Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 Ran by ADMIN (2015-08-21 14:58:56) Running from C:\Users\ADMIN\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= ADMIN (S-1-5-21-1363529525-2713863930-2083128457-1000 - Administrator - Enabled) => C:\Users\ADMIN Administrator (S-1-5-21-1363529525-2713863930-2083128457-500 - Administrator - Disabled) Gość (S-1-5-21-1363529525-2713863930-2083128457-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) android_driver_install.exe (HKLM-x32\...\android_driver_install_is1) (Version: - android) Angry Birds Breakfast 1 (HKLM-x32\...\{DE5BE262-C5E7-49B2-A673-56A3E2522F06}) (Version: 1.0.16 - Rovio Entertainment Ltd.) Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.3.2225 - AVAST Software) Barbie(R) idesign(TM) Ultimate Stylist(TM) (HKLM-x32\...\{3EDF07A0-0362-4881-A772-ED4E66D3084A}) (Version: 1.00.0000 - Nazwa firmy) DFX (HKLM-x32\...\DFX) (Version: 11.306.0.0 - Power Technology) Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Free Time) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Imagine (HKLM-x32\...\Imagine) (Version: Version 2.0.0.315 - ) Imagine Plugin (HKLM-x32\...\ImaginePlugin) (Version: Version 2.0.0.315 - ) iVMS-4200(v2.00) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.00.04.51 - company) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mini Monitoring 2.2.0.2 (HKLM-x32\...\"Mini Monitoring"_is1) (Version: 2.2.0.2 - Dyzmond Software) Mozilla Firefox 40.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pl)) (Version: 40.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla) Mozilla Thunderbird 38.0.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 38.0.1 (x86 pl)) (Version: 38.0.1 - Mozilla) MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden NetVideoOCX (HKLM-x32\...\{218DC364-238A-4042-AB29-986033979122}) (Version: 1.00.0000 - hikvision) Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - Google, Inc (androidusb) USB (12/11/2012 1.0.0009.00000) (HKLM\...\8E3B176889FB79CA6FE02DF2D2D6DE38BD9FC9F6) (Version: 12/11/2012 1.0.0009.00000 - Google, Inc) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) Pakiet sterowników systemu Windows - Qualcomm (qcusbnet) Net (10/16/2012 1.0.7.9) (HKLM\...\C03E573DE1B7F7DE10352D707DF6C7E88C0FAA03) (Version: 10/16/2012 1.0.7.9 - Qualcomm) Pakiet sterowników systemu Windows - Qualcomm Incorporated (qcusbser) Modem (10/26/2012 2.1.0.3) (HKLM\...\19E621CD1BB015A1069EB53B72E2877DC34F038C) (Version: 10/26/2012 2.1.0.3 - Qualcomm Incorporated) Pakiet sterowników systemu Windows - Qualcomm Incorporated (qcusbser) Ports (10/26/2012 2.1.0.3) (HKLM\...\521149B020D2896EF887ED07E9FC74DD0C29C17A) (Version: 10/26/2012 2.1.0.3 - Qualcomm Incorporated) Panel sterowania NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia) PITy2014 IPS 1.6 kompilacja:1.6.2.15 (HKLM-x32\...\PITy2014IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Skarby Montezumy (HKLM-x32\...\Skarby Montezumy) (Version: 1.0.0.0 - Alawar Entertainment Inc.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden The Sims™ 4 Demo Stwórz Sima (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.) Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts) Tools (HKLM-x32\...\{9B5AA48E-8104-47FA-A8D8-F35DAADC7CC8}) (Version: 1.2.0.5 - hikvision) Unity Web Player (HKU\S-1-5-21-1363529525-2713863930-2083128457-1000\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - ) WinPcap 4.0.2 (HKLM-x32\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies) WinRAR 5.20 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wise Auto Shutdown 1.44 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.44 - WiseCleaner.com, Inc.) Wise Care 365 2.99 (HKLM-x32\...\Wise Care 365_is1) (Version: 2.99 - WiseCleaner.com, Inc.) Wise JetSearch 1.46 (HKLM-x32\...\Wise JetSearch_is1) (Version: 1.46 - WiseCleaner.com, Inc.) Wise Memory Optimizer 3.24 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.24 - WiseCleaner.com, Inc.) Wise PC 1stAid 1.35 (HKLM-x32\...\Wise PC 1stAid_is1) (Version: 1.35 - WiseCleaner.com, Inc.) Wise Program Uninstaller 1.63 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 1.63 - WiseCleaner.com, Inc.) Wise System Monitor 1.31 (HKLM-x32\...\Wise System Monitor_is1) (Version: 1.31 - WiseCleaner.com, Inc.) XnView 2.05 (HKLM-x32\...\XnView_is1) (Version: 2.05 - Gougelet Pierre-e) Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1363529525-2713863930-2083128457-1000_Classes\CLSID\{E30B3284-1DB0-5667-F559-E6C84CC915DE}\InprocServer32 -> no filepath ==================== Restore Points ========================= 17-08-2015 16:23:31 Zaplanowany punkt kontrolny 20-08-2015 21:06:47 Windows Update 21-08-2015 00:10:34 Windows Update 21-08-2015 12:33:16 Zaplanowany punkt kontrolny ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2DED3A1F-625E-413B-BDF0-4B259F8C393A} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2015-04-30] (WiseCleaner.COM) Task: {3A805615-7196-4B24-8584-D62F154CCAC5} - System32\Tasks\{2AE3F52F-48E9-400F-84CF-8EA0592AFC23} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1045 Task: {607679A9-0C8E-476C-8288-3490346D03AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated) Task: {650C3C79-3C88-4897-9A42-DB07B22EC7B8} - System32\Tasks\{408B472F-4C0F-41ED-A0A7-F38CB7CD3FF6} => pcalua.exe -a "D:\Program Files (x86)\Uninstall.exe" Task: {FBE3B822-992C-46CA-AF10-A0DB6D9299D6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-10] (AVAST Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe ==================== Loaded Modules (Whitelisted) ============== 2015-01-06 23:00 - 2014-07-17 11:34 - 06149632 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\iVMS-4200.exe 2015-01-06 23:00 - 2014-07-16 11:00 - 00074240 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\StreamServerApp.exe 2015-01-06 23:00 - 2014-07-16 11:00 - 00045056 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\WatchDog.exe 2015-01-06 23:00 - 2014-07-16 11:00 - 00069701 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200 Web\WebServer.exe 2015-01-06 23:00 - 2014-07-16 11:00 - 02598912 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200 Web\Server\nginx.exe 2015-04-06 15:59 - 2015-08-10 20:24 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-06 15:59 - 2015-08-10 20:24 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-08-20 21:05 - 2015-08-20 21:05 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15082001\algo.dll 2015-03-14 00:19 - 2015-04-06 15:59 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-01-06 23:00 - 2014-07-17 11:25 - 01988608 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\iVMSGUIToolkit.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 02424899 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\HCNetSDK.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 00323624 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\hpr.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00520234 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\sqlite3.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00144896 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\SendMail.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00442425 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\Sadp.dll 2015-01-06 23:00 - 2014-07-17 11:19 - 00135680 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\Base.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00987136 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\libxml2.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00077824 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\zlib1.dll 2015-01-06 23:00 - 2014-07-17 11:19 - 00128000 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\MultimediaComm.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 01392693 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PlayCtrl.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00135284 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\AnalyzeData.dll 2015-01-06 23:00 - 2014-07-17 11:20 - 00169472 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PreviewLogical.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00193024 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\LocalStorage.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 00290816 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\client.dll 2015-01-06 23:00 - 2014-07-17 11:21 - 00404992 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PlaybackLogical.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 00233564 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\HDFileSDK.dll 2015-01-06 23:00 - 2014-07-17 11:21 - 00501248 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\NetworkComm.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00056832 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\CommLibSvr.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 00037376 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\CommLibClt.dll 2015-01-06 23:00 - 2014-07-17 11:20 - 00312320 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\DatabaseUpdate.dll 2015-01-06 23:00 - 2014-07-17 11:27 - 01136128 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\UiDataController.dll 2015-01-06 23:00 - 2014-07-17 11:18 - 00028160 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\KeyBoard.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 13100032 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\ShowRemConfig.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00303177 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\SerialSDK.dll 2015-01-06 23:00 - 2014-07-17 11:19 - 03458560 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\plugins\skins\GreyRedSkin.dll 2015-01-06 23:00 - 2014-07-17 11:21 - 00047104 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\plugins\styles\iVMSStyleToolkit.dll 2015-01-06 23:00 - 2014-07-17 11:35 - 00970240 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\EncodeDevicePlugin.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00079872 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PACKET.dll 2015-01-06 23:00 - 2014-07-17 11:29 - 00778240 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\DecodeDevicePlugin.dll 2015-01-06 23:00 - 2014-07-17 11:28 - 01348096 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\MainViewPlugin.dll 2015-01-06 23:00 - 2014-07-17 11:30 - 01077760 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\PlaybackPlugin.dll 2015-01-06 23:00 - 2014-07-17 11:35 - 01552384 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\EMapPlugin.dll 2015-01-06 23:00 - 2014-07-17 11:37 - 01934848 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\TVWallPlugin.dll 2015-01-06 23:00 - 2014-07-16 10:54 - 00262246 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamTransClient.dll 2015-01-06 23:00 - 2014-07-16 10:53 - 00208992 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\SystemTransform.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00106581 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\Common.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00126464 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\Base.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00118784 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hpr.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00108032 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\StreamServer.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00160768 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\RTSPServer.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00025088 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\TransportEngine.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 01323520 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hlog.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00207872 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\SystemTransform.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00254976 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\IndexGenerator.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 01912919 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\PlayCtrl.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00030208 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\StreamLayer.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00044544 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\PluginManager.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00162304 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\vodlayer.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00215552 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hplug.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 02080837 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\HCNetSDK.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00020992 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hplugin\frameformat.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00045162 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hplugin\AnalyzeData.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00226304 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hplugin\devstorelayer.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00271360 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\hplugin\hsoap.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00038400 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\DevicePlugin.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00080384 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\DeviceNetSDK.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00024064 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\DeviceStreamClient.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00058368 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\StreamServer\DeviceRtspClient.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00036864 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200 Web\PHP\ext\php_hcnetsdk.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 02076741 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200 Web\PHP\HCNetSDK.dll 2015-01-06 23:00 - 2014-07-16 11:00 - 00057344 _____ () C:\Program Files\iVMS-4200 Station\iVMS-4200 Web\PHP\ext\php_bcompiler.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1363529525-2713863930-2083128457-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img20.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{414689BC-8288-47F1-B33E-F5F9FC2D33DC}] => (Allow) LPort=80 FirewallRules: [{F1863A80-409E-42D1-B771-2C9F89911553}] => (Allow) LPort=80 FirewallRules: [{2EDA0BF4-F53F-4D66-AF7A-F6F10E0145F9}] => (Allow) LPort=80 FirewallRules: [TCP Query User{AEEB4BA3-F804-440D-81A9-3D2E5E16705D}C:\program files\ivms-4200 station\ivms-4200 web\server\nginx.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 web\server\nginx.exe FirewallRules: [UDP Query User{E4B31248-DF3E-4ADA-B338-2605AF6AAF2A}C:\program files\ivms-4200 station\ivms-4200 web\server\nginx.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 web\server\nginx.exe FirewallRules: [TCP Query User{9628A31B-C8BE-4F9D-8EE4-DEFD3A3F61DA}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe FirewallRules: [UDP Query User{692A3CB9-AFE4-4DB2-A8A4-9EA2D1F2A58C}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\streamserver\streamserverapp.exe FirewallRules: [TCP Query User{4E018696-C12C-4529-8B22-50A2839719AB}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe FirewallRules: [UDP Query User{3AECCDC0-005A-4931-8549-117354FE84EA}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe FirewallRules: [TCP Query User{AC01B259-4C91-4B0B-BD2B-EE8C5C49229E}C:\Program Files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Block) C:\Program Files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe FirewallRules: [UDP Query User{BC648FD5-0295-4C8A-A6D3-9A2E5E0CA1B4}C:\Program Files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Block) C:\Program Files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe FirewallRules: [TCP Query User{8C3468E2-8B7A-4720-9239-2DAC96A43D3D}C:\Program Files\ivms-4200 station\ivms-4200 web\Server\nginx.exe] => (Block) C:\Program Files\ivms-4200 station\ivms-4200 web\Server\nginx.exe FirewallRules: [UDP Query User{C8C3A3E4-0217-4087-A7F4-C321D5D18F4F}C:\Program Files\ivms-4200 station\ivms-4200 web\Server\nginx.exe] => (Block) C:\Program Files\ivms-4200 station\ivms-4200 web\Server\nginx.exe FirewallRules: [TCP Query User{84B2D7CF-49DC-413D-BF53-457C2FE465A6}C:\Program Files\ivms-4200 station\ivms-4200 web\PHP\php-cgi.exe] => (Block) C:\Program Files\ivms-4200 station\ivms-4200 web\PHP\php-cgi.exe FirewallRules: [UDP Query User{038358F7-30F8-4825-9CF8-9D3B4A66B4BA}C:\Program Files\ivms-4200 station\ivms-4200 web\PHP\php-cgi.exe] => (Block) C:\Program Files\ivms-4200 station\ivms-4200 web\PHP\php-cgi.exe FirewallRules: [TCP Query User{D2A58EF4-A533-49FE-8603-D49D162AC50D}C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe FirewallRules: [UDP Query User{1DC576A2-A031-4382-B799-DFFE508749A7}C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 web\php\php-cgi.exe FirewallRules: [{9FBD6E03-5F98-456C-A97C-920FCF979546}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe FirewallRules: [{1E1B31EF-8F36-4341-99E6-CAE00D32E225}] => (Allow) D:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe FirewallRules: [{C0D719C8-B470-45C3-B483-62A0C4C3AADF}] => (Allow) D:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe FirewallRules: [{D250F0F4-8E31-49A2-A906-C8401436BC6D}] => (Allow) D:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe FirewallRules: [TCP Query User{E605EFF3-6EE7-4A67-8940-59A396D0AA77}C:\program files\ivms-4200 station\ivms-4200 pcnvr\storage service.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 pcnvr\storage service.exe FirewallRules: [UDP Query User{C2BBB9EC-4513-4391-B348-D9E88E4125C5}C:\program files\ivms-4200 station\ivms-4200 pcnvr\storage service.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 pcnvr\storage service.exe FirewallRules: [TCP Query User{0CFAB724-0011-486A-AB62-8A007508015F}C:\program files\ivms-4200 station\ivms-4200 pcnvr\ivms-4200 pcnvr.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 pcnvr\ivms-4200 pcnvr.exe FirewallRules: [UDP Query User{A2B195F1-25E7-48BF-9DA1-A3F1FCFB3883}C:\program files\ivms-4200 station\ivms-4200 pcnvr\ivms-4200 pcnvr.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200 pcnvr\ivms-4200 pcnvr.exe FirewallRules: [{94E1CF4F-F7C4-46F0-8923-61DDFF67CD18}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E34063F6-8121-482C-82B0-9CDFC06A7DE1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Faulty Device Manager Devices ============= Name: Mysz zgodna z PS/2 Description: Mysz zgodna z PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (08/13/2015 12:13:15 PM) (Source: appweb) (EventID: 3299) (User: ) Description: appweb: Error: Route /ISAPI/ in host default-server is missing a catch-all handler Adding: AddHandler fileHandler "" . Error: (08/13/2015 10:47:39 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8 Error: (08/13/2015 10:47:36 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll8 Error: (08/13/2015 10:35:48 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd Explorer.EXE, wersja 6.0.6002.18005, sygnatura czasowa 0x49e02a1e, moduł powodujący błąd kernel32.dll, wersja 6.0.6002.19381, sygnatura czasowa 0x554d40ed, kod wyjątku 0xc0000005, przesunięcie błędu 0x000000000001c340, identyfikator procesu 0x220, godzina rozpoczęcia aplikacji 0xExplorer.EXE0. Error: (08/12/2015 01:55:12 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/10/2015 10:53:13 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/10/2015 10:53:13 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/09/2015 11:03:40 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c Error: (08/09/2015 11:03:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd Explorer.EXE, wersja 6.0.6002.18005, sygnatura czasowa 0x49e02a1e, moduł powodujący błąd kernel32.dll, wersja 6.0.6002.19381, sygnatura czasowa 0x554d40ed, kod wyjątku 0xc0000005, przesunięcie błędu 0x000000000001c340, identyfikator procesu 0x254, godzina rozpoczęcia aplikacji 0xExplorer.EXE0. Error: (08/09/2015 10:56:30 PM) (Source: EventSystem) (EventID: 4609) (User: ) Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c System errors: ============= Error: (08/21/2015 01:33:47 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 13:30:18 na 2015-08-21 było nieoczekiwane. Error: (08/21/2015 01:12:25 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 13:10:29 na 2015-08-21 było nieoczekiwane. Error: (08/21/2015 11:44:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000Eventlog Error: (08/21/2015 11:41:44 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 11:38:55 na 2015-08-21 było nieoczekiwane. Error: (08/21/2015 10:44:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000NlaSvc Error: (08/21/2015 10:44:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000MBAMService Error: (08/20/2015 09:30:31 PM) (Source: WinDefend) (EventID: 2004) (User: ) Description: Produkt %%%82627 napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: %%%82625 Kod błędu: 0x80070715 Opis błędu: Nie można znaleźć określonego typu zasobu w pliku obrazu. Ładowanie podpisów: %%826 Ładowanie wersji podpisu: 1.0.0.0 %Ładowanie wersji aparatu: %%%826270 Error: (08/20/2015 09:28:38 PM) (Source: WinDefend) (EventID: 2004) (User: ) Description: Produkt %%%82527 napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: %%%82524 Kod błędu: 0x8050a004 Opis błędu: Program nie może odnaleźć plików definicji, które pomagają wykrywać niechciane oprogramowanie. Wyszukaj aktualizacje dla plików definicji, a następnie spróbuj ponownie. Aby uzyskać informacje o instalowaniu aktualizacji, zobacz Pomoc i obsługę techniczną. Ładowanie podpisów: %%825 Ładowanie wersji podpisu: %Ładowanie wersji aparatu: %%%825270 Error: (08/20/2015 09:19:35 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:16:43 na 2015-08-20 było nieoczekiwane. Error: (08/20/2015 09:00:53 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 18:24:42 na 2015-08-19 było nieoczekiwane. Microsoft Office: ========================= Error: (08/31/2013 03:58:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2008 seconds with 1500 seconds of active time. This session ended with a crash. CodeIntegrity: =================================== Date: 2015-08-21 14:58:08.477 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:58:08.093 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:58:07.721 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:58:07.365 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:44:58.088 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:44:57.626 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:44:57.220 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:44:56.764 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:44:56.394 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-21 14:44:56.045 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Athlon(tm) Dual Core Processor 4850e Percentage of memory in use: 72% Total physical RAM: 3069.7 MB Available physical RAM: 848.82 MB Total Virtual: 6361.91 MB Available Virtual: 3631.64 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:116.21 GB) (Free:63.61 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:116.67 GB) (Free:58.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: F17623DC) Partition 1: (Active) - (Size=116.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=116.7 GB) - (Type=07 NTFS) ==================== End of log ============================