Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01 Ran by Izi at 2015-02-27 18:42:05 Running from G:\fix Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4Videosoft HD Converter 5.2.56 (HKLM-x32\...\{3C97EEE1-8B5F-412c-BF85-201CD6AEAB60}_is1) (Version: 5.2.56 - 4Videosoft Studio) 4Videosoft Video to Audio Converter 5.0.28 (HKLM-x32\...\{341CFE6D-CFBD-47b5-A114-64CC7B08A9C4}_is1) (Version: - ) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit) AML Free Registry Cleaner 4.25 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.) Applian Director 3 (HKLM-x32\...\Applian Director3.01) (Version: 3.01 - Applian Technologies Inc.) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Copernic Desktop Search - Professional (HKLM-x32\...\CopernicDesktopSearch2) (Version: - Copernic Inc.) DirPrinting (HKLM-x32\...\{5035918F-2813-44B6-AABE-9143CE5743B2}) (Version: 0.8.55.0 - MajuSoft) Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.77 - NCH Software) Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 1.97 - NCH Software) FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies) Foucs CD DVD Ripper Deluxe 2.8 (HKLM-x32\...\Foucs CD DVD Ripper Deluxe_is1) (Version: - Focussoft.net) Free Audio Converter version 5.0.56.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Chrome (HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit) Iskit PDF (novaPDF 7.7 printer) (HKLM\...\Iskit PDF_is1) (Version: 7.7.394 - Softland) Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN) K-Lite Codec Pack 3.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 3.30 - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Access Runtime 2013 (HKLM\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 36.0 (x86 he) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 he)) (Version: 36.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) Nero 7 Essentials (HKLM-x32\...\{EF3E420F-2DCF-4C24-8E37-896801901033}) (Version: 7.03.1055 - Nero AG) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.1 - Google, Inc.) Polar Daemon (HKLM-x32\...\{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}) (Version: 2.2.20000 - Polar Electro Oy) Polar WebSync (HKLM-x32\...\{320453EE-6AEA-4E1A-8E64-72F33C0C928F}) (Version: 2.8.10006 - Polar Electro Oy) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation) PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - ) PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.) RecordPad Sound Recorder (HKLM-x32\...\Recordpad) (Version: 5.28 - NCH Software) Replay Converter 4 (HKLM-x32\...\Replay Converter 4) (Version: 4.40 - Applian Technologies Inc.) Replay Media Catcher 5 (5.0.1.54) (HKLM-x32\...\Replay Media Catcher 5) (Version: 5.0.1.54 - Applian Technologies) Replay Media Catcher 6 (6.0.0.60) (HKLM-x32\...\Replay Media Catcher 6) (Version: 6.0.0.60 - Applian Technologies) Replay Media Splitter 2.2.1409.57 (HKLM-x32\...\Replay_Media_Splitter_1.2) (Version: 2.2.1409.57 - Applian Technologies Inc.) Replay Music 7 (7.0.0.30) (HKLM-x32\...\Replay Music 7) (Version: 7.0.0.30 - Applian Technologies) Replay Radio 9 (9.0.1.46) (HKLM-x32\...\Replay Radio 9) (Version: 9.0.1.46 - Applian Technologies) Replay Video Capture 7 (HKLM-x32\...\Replay Video Capture7.4) (Version: 7.4 - Applian Technologies Inc.) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 2.26 - NCH Software) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.65 - NCH Software) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony) ViceVersa Pro 2.5 64-bit (Build 2513) (HKLM\...\ViceVersa Pro Installation_is1) (Version: 2 - TGRMN Software) VVEngine 2.0 (HKLM-x32\...\VVEngine_is1) (Version: 2 - TGRMN Software) WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.) Web Launcher (HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\...\fc3ac04dc8eedef7) (Version: 1.0.0.20 - ShowMyPC) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) Средства проверки правописания Microsoft Office 2013 — русский (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden כלי ההגהה של Microsoft Office 2013 - עברית (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden עסקית (HKLM-x32\...\עסקית) (Version: 15.000 - עסקית) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4153785029-2044526644-2206695350-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Izi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4153785029-2044526644-2206695350-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Izi\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 19-02-2015 22:13:55 Scheduled Checkpoint 27-02-2015 04:22:14 Scheduled Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {068A29BF-6F73-47A1-BC65-E5483F923820} - System32\Tasks\Replay Media Catcher 6 c3cd732b-bb89-4c1f-8f61-f78f019d038a => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {2D66F482-7261-4AFB-8735-C2F459C54351} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001Core => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.) Task: {367F8F4B-B4BD-414D-A670-D6BD70AED11F} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI) Task: {38548728-C5C8-4DE4-BC3F-122354A417FF} - System32\Tasks\TGRMN Software\VVEngine Tasks\Start VVEngine for Izi => C:\program files (x86)\vvengine\vvengine.exe [2010-11-06] (TGRMN Software) Task: {3A6AFB1C-FE46-470B-93DF-FAB161D7A4DE} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {3D64DB9A-5711-483D-9434-FDB1BB45BF6D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {42F11F0B-2BFC-430C-BD50-4238302542D0} - System32\Tasks\Replay Media Catcher 6 1762881b-d634-44da-8a63-5fe12c4bbfc7 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {4777C7C8-CD32-4E36-98EA-90C540BFFA02} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit) Task: {4A3B5108-68BC-471A-B259-3E5E8DF36843} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation) Task: {5AFA2860-EF6C-4EAA-93B1-E5A87143E013} - System32\Tasks\Replay Media Catcher 6 e948a821-352d-4f76-bc62-393270b22415 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {5CFE865A-EFD1-4367-B7E6-FA2779C4727A} - System32\Tasks\Replay Media Catcher 6 e157f82c-d9d7-4520-9532-8d6f724e040d => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {5E35EB79-74CD-40AA-AF68-1899BB4D9649} - System32\Tasks\Uninstaller_SkipUac_Izi => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit) Task: {6244029F-01F2-49FC-B3A8-88FF71985C51} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {631A0400-83D7-4EE7-B6FB-BFA4A538DD9D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001UA => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.) Task: {66A34851-1938-4AEC-908F-7ADC3353272A} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit) Task: {73C8A821-A516-49A6-915F-CE641B4CBA8F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {7EAE0F44-FD6E-484F-A4E9-7B3BD65C1226} - System32\Tasks\{403F08FD-92CA-4630-A19A-985A58CE8539} => pcalua.exe -a G:\fix\switchsetup.exe Task: {7F513DDE-F078-456A-866B-9551B149064D} - System32\Tasks\ASC8_SkipUac_Izi => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit) Task: {AF6DC0EF-BE79-49CB-B09F-BB843E3E0E6C} - System32\Tasks\Replay Media Catcher 6 741dc017-cba0-4676-afdb-e00729251020 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {B1B4B8BF-CCCE-404B-ABE2-3A71824C4B1D} - System32\Tasks\Replay Media Catcher 6 23344bd4-8148-4870-865e-2b0ba74e7804 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {B5741339-ECD6-40BE-ACF3-106095CB2EE0} - System32\Tasks\Replay Radio 9 9cc287de-748a-4260-bec1-0b792a62b4a2 => C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe [2014-05-02] (Jaksta Technologies Pty Ltd) Task: {B600641A-E2AF-4307-A73B-F87992EF7A53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.) Task: {B98927CE-67E3-4441-A531-5335B7D46164} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {BC964E2F-DE0E-4379-A54F-C6E8A1DC087E} - System32\Tasks\Replay Media Catcher 6 f2c356b5-ba55-49ef-b742-c8785ab66904 => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: {C4EB29F7-8A08-41F0-BC6F-5808136FB841} - System32\Tasks\Driver Booster SkipUAC (Izi) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit) Task: {CC459230-2C48-4B23-A4ED-A2CA92A30DE4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated) Task: {CE2F13FC-1D21-491E-A646-6BC819A310CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-09] (Google Inc.) Task: {D17B7128-0983-49EB-8FC5-3CB4D64C451A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation) Task: {D65D50EB-4BDE-49AA-9512-FC3C8389EC6B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-15] (Microsoft Corporation) Task: {DD714390-E6FA-4121-A4AE-3805C60750E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-02] (Microsoft Corporation) Task: {E6FDD1F5-7E4B-4EE6-B48E-72C94383C11F} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {FA51E985-52E7-4B94-BF6B-753780F47CEA} - System32\Tasks\Replay Media Catcher 6 c32a4108-647d-4828-a632-47a87a25851e => C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jrmcp.exe [2015-02-21] (Jaksta Technologies Pty Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC8_SkipUac_Izi.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001Core.job => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4153785029-2044526644-2206695350-1001UA.job => C:\Users\Izi\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Uninstaller_SkipUac_Izi.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============== 2010-03-02 13:41 - 2010-03-02 13:41 - 00027648 _____ () C:\Windows\System32\sxp3ml6.dll 2012-12-12 15:20 - 2012-12-12 15:20 - 00419536 _____ () C:\Program Files (x86)\Polar\Daemon\polard.exe 2015-01-30 22:35 - 2007-05-14 14:54 - 00272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe 2015-02-26 07:28 - 2015-02-26 07:28 - 00016896 _____ () C:\Program Files\KMSpico\WinDivert.dll 2014-01-30 09:02 - 2014-01-30 09:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-02-26 16:59 - 2013-02-26 16:59 - 06227512 _____ () C:\Program Files (x86)\Polar\WebSync\WebSync.exe 2015-02-19 22:09 - 2015-02-17 11:06 - 00011536 _____ () C:\Program Files (x86)\TeamViewer\outlook\ManagedAggregator.dll 2012-10-02 06:36 - 2012-10-02 06:36 - 01408624 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll 2012-10-02 06:36 - 2012-10-02 06:36 - 00401024 _____ () C:\Program Files\Microsoft Office\Office15\msfad.dll 2015-01-30 22:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-01-30 22:38 - 2014-10-16 20:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2012-12-12 15:20 - 2012-12-12 15:20 - 03483856 _____ () C:\Program Files (x86)\Polar\Daemon\libpolar.dll 2013-02-26 16:59 - 2013-02-26 16:59 - 00110648 _____ () C:\Program Files (x86)\Polar\WebSync\PTransform.dll 2013-02-26 16:59 - 2013-02-26 16:59 - 03722296 _____ () C:\Program Files (x86)\Polar\WebSync\libpolar.dll 2010-02-10 16:06 - 2010-02-10 16:06 - 00334848 _____ () C:\Program Files (x86)\Polar\WebSync\QtXml4.dll 2010-02-10 16:22 - 2010-02-10 16:22 - 07971840 _____ () C:\Program Files (x86)\Polar\WebSync\QtGui4.dll 2010-02-10 16:07 - 2010-02-10 16:07 - 00929280 _____ () C:\Program Files (x86)\Polar\WebSync\QtNetwork4.dll 2011-01-14 16:01 - 2011-01-14 16:01 - 02142720 _____ () C:\Program Files (x86)\Polar\WebSync\QtCore4.dll 2010-02-10 18:45 - 2010-02-10 18:45 - 00025600 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qgif4.dll 2010-02-10 18:45 - 2010-02-10 18:45 - 00119808 _____ () C:\Program Files (x86)\Polar\WebSync\imageformats\qjpeg4.dll 2015-01-30 22:38 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2015-01-30 22:38 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2015-01-30 22:38 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2015-02-21 10:52 - 2015-02-21 10:52 - 00109568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\jscr\513723306b15bad96d4bbbd552a650de\jscr.ni.dll 2014-05-28 19:48 - 2014-06-20 22:27 - 00053600 _____ () C:\Program Files (x86)\Replay Video Capture 7\Bin\virtual-audio.dll 2015-02-21 10:52 - 2015-02-21 10:52 - 02183680 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\jguides\02cf55ecacf5f6be7a168fe1f9d5f640\jguides.ni.dll 2015-02-21 04:24 - 2015-02-21 04:24 - 01590272 _____ () C:\Program Files (x86)\Applian Technologies\Replay Media Catcher 6\jalw.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Izi\Pictures\image-1.jpg DNS Servers: 10.0.0.138 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4153785029-2044526644-2206695350-1001\...\StartupApproved\Run: => "Linkey" ==================== Accounts: ============================= Administrator (S-1-5-21-4153785029-2044526644-2206695350-500 - Administrator - Disabled) Guest (S-1-5-21-4153785029-2044526644-2206695350-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4153785029-2044526644-2206695350-1005 - Limited - Enabled) Izi (S-1-5-21-4153785029-2044526644-2206695350-1001 - Administrator - Enabled) => C:\Users\Izi ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/27/2015 06:36:52 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:35:42 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:35:35 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:31:15 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:31:07 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:22:13 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Scheduled Run) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 04:27:27 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 11:50:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0 Faulting module name: ntdll.dll, version: 6.3.9600.17630, time stamp: 0x54b0d74f Exception code: 0xc0000005 Fault offset: 0x00054d65 Faulting process id: 0x2118 Faulting application start time: 0xwmplayer.exe0 Faulting application path: wmplayer.exe1 Faulting module path: wmplayer.exe2 Report Id: wmplayer.exe3 Faulting package full name: wmplayer.exe4 Faulting package-relative application ID: wmplayer.exe5 Error: (02/27/2015 11:50:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0 Faulting module name: ntdll.dll, version: 6.3.9600.17630, time stamp: 0x54b0d74f Exception code: 0xc0000005 Fault offset: 0x00054d65 Faulting process id: 0x2384 Faulting application start time: 0xwmplayer.exe0 Faulting application path: wmplayer.exe1 Faulting module path: wmplayer.exe2 Report Id: wmplayer.exe3 Faulting package full name: wmplayer.exe4 Faulting package-relative application ID: wmplayer.exe5 Error: (02/27/2015 11:49:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0 Faulting module name: ntdll.dll, version: 6.3.9600.17630, time stamp: 0x54b0d74f Exception code: 0xc0000005 Fault offset: 0x00054d65 Faulting process id: 0x14fc Faulting application start time: 0xwmplayer.exe0 Faulting application path: wmplayer.exe1 Faulting module path: wmplayer.exe2 Report Id: wmplayer.exe3 Faulting package full name: wmplayer.exe4 Faulting package-relative application ID: wmplayer.exe5 System errors: ============= Error: (02/27/2015 11:24:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: %%2 Error: (02/27/2015 11:24:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMProtector service failed to start due to the following error: %%2 Error: (02/27/2015 11:24:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: %%2 Error: (02/27/2015 11:24:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMProtector service failed to start due to the following error: %%2 Error: (02/27/2015 04:15:11 AM) (Source: DCOM) (EventID: 10010) (User: Izi-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/27/2015 04:14:41 AM) (Source: DCOM) (EventID: 10010) (User: Izi-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/26/2015 08:00:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: %%2 Error: (02/26/2015 08:00:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The MBAMProtector service failed to start due to the following error: %%2 Error: (02/26/2015 07:38:04 AM) (Source: DCOM) (EventID: 10010) (User: Izi-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/26/2015 07:37:34 AM) (Source: DCOM) (EventID: 10010) (User: Izi-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Microsoft Office Sessions: ========================= Error: (02/27/2015 06:36:52 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:35:42 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:35:35 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:31:15 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:31:07 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 06:22:13 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Scheduled Run) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 04:27:27 PM) (Source: VVEngine) (EventID: 103) (User: Izi-PC) Description: [D:\Izi\Documents\ViceVersa PRO\profile4.fsf] Profile finished. Result "(Changes Detected) - Execution completed with file copy/delete errors.". Exit Code: 3. Error: (02/27/2015 11:50:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: wmplayer.exe12.0.9600.17415545046f0ntdll.dll6.3.9600.1763054b0d74fc000000500054d65211801d05272da36923fC:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\SYSTEM32\ntdll.dll181c9668-be66-11e4-8281-50e549c50069 Error: (02/27/2015 11:50:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: wmplayer.exe12.0.9600.17415545046f0ntdll.dll6.3.9600.1763054b0d74fc000000500054d65238401d05272c4510617C:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\SYSTEM32\ntdll.dll0239c9e2-be66-11e4-8281-50e549c50069 Error: (02/27/2015 11:49:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: wmplayer.exe12.0.9600.17415545046f0ntdll.dll6.3.9600.1763054b0d74fc000000500054d6514fc01d05272ac198361C:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\Windows\SYSTEM32\ntdll.dlle9feeb43-be65-11e4-8281-50e549c50069 CodeIntegrity Errors: =================================== Date: 2015-02-26 07:37:05.543 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-23 03:51:15.912 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-21 09:28:49.356 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-20 08:20:37.111 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-19 22:03:18.972 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-16 04:56:52.433 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-15 01:18:32.398 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-13 16:08:07.133 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-12 07:11:07.256 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-10 17:15:30.343 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Percentage of memory in use: 75% Total physical RAM: 4013.11 MB Available physical RAM: 968.9 MB Total Pagefile: 8109.11 MB Available Pagefile: 3473.5 MB Total Virtual: 131072 MB Available Virtual: 131071.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.45 GB) (Free:58.89 GB) NTFS Drive d: (Data ) (Fixed) (Total:1863.01 GB) (Free:995.57 GB) NTFS Drive e: (New Volume) (Fixed) (Total:229.49 GB) (Free:37.03 GB) NTFS Drive f: (New Volume) (Fixed) (Total:236.27 GB) (Free:46.71 GB) NTFS Drive g: (My Book) (Fixed) (Total:931.51 GB) (Free:676.7 GB) NTFS Drive h: (LaCie) (Fixed) (Total:2762.52 GB) (Free:1945.99 GB) NTFS Drive i: (LACIE SHARE) (Fixed) (Total:31.99 GB) (Free:20.62 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E448E101) Partition 1: (Not Active) - (Size=229.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=236.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7C372688) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 72422196) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ======================================================== Disk: 4 (Size: 931.5 GB) (Disk ID: E8900690) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================