Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015 Ran by Ellen at 2015-05-20 19:48:22 Running from C:\Users\Ellen\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-889363557-2036165539-3501339599-500 - Administrator - Disabled) Ellen (S-1-5-21-889363557-2036165539-3501339599-1001 - Administrator - Enabled) => C:\Users\Ellen Gast (S-1-5-21-889363557-2036165539-3501339599-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-889363557-2036165539-3501339599-1003 - Limited - Enabled) Nick (S-1-5-21-889363557-2036165539-3501339599-1004 - Limited - Enabled) => C:\Users\Nick ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Antivirus en antispyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: McAfee Antivirus en antispyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0519.2011 - Acer Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe) Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden ANNO 1404 - Gold Edition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Ashampoo Music Studio 3 (HKLM-x32\...\Ashampoo Music Studio 3) (Version: - ashampoo Technology GmbH & Co. KG) Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft) AudioLava 1.0 (HKLM-x32\...\AudioLava_is1) (Version: 1.0 - Acon Digital Media GmbH) Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Boris Graffiti for Corel (HKLM-x32\...\{48A00644-2D97-43B5-A614-603DECF3E5F6}) (Version: 5.30.600 - Boris FX, Inc.) Boris Graffiti for Corel (x32 Version: 5.30.600 - Boris FX, Inc.) Hidden Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.) Canon Utilities Digital Photo Professional 3.8 (HKLM-x32\...\DPP) (Version: 3.8.1.0 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.) Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cities XL 2012 (HKLM-x32\...\Cities XL 2012) (Version: 1.0.0 - Focus Home Interactive) clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.) clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden clear.fi (x32 Version: 1.0.1720.00 - CyberLink Corp.) Hidden clear.fi (x32 Version: 9.0.7709 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated) Common (x32 Version: 14.1.0.126 - Corel Corporation) Hidden Contents (x32 Version: 14.1.0.126 - Corel Corporation) Hidden Corel VideoStudio Pro X4 Ultimate (HKLM-x32\...\_{AA902C31-B49D-4608-BCCF-2519EB77722D}) (Version: 14.1.0.126 - Corel Corporation) Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden De Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts) DeviceIO (x32 Version: 14.1.0.126 - Corel Corporation) Hidden DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC) DOFMaster (HKLM-x32\...\DOFMaster) (Version: - ) Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts) Dropbox (HKU\S-1-5-21-889363557-2036165539-3501339599-1001\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.) DVD Ripper Platinum 4 (HKLM-x32\...\DVD Ripper Platinum 4) (Version: 4.0.56.0928 - Xilisoft) EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net) Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version: - VTech) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project) Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Garmin Communicator Plugin (HKLM-x32\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries) Google Chrome (HKU\S-1-5-21-889363557-2036165539-3501339599-1001\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.) Google Drive (HKLM-x32\...\{35574F09-89F9-4B16-B69B-64F3E25901B8}) (Version: 1.21.9226.6034 - Google, Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden google.com (HKLM-x32\...\{345DE681-9D24-4BAD-BB65-C065A3BF3B09}) (Version: 10.211.1.13850 - ReSoft Ltd.) Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Google+ Auto Backup (HKU\S-1-5-21-889363557-2036165539-3501339599-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.) HaJé's Letters Schuiven 2.11 (HKLM-x32\...\ST5UNST #2) (Version: - ) HaJé's Woordjes Maken 2.11 (HKLM-x32\...\ST5UNST #3) (Version: - ) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) HTML-Kit 292 (HKLM-x32\...\HTMLKit_is1) (Version: 1.0 - HTMLKit.com) ICA (x32 Version: 14.1.0.126 - Corel Corporation) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden ISCOM (x32 Version: 14.1.0.126 - Corel Corporation) Hidden iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.) Luminance HDR 2.3.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team) Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Maxtor Manager (HKLM-x32\...\InstallShield_{B8281D46-D846-4BB9-BC84-F1115A7BF820}) (Version: 4.01.0227 - Seagate Technology) Maxtor Manager (x32 Version: 4.01.0227 - Seagate Technology) Hidden McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.274 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft IntelliPoint 7.1 (HKLM\...\{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}) (Version: 7.10.344.0 - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MixPad (HKLM-x32\...\MixPad) (Version: - NCH Software) Mobiel Internet Software (HKLM-x32\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - KPN) Mozilla Firefox 37.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 nl)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-889363557-2036165539-3501339599-1001\...\MyFreeCodec) (Version: - ) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) Norton Security Scan (HKLM-x32\...\NSS) (Version: 3.6.1.11 - Symantec Corporation) NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OpenOffice 4.0.1 (HKLM-x32\...\{EA9BAE1A-2D68-4160-81E6-14B712435D66}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.) PC Connectivity Solution (HKLM-x32\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden proDAD Mercalli 2.0 (HKLM-x32\...\proDAD-Mercalli-2.0) (Version: 2.0.92 - proDAD GmbH) PureHD (x32 Version: 14.1.0.126 - Corel Corporation) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden Robbie Konijn Groep 3 Pret in de wolken! (HKLM-x32\...\Robbie Konijn Groep 3 Pret in de wolken!) (Version: - ) Robbie Konijn Groep 4 Schipbreuk op Kaaseiland! (HKLM-x32\...\Robbie Konijn Groep 4 Schipbreuk op Kaaseiland!) (Version: - ) Robbie Konijn Kleuter Buitelen in ballonstad! (HKLM-x32\...\Robbie Konijn Kleuter Buitelen in ballonstad!) (Version: - ) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - ) Setup (x32 Version: 14.1.0.126 - Corel Corporation) Hidden Share (x32 Version: 14.1.0.126 - Corel Corporation) Hidden Share64 (Version: 14.1.0.126 - Corel Corporation) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.) SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden Sommetjes Maken 1.1 (HKLM-x32\...\ST5UNST #1) (Version: - ) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated) System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC) Time Mysteries: De Nalatenschap (HKLM-x32\...\BFG-Time Mysteries - De Nalatenschap) (Version: - ) Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIO (x32 Version: 14.1.0.126 - Corel Corporation) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden VSClassic (x32 Version: 14.1.0.126 - Corel Corporation) Hidden VSUltimate (x32 Version: 14.1.0.126 - Corel Corporation) Hidden VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: - NCH Software) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation) ZTE_1.2074.0.4 (HKLM-x32\...\ZTE_1.2074.0.4) (Version: - ) Zulu DJ Software (HKLM-x32\...\Zulu) (Version: - NCH Software) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ellen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-889363557-2036165539-3501339599-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ellen\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 19-05-2015 23:11:48 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00FE958A-5217-422F-9E1F-CD89E127B05A} - System32\Tasks\{C472E4F2-F22B-4568-8F08-9CF73D74DB75} => D:\null.exe Task: {022C310F-6D1E-4E04-B252-06A38BD89DAD} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-11-05] (Microsoft Corporation) Task: {0C0B09D3-E2F5-4C95-B6CD-AAA3C32C8722} - System32\Tasks\{D43CBB7D-897B-40CD-8DB2-A517F37B6ACC} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {14F9BC6E-2766-4A21-94B8-2366C0492C7F} - System32\Tasks\{F2D8CA20-BDA9-4F6B-ADD9-946F1792B701} => pcalua.exe -a C:\Users\Ellen\Desktop\zoek.exe -d C:\Users\Ellen\Desktop Task: {19E2FB16-9C55-4339-9991-5193F188B385} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.) Task: {1B0BA974-04AD-413B-BF9B-C17E1901F594} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.) Task: {1D3FAD16-9C84-4273-B03C-C11073D533AD} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.) Task: {2821EA17-76C2-4882-810A-DAB7DD072119} - System32\Tasks\{2A6C7684-58E5-4FA6-AEC5-DB1C7DC7245F} => pcalua.exe -a D:\Sims3Setup.exe -d D:\ Task: {2A1DA217-CD19-41D9-BC8F-0B19D7BA0194} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {2D4F1A21-BBAE-401E-AC0A-EB5C433F1947} - System32\Tasks\{4A2720A3-9E22-439E-92EC-A2862A4D16FB} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {312E27C0-3BB0-49CB-8239-9DBEAEE25381} - System32\Tasks\{15B64F3A-3C51-41AD-A48A-47389ABBEB11} => D:\null.exe Task: {326717C7-4CC3-4523-9002-37EC8635E412} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {3B169C6C-75E3-45E9-BD6B-CEF4F2DA2F72} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {3B4ED9DB-7E69-4F2B-9789-C6FC29117DFE} - System32\Tasks\{13D427FE-9BAF-400B-9B18-4DBF6F3F9E7D} => pcalua.exe -a "C:\Users\Ellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LRN20AW1\CommunicatorPlugin_403.exe" -d C:\Users\Ellen\Desktop Task: {3C39618E-6A96-456A-BCFC-65E9DA4A74CB} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink) Task: {3C95C9B8-1DCE-41CE-8EAE-543DDA1D20EB} - System32\Tasks\{7079E755-01FC-43B6-A14D-8E5A89253484} => C:\Program Files (x86)\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe Task: {3D0C3982-7EF1-49FE-A4BB-46831DEEFAE0} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-06-18] (Acer) Task: {3D8148ED-B8BF-4012-8D73-C8A02FC78C52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.) Task: {3EE4077E-78BF-407D-98D3-B3C0C010B902} - System32\Tasks\{A9D653F9-4E69-4828-A9B6-F7C06E96F92E} => pcalua.exe -a C:\Users\Ellen\Downloads\crystalskull_setup.exe -d C:\Users\Ellen\Downloads Task: {40CBC277-305E-4DD3-9B74-C6A58CC5AEF5} - \DealPly No Task File <==== ATTENTION Task: {4738FB16-C11C-49FB-981A-F5DED37FC846} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated) Task: {4D368C44-DD36-451A-91B4-5462A7756981} - System32\Tasks\{98CB24B7-1F3D-4D09-8276-2B12AB45E6AD} => C:\Program Files (x86)\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe Task: {4EC2A8C8-DE0D-45C6-BA2B-2CE839333370} - System32\Tasks\{F24A48A7-B3CA-4BC2-84D0-230DC60C2A69} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {5218A92F-D5F6-4EF2-98AE-6C21202D384B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {5821DDD7-9958-4E30-8C95-BF4217FD3F4D} - System32\Tasks\{2DCA050C-F515-4036-A958-1974A77B13C7} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {5F6A4C08-1F0B-43A1-8A65-E77548F7B32E} - System32\Tasks\{1BDF09E0-593A-4A91-99CE-9124C928EEFF} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {60508212-EC84-43BB-BE9B-80CD71570A73} - System32\Tasks\{00946D02-8BF4-428D-B62B-C3271692B028} => pcalua.exe -a C:\Users\Ellen\Downloads\TagesSetup.exe -d C:\Users\Ellen\Downloads Task: {65886FC5-8685-4E98-9785-221399A111E9} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-04-30] (Adobe Systems Incorporated) Task: {66B4A2C5-E983-4A53-AA91-1D7BB5F9BA2F} - System32\Tasks\{DB566621-20DD-4DD7-A0FD-716A60556D15} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {7BC5910A-0F4B-4AC9-B95C-9DA1B8600327} - System32\Tasks\{5A3222F1-0B9A-432E-A5EE-3317EE2E0FA0} => pcalua.exe -a C:\Users\Ellen\Downloads\wmp11-windowsxp-x86-NL-NL.exe -d C:\Users\Ellen\Downloads Task: {822CF55B-1A5D-411C-BEEC-C8AEE90829B2} - System32\Tasks\{E0B74425-B6B5-4298-A082-FB565BE084C4} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {87153DCF-2879-4810-8A30-000328002C76} - System32\Tasks\{13FD9912-B0E7-4B8D-8E38-E26D92B29222} => D:\Setup.exe [2008-06-02] (Macrovision Corporation) Task: {87A33BEB-615E-4571-9CC0-BDD1F11D87EA} - System32\Tasks\{6B2B115C-A67B-451B-AD23-3372CF7E600C} => C:\Program Files (x86)\Mindscape\Robbie Konijn Kleuter Buitelen in ballonstad!\TLCRUN.EXE [2001-05-16] (The Learning Company) Task: {8F952223-F08E-4D07-B77D-54521E86A186} - \DealPlyUpdate No Task File <==== ATTENTION Task: {A1134051-812F-48C9-974A-A2BBAFCF922B} - System32\Tasks\{5CD0E584-6F75-40B4-911B-784DE8C74B3D} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {A114C2FE-0B0E-4569-BF4E-34E2A144D780} - System32\Tasks\{7F49821B-EB17-4560-BF97-E62AAA312C29} => D:\Setup.exe [2008-06-02] (Macrovision Corporation) Task: {A51C5CE4-AE99-4D52-A22E-89C00EE174B9} - System32\Tasks\{9F11829B-C0B8-41CA-93EE-8FB3EE7ADF2D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE686891-3C56-4714-AFEF-341A7867BA80}\SETUP.EXE" -c -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0013 -removeonly Task: {A5BFDA88-2588-4D72-93C6-426BA6D18008} - System32\Tasks\{F550CC36-5AC3-4062-B4FC-998C715ACFB0} => C:\Program Files (x86)\Mindscape\Robbie Konijn Kleuter Buitelen in ballonstad!\TLCRUN.EXE [2001-05-16] (The Learning Company) Task: {A6715EA3-CCE9-42E9-ABC2-1CDA2BE8C4BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.) Task: {B97A9C0B-C86E-4EAA-8197-878A7224F87D} - System32\Tasks\{86E4FB26-6148-4B5E-A9B7-A96501050682} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {BA516D91-9661-4266-9BC6-0B1B8390800E} - System32\Tasks\{AFD7A244-5D38-455D-B1FF-BF9D766959CB} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {BF4DEFC8-F76C-48FD-85E2-FBE6F10468DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-889363557-2036165539-3501339599-1001Core => C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.) Task: {C0C804C3-4152-4282-9FC2-DC7E84F8572D} - System32\Tasks\{5FD999AE-5362-4F2F-B55E-D0A94892944D} => D:\null.exe Task: {C1422DC0-A064-4A14-BC92-20E215CB9912} - System32\Tasks\{54238986-0ED6-4026-BF11-3BEB8ED817DF} => Firefox.exe Task: {D3E7AAD6-9919-4C20-AE11-2CF58FB3122F} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {E117AD2F-208C-4308-858B-2F36682557AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated) Task: {E816D4A9-A543-4DEC-B53C-DA57A2A9DD9E} - System32\Tasks\{8B28DA43-F1EF-47A6-AD6A-34BEC9F0C704} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {EB74751E-6CCD-4FF3-9462-9F11BA06C714} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EF6C5D52-C855-4842-8EAC-FE03C0CA5DB8} - System32\Tasks\{04723BCD-A704-4DA8-902A-B9FCA297C818} => D:\null.exe Task: {F5318C65-F8D4-4E66-BA43-34CF710B61B8} - System32\Tasks\Norton Security Scan for Ellen => C:\PROGRA~2\NORTON~2\Engine\361~1.11\Nss.exe Task: {F6EDF705-C682-4604-B849-D563CEC96C55} - System32\Tasks\{F29A516C-95F3-458A-A0C7-7356BB4756C8} => C:\Program Files (x86)\Nobilis\The Secrets of Da Vinci\SDV.exe Task: {F9E2D2D3-3EFC-457D-AF4C-6CA4454A82A5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-889363557-2036165539-3501339599-1001Core1d090c12f6414dd => C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.) Task: {FB204F81-B9D8-42E2-93D9-19D3E223AF54} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-889363557-2036165539-3501339599-1001UA1cf30c418896b74 => C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.) Task: {FFC94BBD-393F-4C8A-9CDA-A720F90887B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889363557-2036165539-3501339599-1001Core.job => C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889363557-2036165539-3501339599-1001Core1d090c12f6414dd.job => C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-889363557-2036165539-3501339599-1001UA1cf30c418896b74.job => C:\Users\Ellen\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Norton Security Scan for Ellen.job => C:\PROGRA~2\NORTON~2\Engine\361~1.11\Nss.exe ==================== Loaded Modules (Whitelisted) ============== 2014-05-19 20:23 - 2014-07-02 22:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-05-19 20:36 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-07-29 18:59 - 2013-07-29 18:59 - 01915904 _____ () C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe 2013-07-29 18:59 - 2012-09-26 11:15 - 00294400 _____ () C:\Program Files (x86)\KPN\Mobiel Internet Software\LoggerServer.exe 2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2011-08-12 11:01 - 2011-06-10 19:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2014-10-13 03:50 - 2014-06-20 08:42 - 00401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe 2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2013-12-26 18:30 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-12-26 18:30 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-12-26 18:30 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-12-26 18:30 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-12-26 18:30 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-05-19 22:49 - 2015-05-19 22:49 - 00133120 _____ () C:\Users\Ellen\AppData\Roaming\ujgfbvzu\subcalal.dll 2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2014-10-13 03:50 - 2014-03-04 13:20 - 00117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll 2014-10-13 03:50 - 2014-04-22 04:14 - 00065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll 2014-10-13 03:50 - 2014-05-06 07:39 - 00861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll 2014-10-13 03:50 - 2014-05-06 07:38 - 00021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll 2014-10-13 03:50 - 2014-05-06 07:38 - 00020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll 2014-10-13 03:50 - 2014-05-06 07:38 - 00204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll 2014-10-13 03:50 - 2014-05-06 12:44 - 00218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll 2014-10-13 03:50 - 2014-05-06 07:58 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll 2014-10-13 03:50 - 2014-05-06 12:44 - 00015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll 2014-10-13 03:50 - 2014-05-06 12:44 - 00307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll 2014-10-13 03:50 - 2014-05-06 12:44 - 00014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll 2014-10-13 03:50 - 2014-05-06 08:31 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll 2014-10-13 03:50 - 2014-05-06 07:38 - 00036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll 2014-10-13 03:50 - 2014-05-06 07:38 - 00038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll 2011-05-20 20:13 - 2011-05-20 20:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 2014-10-19 18:44 - 2014-10-19 18:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll 2011-08-12 10:21 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-04-19 18:33 - 2015-04-19 18:33 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 AlternateDataStreams: C:\ProgramData\Temp:090FB735 AlternateDataStreams: C:\ProgramData\Temp:98DFF516 AlternateDataStreams: C:\ProgramData\Temp:DE875C30 AlternateDataStreams: C:\ProgramData\Temp:E51234A9 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-889363557-2036165539-3501339599-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ellen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [{DCD0764F-F2FC-4692-AC00-6182656DB809}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{4C66A1DB-2E1D-4DA4-8163-41FAE4C345F5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3888A507-1516-4ED1-821E-977521D6B78C}] => (Allow) LPort=2869 FirewallRules: [{31121F76-DD69-40E4-89B8-C263E364B915}] => (Allow) LPort=1900 FirewallRules: [{70A03D02-C530-4568-B384-44A71E4A26EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{2440E1B4-BA41-497F-9494-B7F27A366469}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{6EAB9699-5F5C-46E1-8A8D-85D4BB977D2A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{DD4A6871-8E87-4260-B2CF-F1A7050E0E34}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{B8FFBC74-32B3-42BD-822C-A2AFA41DF385}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe FirewallRules: [{A8D1A08F-6039-4B5C-8E5C-7BB5DAFFCC0F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{B5695DCE-F018-4798-A134-0794B17F2603}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe FirewallRules: [{565AE102-BB10-46CA-921E-7FCDE25C8771}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{5AB37102-FD25-4886-B8BA-E9902DA3577E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{BD9CAE5C-AB8E-4C27-9FE2-9FADA1CFDC89}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{D6CD89B1-A53C-4C8E-9638-8802C053DF57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe FirewallRules: [{75734E4B-2B85-4566-8FE0-013C098EF3F3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe FirewallRules: [{E561D1BB-5E98-425B-9364-18DF7566CDAE}] => (Allow) C:\Program Files (x86)\Airport Simulator 2011\iupdate.dll FirewallRules: [{DED1AFE5-5AD7-412F-BF14-3FE9CE9F6F39}] => (Allow) C:\Program Files (x86)\Airport Simulator 2011\iupdate.dll FirewallRules: [{6B79B6D7-3ADE-4225-8AC9-DCFF4838F2F0}] => (Allow) C:\Program Files (x86)\Airport Simulator 2011\airport.dll FirewallRules: [{7161F91C-D54E-4BB4-B583-7575BE89C8C1}] => (Allow) C:\Program Files (x86)\Airport Simulator 2011\airport.dll FirewallRules: [{922B92AD-B5B2-439E-B8AE-9F326F315526}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{64DC122F-B61C-48B2-9952-F12BBE06596A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0A7909F4-751F-46DB-882C-CBEA1C8C3193}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1AD63DF6-BCAA-4C27-A3A2-DC877A438437}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{55618B8D-F402-4DAB-860B-DDA7F7ACEA6B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{E3412CC6-A2C2-4455-8960-D78F8B0B8D59}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{8AE56944-DBDE-422C-9F23-64F41D49239A}] => (Allow) C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{190142E1-5FF2-46DA-9210-88216459464F}] => (Allow) C:\Users\Ellen\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{13A0F35A-FE15-4F8E-83C4-47C64B5A8910}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{B7D0F8F6-60A2-43AA-B0E5-85F5D50180CB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{6F98BA9B-7E1E-4C37-A947-2A936E508DCD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe FirewallRules: [{53695FEF-96C6-42AE-B48C-EB74151F8BDD}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe FirewallRules: [{129D5449-894A-4D50-9B4C-B8560866DC11}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe FirewallRules: [{EA0891CF-1E5F-41FB-A504-880C3206D9E8}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe FirewallRules: [{05ECFF4F-EEB1-4407-B10E-1D08AC5966D1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe FirewallRules: [{3B79B0BF-620B-4F07-9576-BAB9C273D3FA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe FirewallRules: [{4992A07D-A1F2-4789-ACCF-1A2939E12D62}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe FirewallRules: [{E8EE86C3-95C9-49B9-AE1E-FA2962E3F49A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe FirewallRules: [{FDAB715C-1495-4C49-AF67-566EB1D2D958}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe FirewallRules: [{27C222CA-6A5D-4723-B201-717D9975C784}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe FirewallRules: [TCP Query User{B08F8204-BBEE-48CC-AADF-F4D8FD35A397}C:\program files (x86)\ubisoft\related designs\anno 1404 - gold edition\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404 - gold edition\tools\anno4web.exe FirewallRules: [UDP Query User{49074ABC-5A87-4641-B910-009B5787861D}C:\program files (x86)\ubisoft\related designs\anno 1404 - gold edition\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404 - gold edition\tools\anno4web.exe FirewallRules: [{3D7F191F-DC62-4356-A240-1794F896DEA7}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe FirewallRules: [{143CC3E9-9D06-4CB5-91F1-5D0D3A571897}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe FirewallRules: [{0682DD1E-02D1-46E2-9F38-6E54889024F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{220E0973-23C4-43C9-9C30-C03E97B4A571}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{93B0996D-9CC4-4747-8AF5-D417CB304087}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BDCFEA86-8F26-46FD-9BFB-64175E6AF173}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{29283F1F-DCE5-4383-92F5-D427DA306FD7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{621A3B4F-DA0D-48E9-9812-6769A5139E16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{627D4032-DF30-47C9-A5D5-035B8CFB3FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7D3EAB27-9C4A-4587-8CA1-E018086EF31F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{652ADE99-12E0-4B52-B74C-6FA9F17DA832}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{6FC2624D-FDF9-4A68-BAAF-B94FB4CF6B29}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe FirewallRules: [{96B1C0EA-6362-45A8-AF64-3D72F8E41D30}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5D0DB35D-8D77-4C77-BFF6-45D9F7E04C77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3B3AD001-613C-484F-866F-463771B2CA21}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{4C2A7918-9D78-4040-A916-7787223E6CCC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe FirewallRules: [{B77688DB-4B0B-43B5-937D-D3A5572C894B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe FirewallRules: [{A1AEF801-3CE0-41FF-A827-30025C0AFDE9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe FirewallRules: [{6CA10286-E17F-4EEC-8D68-350A7C4C266D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe FirewallRules: [{CC911DF1-C7AB-47A5-861E-EF14C1924037}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe FirewallRules: [{54AF622A-4620-4A1D-B5E3-0C009FB6198D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/20/2015 07:18:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamservice.exe, versie: 3.0.2.0, tijdstempel: 0x5318d363 Naam van module met fout: mbamservice.exe, versie: 3.0.2.0, tijdstempel: 0x5318d363 Uitzonderingscode: 0x40000015 Foutoffset: 0x0007da8a Id van proces met fout: 0x9d4 Starttijd van toepassing met fout: 0xmbamservice.exe0 Pad naar toepassing met fout: mbamservice.exe1 Pad naar module met fout: mbamservice.exe2 Rapport-id: mbamservice.exe3 Error: (05/20/2015 07:18:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/20/2015 07:18:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamscheduler.exe, versie: 3.0.2.0, tijdstempel: 0x5339cec3 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x8f8 Starttijd van toepassing met fout: 0xmbamscheduler.exe0 Pad naar toepassing met fout: mbamscheduler.exe1 Pad naar module met fout: mbamscheduler.exe2 Rapport-id: mbamscheduler.exe3 Error: (05/19/2015 10:59:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 10:59:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamservice.exe, versie: 3.0.2.0, tijdstempel: 0x5318d363 Naam van module met fout: mbamservice.exe, versie: 3.0.2.0, tijdstempel: 0x5318d363 Uitzonderingscode: 0x40000015 Foutoffset: 0x0007da8a Id van proces met fout: 0xbb0 Starttijd van toepassing met fout: 0xmbamservice.exe0 Pad naar toepassing met fout: mbamservice.exe1 Pad naar module met fout: mbamservice.exe2 Rapport-id: mbamservice.exe3 Error: (05/19/2015 10:59:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamscheduler.exe, versie: 3.0.2.0, tijdstempel: 0x5339cec3 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0x9fc Starttijd van toepassing met fout: 0xmbamscheduler.exe0 Pad naar toepassing met fout: mbamscheduler.exe1 Pad naar module met fout: mbamscheduler.exe2 Rapport-id: mbamscheduler.exe3 Error: (05/19/2015 10:49:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 37.0.2.5583, tijdstempel: 0x552ef76c Naam van module met fout: mozalloc.dll, versie: 37.0.2.5583, tijdstempel: 0x552ee9ae Uitzonderingscode: 0x80000003 Foutoffset: 0x00001aa1 Id van proces met fout: 0x1a0c Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (05/19/2015 10:22:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 10:21:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamservice.exe, versie: 3.0.2.0, tijdstempel: 0x5318d363 Naam van module met fout: mbamservice.exe, versie: 3.0.2.0, tijdstempel: 0x5318d363 Uitzonderingscode: 0x40000015 Foutoffset: 0x0007da8a Id van proces met fout: 0xfd4 Starttijd van toepassing met fout: 0xmbamservice.exe0 Pad naar toepassing met fout: mbamservice.exe1 Pad naar module met fout: mbamservice.exe2 Rapport-id: mbamservice.exe3 Error: (05/19/2015 10:21:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamscheduler.exe, versie: 3.0.2.0, tijdstempel: 0x5339cec3 Naam van module met fout: MSVCR100.dll, versie: 10.0.40219.325, tijdstempel: 0x4df2be1e Uitzonderingscode: 0x40000015 Foutoffset: 0x0008d6fd Id van proces met fout: 0xb0c Starttijd van toepassing met fout: 0xmbamscheduler.exe0 Pad naar toepassing met fout: mbamscheduler.exe1 Pad naar module met fout: mbamscheduler.exe2 Rapport-id: mbamscheduler.exe3 System errors: ============= Error: (05/20/2015 07:43:44 PM) (Source: bowser) (EventID: 8003) (User: ) Description: De masterbrowser heeft een servermelding ontvangen van computer NICK-HP die meent de masterbrowser voor het domein te zijn op transport NetBT_Tcpip_{ACDBE4BE-188C-466D-8178-18D4D438C90E}. De masterbrowser wordt gestopt of er wordt een verkiezing afgedwongen. Error: (05/20/2015 07:18:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De MBAMService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (05/20/2015 07:18:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Update Chart Choosing-service kan vanwege de volgende fout niet worden gestart: %%2 Error: (05/20/2015 07:18:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De MBAMScheduler-service kan vanwege de volgende fout niet worden gestart: %%1053 Error: (05/20/2015 07:18:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: MBAMScheduler. Error: (05/20/2015 07:18:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Realtek EAPPkt Protocol-service kan vanwege de volgende fout niet worden gestart: %%1275 Error: (05/20/2015 07:18:05 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\DRIVERS\EAPPkt.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error: (05/19/2015 11:12:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (05/19/2015 11:04:01 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (05/19/2015 11:00:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De MBAMService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= Error: (05/20/2015 07:18:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a9d401d09320f9b7cad0C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe40f81f0b-ff14-11e4-8976-b870f4f31d4e Error: (05/20/2015 07:18:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/20/2015 07:18:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd8f801d09320f0a6126eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll374ee94e-ff14-11e4-8976-b870f4f31d4e Error: (05/19/2015 10:59:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 10:59:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8abb001d09276a39e7533C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeea8ddaa4-fe69-11e4-8f77-b870f4f31d4e Error: (05/19/2015 10:59:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd9fc01d0927698844a2cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dlldff8fcac-fe69-11e4-8f77-b870f4f31d4e Error: (05/19/2015 10:49:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa11a0c01d092754c178ac6C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll98f9bd50-fe68-11e4-9a6b-b870f4f31d4e Error: (05/19/2015 10:22:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 10:21:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8afd401d092715d89fa80C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exea5bf7c77-fe64-11e4-9a6b-b870f4f31d4e Error: (05/19/2015 10:21:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: mbamscheduler.exe3.0.2.05339cec3MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdb0c01d092714b80c866C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll975848ef-fe64-11e4-9a6b-b870f4f31d4e ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz Percentage of memory in use: 41% Total physical RAM: 8043.86 MB Available physical RAM: 4714.86 MB Total Pagefile: 16085.93 MB Available Pagefile: 12413.53 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:501.07 GB) NTFS Drive d: (ac1) (CDROM) (Total:6.37 GB) (Free:0 GB) UDF Drive f: (EOS_DIGITAL) (Removable) (Total:7.39 GB) (Free:0.26 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 2439BF4D) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================