Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2015 Ran by Izi at 2015-02-24 13:41:58 Running from G:\fix Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4Videosoft HD Converter 5.2.56 (HKLM-x32\...\{3C97EEE1-8B5F-412c-BF85-201CD6AEAB60}_is1) (Version: 5.2.56 - 4Videosoft Studio) 4Videosoft Video to Audio Converter 5.0.28 (HKLM-x32\...\{341CFE6D-CFBD-47b5-A114-64CC7B08A9C4}_is1) (Version: - ) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit) AML Free Registry Cleaner 4.25 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.) Applian Director 3 (HKLM-x32\...\Applian Director3.01) (Version: 3.01 - Applian Technologies Inc.) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Copernic Desktop Search - Professional (HKLM-x32\...\CopernicDesktopSearch2) (Version: - Copernic Inc.) DirPrinting (HKLM-x32\...\{5035918F-2813-44B6-AABE-9143CE5743B2}) (Version: 0.8.55.0 - MajuSoft) Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.77 - NCH Software) Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 1.97 - NCH Software) FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies) Foucs CD DVD Ripper Deluxe 2.8 (HKLM-x32\...\Foucs CD DVD Ripper Deluxe_is1) (Version: - Focussoft.net) Free Audio Converter version 5.0.56.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Chrome (HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit) Iskit PDF (novaPDF 7.7 printer) (HKLM\...\Iskit PDF_is1) (Version: 7.7.394 - Softland) Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN) K-Lite Codec Pack 3.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 3.30 - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Access Runtime 2013 (HKLM\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla) Nero 7 Essentials (HKLM-x32\...\{EF3E420F-2DCF-4C24-8E37-896801901033}) (Version: 7.03.1055 - Nero AG) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.1 - Google, Inc.) Polar Daemon (HKLM-x32\...\{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}) (Version: 2.2.20000 - Polar Electro Oy) Polar WebSync (HKLM-x32\...\{320453EE-6AEA-4E1A-8E64-72F33C0C928F}) (Version: 2.8.10006 - Polar Electro Oy) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation) PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - ) PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.) RecordPad Sound Recorder (HKLM-x32\...\Recordpad) (Version: 5.28 - NCH Software) Replay Converter 4 (HKLM-x32\...\Replay Converter 4) (Version: 4.40 - Applian Technologies Inc.) Replay Media Catcher 5 (5.0.1.54) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.1.54 - Applian Technologies) Replay Media Catcher 6 (6.0.0.60) (HKLM-x32\...\Replay Media Catcher 6) (Version: 6.0.0.60 - Applian Technologies) Replay Media Splitter 2.2.1409.57 (HKLM-x32\...\Replay_Media_Splitter_1.2) (Version: 2.2.1409.57 - Applian Technologies Inc.) Replay Music 7 (7.0.0.30) (HKLM-x32\...\Replay Music 7) (Version: 7.0.0.30 - Applian Technologies) Replay Radio 9 (9.0.1.46) (HKLM-x32\...\Replay Radio 9) (Version: 9.0.1.46 - Applian Technologies) Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.4) (Version: 7.4 - Applian Technologies Inc.) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 2.26 - NCH Software) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.65 - NCH Software) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony) ViceVersa Pro 2.5 64-bit (Build 2513) (HKLM\...\ViceVersa Pro Installation_is1) (Version: 2 - TGRMN Software) VVEngine 2.0 (HKLM-x32\...\VVEngine_is1) (Version: 2 - TGRMN Software) WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.) Web Launcher (HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\...\fc3ac04dc8eedef7) (Version: 1.0.0.20 - ShowMyPC) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) Средства проверки правописания Microsoft Office 2013 — русский (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden כלי ההגהה של Microsoft Office 2013 - עברית (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden עסקית (HKLM-x32\...\עסקית) (Version: 15.000 - עסקית) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4153785029-2044526644-2206695350-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Izi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4153785029-2044526644-2206695350-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Izi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 19-02-2015 22:13:55 Scheduled Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {068A29BF-6F73-47A1-BC65-E5483F923820} - System32\Tasks\Replay Media Catcher 6 c3cd732b-bb89-4c1f-8f61-f78f019d038a => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {2D66F482-7261-4AFB-8735-C2F459C54351} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001Core => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.) Task: {367F8F4B-B4BD-414D-A670-D6BD70AED11F} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI) Task: {38548728-C5C8-4DE4-BC3F-122354A417FF} - System32\Tasks\TGRMN Software\VVEngine Tasks\Start VVEngine for Izi => C:\program files (x86)\vvengine\vvengine.exe [2010-11-06] (TGRMN Software) Task: {3A6AFB1C-FE46-470B-93DF-FAB161D7A4DE} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {42F11F0B-2BFC-430C-BD50-4238302542D0} - System32\Tasks\Replay Media Catcher 6 1762881b-d634-44da-8a63-5fe12c4bbfc7 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {4777C7C8-CD32-4E36-98EA-90C540BFFA02} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit) Task: {4A3B5108-68BC-471A-B259-3E5E8DF36843} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation) Task: {5AFA2860-EF6C-4EAA-93B1-E5A87143E013} - System32\Tasks\Replay Media Catcher 6 e948a821-352d-4f76-bc62-393270b22415 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {5CFE865A-EFD1-4367-B7E6-FA2779C4727A} - System32\Tasks\Replay Media Catcher 6 e157f82c-d9d7-4520-9532-8d6f724e040d => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {6244029F-01F2-49FC-B3A8-88FF71985C51} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {631A0400-83D7-4EE7-B6FB-BFA4A538DD9D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001UA => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.) Task: {66A34851-1938-4AEC-908F-7ADC3353272A} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit) Task: {73C8A821-A516-49A6-915F-CE641B4CBA8F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {7EAE0F44-FD6E-484F-A4E9-7B3BD65C1226} - System32\Tasks\{403F08FD-92CA-4630-A19A-985A58CE8539} => pcalua.exe -a G:\fix\switchsetup.exe Task: {7F513DDE-F078-456A-866B-9551B149064D} - System32\Tasks\ASC8_SkipUac_Izi => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit) Task: {959BD1E4-4408-448D-AB6E-E887B5EC5E37} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-15] (Microsoft Corporation) Task: {A34400C3-818B-4739-B522-8D36FDAF998A} - System32\Tasks\Uninstaller_SkipUac_Izi => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit) Task: {AF6DC0EF-BE79-49CB-B09F-BB843E3E0E6C} - System32\Tasks\Replay Media Catcher 6 741dc017-cba0-4676-afdb-e00729251020 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {B1B4B8BF-CCCE-404B-ABE2-3A71824C4B1D} - System32\Tasks\Replay Media Catcher 6 23344bd4-8148-4870-865e-2b0ba74e7804 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {B5741339-ECD6-40BE-ACF3-106095CB2EE0} - System32\Tasks\Replay Radio 9 9cc287de-748a-4260-bec1-0b792a62b4a2 => C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe [2014-05-02] (Jaksta Technologies Pty Ltd) Task: {B600641A-E2AF-4307-A73B-F87992EF7A53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.) Task: {B98927CE-67E3-4441-A531-5335B7D46164} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {BC964E2F-DE0E-4379-A54F-C6E8A1DC087E} - System32\Tasks\Replay Media Catcher 6 f2c356b5-ba55-49ef-b742-c8785ab66904 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {C4EB29F7-8A08-41F0-BC6F-5808136FB841} - System32\Tasks\Driver Booster SkipUAC (Izi) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit) Task: {CC459230-2C48-4B23-A4ED-A2CA92A30DE4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated) Task: {CE2F13FC-1D21-491E-A646-6BC819A310CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.) Task: {D17B7128-0983-49EB-8FC5-3CB4D64C451A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation) Task: {DD714390-E6FA-4121-A4AE-3805C60750E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation) Task: {E6FDD1F5-7E4B-4EE6-B48E-72C94383C11F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {FA51E985-52E7-4B94-BF6B-753780F47CEA} - System32\Tasks\Replay Media Catcher 6 c32a4108-647d-4828-a632-47a87a25851e => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC8_SkipUac_Izi.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001Core.job => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001UA.job => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Uninstaller_SkipUac_Izi.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============== 2010-03-02 13:41 - 2010-03-02 13:41 - 00027648 _____ () C:\Windows\System32\sxp3ml6.dll 2012-12-12 15:20 - 2012-12-12 15:20 - 00419536 _____ () C:\Program Files (x86)\Polar\Daemon\polard.exe 2015-01-30 22:35 - 2007-05-14 14:54 - 00272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe 2014-01-30 09:02 - 2014-01-30 09:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-02-19 22:09 - 2015-02-17 11:06 - 00011536 _____ () C:\Program Files (x86)\TeamViewer\outlook\ManagedAggregator.dll 2012-10-02 06:36 - 2012-10-02 06:36 - 01408624 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll 2012-10-02 06:36 - 2012-10-02 06:36 - 00401024 _____ () C:\Program Files\Microsoft Office\Office15\msfad.dll 2015-02-20 13:26 - 2015-02-18 03:34 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll 2015-02-20 13:26 - 2015-02-18 03:34 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll 2015-02-20 13:26 - 2015-02-18 03:34 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll 2015-02-20 13:26 - 2015-02-18 03:34 - 26771784 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll 2015-01-30 22:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-01-30 22:38 - 2014-10-16 20:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2012-12-12 15:20 - 2012-12-12 15:20 - 03483856 _____ () C:\Program Files (x86)\Polar\Daemon\libpolar.dll 2015-01-30 22:38 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2015-01-30 22:38 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2015-01-30 22:38 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2015-02-21 10:52 - 2015-02-21 10:52 - 00109568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\jscr\513723306b15bad96d4bbbd552a650de\jscr.ni.dll 2015-02-21 10:52 - 2015-02-21 10:52 - 02183680 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\jguides\02cf55ecacf5f6be7a168fe1f9d5f640\jguides.ni.dll 2015-02-21 04:24 - 2015-02-21 04:24 - 01590272 _____ () C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jalw.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Izi\Pictures\image-1.jpg DNS Servers: 10.0.0.138 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\...\StartupApproved\Run: => "Linkey" ==================== Accounts: ============================= Administrator (S-1-5-21-4153785029-2044526644-2206695350-500 - Administrator - Disabled) Guest (S-1-5-21-4153785029-2044526644-2206695350-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4153785029-2044526644-2206695350-1005 - Limited - Enabled) Izi (S-1-5-21-4153785029-2044526644-2206695350-1001 - Administrator - Enabled) => C:\Users\Izi ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/23/2015 10:48:11 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile2.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 10:33:13 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile1.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:30:05 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:29:54 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:29:40 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:29:28 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:07:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0 Faulting module name: ntdll.dll, version: 6.3.9600.17630, time stamp: 0x54b0d74f Exception code: 0xc0000005 Fault offset: 0x00054d65 Faulting process id: 0x22e8 Faulting application start time: 0xwmplayer.exe0 Faulting application path: wmplayer.exe1 Faulting module path: wmplayer.exe2 Report Id: wmplayer.exe3 Faulting package full name: wmplayer.exe4 Faulting package-relative application ID: wmplayer.exe5 Error: (02/23/2015 09:01:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0 Faulting module name: ntdll.dll, version: 6.3.9600.17630, time stamp: 0x54b0d74f Exception code: 0xc0000005 Fault offset: 0x00054d65 Faulting process id: 0x20ec Faulting application start time: 0xwmplayer.exe0 Faulting application path: wmplayer.exe1 Faulting module path: wmplayer.exe2 Report Id: wmplayer.exe3 Faulting package full name: wmplayer.exe4 Faulting package-relative application ID: wmplayer.exe5 Error: (02/23/2015 08:58:33 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 08:58:22 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. System errors: ============= Error: (02/24/2015 06:24:34 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105. Error: (02/23/2015 09:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 802. Error: (02/23/2015 09:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 1106. Error: (02/23/2015 09:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 802. Error: (02/23/2015 09:39:52 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 1106. Error: (02/23/2015 08:22:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMWebAccessControl service failed to start due to the following error: %%2 Error: (02/23/2015 08:22:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMWebAccessControl service failed to start due to the following error: %%2 Error: (02/23/2015 08:22:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMWebAccessControl service failed to start due to the following error: %%2 Error: (02/23/2015 08:22:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMWebAccessControl service failed to start due to the following error: %%2 Error: (02/23/2015 08:18:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMWebAccessControl service failed to start due to the following error: %%2 Microsoft Office Sessions: ========================= Error: (02/23/2015 10:48:11 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile2.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 10:33:13 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile1.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:30:05 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:29:54 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:29:40 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:29:28 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 09:07:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wmplayer.exe12.0.9600.17415545046f0ntdll.dll6.3.9600.1763054b0d74fc000000500054d6522e801d04f9bf73282ceC:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\SYSTEM32\ntdll.dll364293ff-bb8f-11e4-8280-50e549c50069 Error: (02/23/2015 09:01:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: wmplayer.exe12.0.9600.17415545046f0ntdll.dll6.3.9600.1763054b0d74fc000000500054d6520ec01d04f9b25e556e3C:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\SYSTEM32\ntdll.dll64e64a53-bb8e-11e4-8280-50e549c50069 Error: (02/23/2015 08:58:33 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/23/2015 08:58:22 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. CodeIntegrity Errors: =================================== Date: 2015-02-23 03:51:15.912 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-21 09:28:49.356 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-20 08:20:37.111 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-19 22:03:18.972 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-16 04:56:52.433 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-15 01:18:32.398 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-13 16:08:07.133 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-12 07:11:07.256 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-10 17:15:30.343 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Percentage of memory in use: 80% Total physical RAM: 4013.11 MB Available physical RAM: 801.75 MB Total Pagefile: 8109.11 MB Available Pagefile: 3641.87 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.45 GB) (Free:59.93 GB) NTFS Drive d: (Data ) (Fixed) (Total:1863.01 GB) (Free:996.54 GB) NTFS Drive e: (New Volume) (Fixed) (Total:229.49 GB) (Free:37.03 GB) NTFS Drive f: (New Volume) (Fixed) (Total:236.27 GB) (Free:46.71 GB) NTFS Drive g: (My Book) (Fixed) (Total:931.51 GB) (Free:676.71 GB) NTFS Drive h: (LaCie) (Fixed) (Total:2762.52 GB) (Free:1945.99 GB) NTFS Drive i: (LACIE SHARE) (Fixed) (Total:31.99 GB) (Free:20.62 GB) FAT32 Drive l: (IZI MANN) (Fixed) (Total:931.28 GB) (Free:335.45 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E448E101) Partition 1: (Not Active) - (Size=229.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=236.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7C372688) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 72422196) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ======================================================== Disk: 4 (Size: 931.5 GB) (Disk ID: E8900690) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 931.5 GB) (Disk ID: 5A76E4D3) Partition 1: (Active) - (Size=931.5 GB) - (Type=0C) ==================== End Of Log ============================