Explorer (2).lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 13:35 - 2014-02-16 14:14 - 00001046 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2b18f7650d08.job
2015-03-15 13:34 - 2014-02-16 14:13 - 00001042 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2b18eadeb0e8.job
2015-03-15 13:31 - 2014-03-16 16:50 - 00116464 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-15 13:31 - 2006-11-02 13:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 13:31 - 2006-11-02 13:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 13:30 - 2008-01-07 23:19 - 00000354 _____ () C:\Windows\Tasks\Uitgebreide garantie.job
2015-03-15 13:30 - 2008-01-07 23:19 - 00000354 _____ () C:\Windows\Tasks\Recovery DVD Creator.job
2015-03-15 13:21 - 2014-03-16 16:17 - 00000000 ____D () C:\Program Files\TeamViewer
2015-03-15 13:18 - 2008-01-07 23:04 - 01265104 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 12:08 - 2014-05-02 09:46 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-14 16:23 - 2012-04-06 12:45 - 00000342 _____ () C:\Windows\Tasks\DriverScanner.job
2015-03-14 16:23 - 2011-07-09 09:33 - 00000312 _____ () C:\Windows\Tasks\iMeshNAG.job
2015-03-14 16:23 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 16:50 - 2007-11-09 12:38 - 00003204 _____ () C:\Windows\bthservsdp.dat
2015-03-13 16:50 - 2006-11-02 14:01 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-13 00:01 - 2014-09-22 11:25 - 00000000 ____D () C:\Program Files\globalUpdate
2015-03-12 23:00 - 2014-09-25 17:18 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-12 22:57 - 2007-11-09 13:20 - 00257968 _____ () C:\Windows\PFRO.log
2015-03-12 22:56 - 2013-09-16 00:18 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-03-12 22:53 - 2014-09-25 17:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-12 22:53 - 2014-09-25 17:17 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-12 22:53 - 2014-03-18 15:57 - 00000902 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-12 22:53 - 2014-03-18 15:57 - 00000902 _____ () C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-12 22:45 - 2011-01-27 22:06 - 00000000 ____D () C:\Program Files\Ask Search Assistant
2015-03-12 22:32 - 2014-01-25 16:26 - 00000000 ____D () C:\Windows\pss
2015-03-12 22:15 - 2015-01-08 00:15 - 00000316 _____ () C:\Windows\Tasks\Voo Update.job
2015-03-12 00:15 - 2015-01-08 14:15 - 00000086 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2015-02-24 04:23 - 2009-10-03 11:05 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-16 18:16 - 2014-03-24 17:11 - 00008124 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
==================== Files in the root of some directories =======
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\User\AppData\Roaming\IGTZIQD
2015-01-08 00:02 - 2015-01-08 00:02 - 1356768 _____ () C:\Users\User\AppData\Roaming\IGTZIQD.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\User\AppData\Roaming\VQUFGO
2014-09-22 11:25 - 2014-09-22 11:25 - 1968544 _____ () C:\Users\User\AppData\Roaming\VQUFGO.exe
2015-01-08 14:15 - 2015-03-12 00:15 - 0000086 _____ () C:\Users\User\AppData\Roaming\WB.CFG
2014-06-09 17:11 - 2014-06-09 17:11 - 0000552 _____ () C:\Users\User\AppData\Local\d3d8caps.dat
2014-04-01 10:35 - 2014-11-17 03:41 - 0003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\10981.exe
C:\Users\User\AppData\Local\Temp\12C2FE25-E3F3-C7CB-87AC-D486A92BC03A.dll
C:\Users\User\AppData\Local\Temp\12C2FE25-E3F3-C7CB-87AC-D486A92BC03A.exe
C:\Users\User\AppData\Local\Temp\18be6784_.exe
C:\Users\User\AppData\Local\Temp\294823_.exe
C:\Users\User\AppData\Local\Temp\998C801A-8D5E-9DAB-A871-9F5DAE527369.exe
C:\Users\User\AppData\Local\Temp\BackupSetup.exe
C:\Users\User\AppData\Local\Temp\playsetup.exe
C:\Users\User\AppData\Local\Temp\post1.exe
C:\Users\User\AppData\Local\Temp\post2.dll
C:\Users\User\AppData\Local\Temp\post2.exe
C:\Users\User\AppData\Local\Temp\res.dll
C:\Users\User\AppData\Local\Temp\SP2.exe
C:\Users\User\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-14 16:30
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by User at 2015-03-15 13:39:33
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 8 (HKLM\...\AdobeReader) (Version: - )
Adobe Reader X (10.1.8) - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
ATK0100 ACPI UTILITY (HKLM\...\HControl) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cisco NAC Agent (HKLM\...\{E7EA3614-90FC-4B5F-9AB5-80E9016F5F2C}) (Version: 4.7.3.2 - Cisco Systems, Inc.)
Creator 9 (HKLM\...\CREATOR9) (Version: - )
D-max Syntek USB2.0 V6.32.3.1 (HKLM\...\CMOS) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Firefox (HKLM\...\FirefoxNL) (Version: - )
Flash Player 9 Internet Explorer (HKLM\...\Flashplayer) (Version: - )
GearDrvs (Version: 1 - Symantec Corporation) Hidden
Gebruikersregistratie voor Canon MG3200 series (HKLM\...\Gebruikersregistratie voor Canon MG3200 series) (Version: - Canon Inc.)
Genesys USB Mass Storage Device (HKLM\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 2.4.0.3 - Genesys Logic)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
HDRegBENL (HKLM\...\{6372DAC4-7E35-48A6-B216-79415ACD34B3}) (Version: 2.0.0 - Acxiom)
Infocentre Rev. 2.0 (HKLM\...\Infocentre) (Version: - )
Inst5657 (Version: 5.00.10 - Softex Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LCD-Test (HKLM\...\{E59CD11B-D482-405C-9D0F-39640C02144B}_is1) (Version: 1.3.3 - Packard Bell B.V.)
Malwarebytes Anti-Malware versie 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MediaBar (HKLM\...\iMesh 1 MediaBar) (Version: 3.0.0.107547 - iMesh Inc.) <==== ATTENTION
Messenger Plus! (HKLM\...\Messenger Plus!) (Version: 6.00.0.776 - Yuna Software)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0413-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Mozilla Firefox (2.0.0.20) (HKLM\...\Mozilla Firefox (2.0.0.20)) (Version: 2.0.0.20 (nl) - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (Version: 1.2.0.10 - Symantec Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OmniPass 5.00.10 (Version: 5.00.10 - Softex Inc.) Hidden
Omnipass V5.00.10 (HKLM\...\OMNIPASS) (Version: - )
OpenOffice.org Installer 1.0 (HKLM\...\{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}) (Version: 1.0.9221 - Sun Microsystems)
Packard Bell ImageWriter (HKLM\...\ImageWriter) (Version: - )
Packard Bell ImageWriter v1.1 (HKLM\...\{9F38A000-31A6-4A46-B5AF-07523E3B1E7C}_is1) (Version: 1.1 - Packard Bell B.V.)
Packard Bell LCD Test (HKLM\...\LCDTest) (Version: - )
Packard Bell Updator (HKLM\...\Updator) (Version: - )
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5331 - Realtek Semiconductor Corp.)
SeaTools for Windows (HKLM\...\{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1) (Version: 1.1.0.9 - Packard Bell B.V.)
SetUp My PC (HKLM\...\SETUPMYPC_NL) (Version: - )
Shockwave player 10 (HKLM\...\Shockwave) (Version: - )
Skype 3.2.2.163 (HKLM\...\SKYPE) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.5.0 - Synaptics)
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - nld) (Version: - Microsoft Corporation)
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (HKLM\...\Microsoft .NET Framework 4 Client Profile NLD Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
USB2.0 350K WebCam (HKLM\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: 6.32.03.002 - Bisont Electrocnics. Inc.)
USB2.0 VGA WebCam (HKLM\...\USB2.0 VGA WebCam) (Version: - )
Windows Live - Hulpprogramma voor uploaden (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live aanmeldhulp (HKLM\...\{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}) (Version: 14.0.8117.416 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-03-2015 03:19:06 Windows Update
13-03-2015 04:37:54 Gepland herstelpunt
13-03-2015 19:52:17 Gepland herstelpunt
14-03-2015 17:53:27 Gepland herstelpunt
15-03-2015 05:44:41 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {06E9A1C9-3CA1-4741-9CE0-B28DB8F88B16} - System32\Tasks\IGTZIQD => C:\Users\User\AppData\Roaming\IGTZIQD.exe [2015-01-08] () <==== ATTENTION
Task: {2FA2D856-D641-4BD2-8F2B-E997175D821D} - System32\Tasks\$crrUnisntlDsply$ Updater => C:\Users\User\AppData\Local\pricehorse\pricehorse\1.3.17.0\playsetup.exe
Task: {3CD69016-C440-477B-846B-D05454C4BFA9} - System32\Tasks\gameo_update => C:\Users\Hidara
Task: {4552ECFD-5010-40F4-922F-8C3F98C27D80} - \User_Feed_Synchronization-{339A5C54-1BCD-4930-B483-DA1A30E724B0} No Task File <==== ATTENTION
Task: {63D0E54F-0561-4A39-8736-24B59392D980} - System32\Tasks\GoogleUpdateTaskMachineUA1cf2b18f7650d08 => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {6E0DAD00-9031-40BA-8BCA-F17F8A0242B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {74D9A0CD-D637-4E8D-A956-3745637256E1} - System32\Tasks\Microsoft\Windows\RestartManager\{E6F84D8B-5C65-4f75-8118-B8B4E329CE5F} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {86EBA22B-20DF-4D21-BC8F-35EE8154A6A2} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: {9C9291EA-AFD1-46D4-923E-468935192583} - System32\Tasks\SpeedChecker_wd => C:\Program Files\ver7SpeedChecker\V1SpeedCheckerj.exe <==== ATTENTION
Task: {A0ADBBB4-89DE-468A-8707-828C3AFFCEA7} - System32\Tasks\Recovery DVD Creator => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe [2006-11-21] (Packard Bell BV)
Task: {AFD74F5A-B73B-4E47-AE16-D73E40F3DC06} - \GoogleUpdateTaskUserS-1-5-21-3988253976-802080291-3916808085-1003UA No Task File <==== ATTENTION
Task: {B25990F4-5CFE-4D89-A996-FE9F94CE9DD1} - System32\Tasks\GoogleUpdateTaskMachineCore1cf2b18eadeb0e8 => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {B4E5C106-0B6B-46B3-8781-4742A9E1E3A7} - System32\Tasks\PBReg => C:\Program Files\HDReg\HDRegDel.exe [2005-06-21] () <==== ATTENTION
Task: {B7F143AD-AE3F-4C3F-AAD1-07155341CDD6} - System32\Tasks\PBRegbk => C:\Program Files\HDReg\HDRegDel.exe [2005-06-21] () <==== ATTENTION
Task: {C88E9847-57A6-458D-9719-D6D693F9F8E3} - System32\Tasks\iMeshNAG => C:\Users\ABDELH~1\AppData\Local\Temp\iMesh_setup.exe <==== ATTENTION
Task: {E3B3B7E2-5020-46DA-9DC8-26EE0B61F7A0} - System32\Tasks\Uitgebreide garantie => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe [2006-11-21] (Packard Bell BV)
Task: {ED6314E4-F953-4AD9-9E4E-3C9C9957D536} - System32\Tasks\$crrUnisntlDsply$ => C:\Users\User\AppData\Local\pricehorse\pricehorse\1.3.17.0\pricehorse.exe
Task: {F88F1FB2-6221-4EF8-929C-90496563C905} - \GoogleUpdateTaskUserS-1-5-21-3988253976-802080291-3916808085-1003Core No Task File <==== ATTENTION
Task: {FB72A0AB-05EF-4EE4-80C4-53BA12290405} - System32\Tasks\Voo Update => C:\Users\HIDARA~1\AppData\Roaming\VOOUPD~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {FC3C75BB-1457-43E5-BC0B-C9E2C07AA828} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf2b18eadeb0e8.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf2b18f7650d08.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IGTZIQD.job =>
Task: C:\Windows\Tasks\iMeshNAG.job => C:\Users\ABDELH~1\AppData\Local\Temp\iMesh_setup.exe <==== ATTENTION
Task: C:\Windows\Tasks\PBReg.job => C:\Program Files\HDReg\HDRegDel.exe <==== ATTENTION
Task: C:\Windows\Tasks\PBRegbk.job => C:\Program Files\HDReg\HDRegDel.exe <==== ATTENTION
Task: C:\Windows\Tasks\Recovery DVD Creator.job => C:\Program Files\Packard Bell\SetupMyPc\MCDCheck.exe
Task: C:\Windows\Tasks\Uitgebreide garantie.job => C:\Program Files\Packard Bell\SetupmyPC\PBCarNot.exe
Task: C:\Windows\Tasks\Voo Update.job => C:\Users\HIDARA~1\AppData\Roaming\VOOUPD~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\VQUFGO.job =>
==================== Loaded Modules (whitelisted) ==============
2007-11-09 13:13 - 2006-12-15 18:09 - 00065536 _____ () C:\Program Files\Softex\OmniPass\opfsdll.dll
2007-11-09 13:13 - 2006-12-15 18:09 - 00016896 _____ () C:\Program Files\Softex\OmniPass\cryptodll.dll
2007-11-09 13:13 - 2006-12-15 18:09 - 00417792 _____ () C:\Program Files\Softex\OmniPass\userdata.dll
2007-11-09 13:13 - 2006-12-15 18:09 - 00991232 _____ () C:\Program Files\Softex\OmniPass\autheng.dll
2007-11-09 13:13 - 2006-12-15 18:09 - 00532480 _____ () C:\Program Files\Softex\OmniPass\storeng.dll
2007-11-09 13:13 - 2006-12-15 18:09 - 00013824 _____ () C:\Program Files\Softex\OmniPass\ssplogon.dll
2007-11-09 13:13 - 2006-12-15 18:14 - 00047552 _____ () C:\Program Files\Softex\OmniPass\hdddrv.dll
2007-11-09 13:13 - 2006-12-15 17:58 - 02501600 _____ () C:\Program Files\Softex\OmniPass\sftxtgp.dll
2007-11-09 13:13 - 2006-12-15 18:14 - 00069632 _____ () C:\Program Files\Softex\OmniPass\opvapp.exe
2007-11-09 13:13 - 2006-12-15 18:09 - 00016896 _____ () C:\Program Files\Softex\OmniPass\Cryptodll.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\User\Desktop\Abdel Hidara:Roxio EMC Stream
AlternateDataStreams: C:\Users\User\Desktop\Dushi:Roxio EMC Stream
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3988253976-802080291-3916808085-1004\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 172.19.243.50
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: avg8wd => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: NACAgent => 2
MSCONFIG\Services: omniserv => 2
MSCONFIG\Services: rcores => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: RoxMediaDB9 => 3
MSCONFIG\Services: RoxWatch9 => 2
MSCONFIG\Services: serverca => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: StkSSrv => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: wpsvc_1.10.0.5 => 2
MSCONFIG\startupfolder: C:^Users^Abdel Hidara^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tchatche Messenger.lnk => C:\Windows\pss\Tchatche Messenger.lnk.Startup
MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: $crrUnisntlDsply$ => C:\Users\User\AppData\Local\pricehorse\pricehorse\1.3.17.0\pricehorse.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AVG8_TRAY => C:\PROGRA~1\AVG\AVG8\avgtray.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: FreeCall => "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HControl => C:\Windows\ATK0100\HControl.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: ISUSPM => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
MSCONFIG\startupreg: MsnMsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: MSPService => C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
MSCONFIG\startupreg: NACAgentUI => C:\Program Files\Cisco\Cisco NAC Agent\NACAgentUI.exe
MSCONFIG\startupreg: OmniPass => C:\Program Files\Softex\OmniPass\scureapp.exe
MSCONFIG\startupreg: PAS => C:\Program Files\PAS\pas.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PlusService => C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SmpcSys => C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
MSCONFIG\startupreg: toolbar_eula_launcher => C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
MSCONFIG\startupreg: UMonit => C:\Windows\system32\UMonit.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
==================== Accounts: =============================
Administrator (S-1-5-21-3988253976-802080291-3916808085-500 - Administrator - Disabled)
Gast (S-1-5-21-3988253976-802080291-3916808085-501 - Limited - Disabled)
User (S-1-5-21-3988253976-802080291-3916808085-1004 - Administrator - Enabled) => C:\Users\User
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/12/2015 10:58:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Kan activeringscontext voor 'Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386"1' niet maken.
Kan afhankelijke assembly Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386" niet vinden.
Gebruik sxstrace.exe voor een gedetailleerde diagnose.
Error: (03/12/2015 10:55:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programma Au_.exe, versie 3.0.0.42011 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren.
Proces-id: 1258
Starttijd: 01d05d0e3ff6ca80
Eindtijd: 31
Error: (03/12/2015 10:44:24 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: De vermelding <C:\USERS\User\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\DESKTOP.INI> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing Windows, catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
Error: (03/12/2015 10:44:14 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: De vermelding <C:\USERS\User\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012015031220150313> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing Windows, catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
Error: (03/12/2015 10:38:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Kan activeringscontext voor 'Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386"1' niet maken.
Kan afhankelijke assembly Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386" niet vinden.
Gebruik sxstrace.exe voor een gedetailleerde diagnose.
Error: (03/12/2015 10:38:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Kan activeringscontext voor 'Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386"1' niet maken.
Kan afhankelijke assembly Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386" niet vinden.
Gebruik sxstrace.exe voor een gedetailleerde diagnose.
Error: (03/12/2015 04:26:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Toepassing met fout chrome.exe, versie 37.0.2062.120, tijdstempel 0x5407bf0e, module met fout ole32.dll, versie 6.0.6002.18277, tijdstempel 0x4c28d53e, uitzonderingscode 0xc0000005, foutmarge 0x00047333,
proces-id 0x5c0, starttijd van toepassing 0xchrome.exe0.
Error: (03/12/2015 04:24:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Toepassing met fout chrome.exe, versie 37.0.2062.120, tijdstempel 0x5407bf0e, module met fout ole32.dll, versie 6.0.6002.18277, tijdstempel 0x4c28d53e, uitzonderingscode 0xc0000005, foutmarge 0x00047333,
proces-id 0x105c, starttijd van toepassing 0xchrome.exe0.
Error: (03/12/2015 01:38:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Toepassing met fout chrome.exe, versie 37.0.2062.120, tijdstempel 0x5407bf0e, module met fout ole32.dll, versie 6.0.6002.18277, tijdstempel 0x4c28d53e, uitzonderingscode 0xc0000005, foutmarge 0x00047333,
proces-id 0xccc, starttijd van toepassing 0xchrome.exe0.
Error: (03/12/2015 00:10:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Kan activeringscontext voor 'Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386"1' niet maken.
Kan afhankelijke assembly Microsoft.Windows.GdiPlus,language="*",processorArchitecture="*",publicKeyToken="6595b64144ccf1df",type="win32",version="1.1.6000.16386" niet vinden.
Gebruik sxstrace.exe voor een gedetailleerde diagnose.
System errors:
=============
Error: (04/25/2009 01:48:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 14:46:52 op 25/04/2009 is onverwacht gebeurd.
Error: (04/24/2009 02:27:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update
Error: (04/24/2009 02:23:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (04/24/2009 02:22:54 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (04/23/2009 02:04:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (04/23/2009 02:03:18 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (04/23/2009 11:56:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (04/23/2009 11:55:48 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (04/23/2009 11:43:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (04/23/2009 11:42:36 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Microsoft Office Sessions:
=========================
Error: (10/11/2011 00:40:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 26 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/11/2011 00:39:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/11/2011 00:39:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1760 seconds with 540 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-03-13 03:49:56.934
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:49:56.217
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:49:55.484
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:49:54.766
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:49:54.048
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:49:53.315
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:47:18.922
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:47:18.189
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:47:17.456
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2015-03-13 03:47:16.738
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
==================== Memory info ===========================
Processor: Intel® Core™2 CPU T5200 @ 1.60GHz
Percentage of memory in use: 51%
Total physical RAM: 2038.56 MB
Available physical RAM: 988.55 MB
Total Pagefile: 4316.38 MB
Available Pagefile: 3276.5 MB
Total Virtual: 2047.88 MB
Available Virtual: 1924.44 MB
==================== Drives ================================
Drive c: (HDD) (Fixed) (Total:141.04 GB) (Free:65.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 3B56499B)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=141 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Sign In
Create Account
