Additional scan result of Farbar Recovery Scan Tool (x64) Version:06-08-2015 Ran by NVR (2015-08-07 10:38:57) Running from C:\Users\NVR\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrateur (S-1-5-21-564120366-3866111022-3182706723-500 - Administrator - Disabled) HomeGroupUser$ (S-1-5-21-564120366-3866111022-3182706723-1006 - Limited - Enabled) Invité (S-1-5-21-564120366-3866111022-3182706723-501 - Limited - Disabled) => C:\Users\Invité NVR (S-1-5-21-564120366-3866111022-3182706723-1000 - Administrator - Enabled) => C:\Users\NVR UpdatusUser (S-1-5-21-564120366-3866111022-3182706723-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Camera Stream Controller (HKLM-x32\...\Camera Stream Controller) (Version: 1.0.0.127 - VIVOTEK INC.) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) Dropbox (HKU\S-1-5-21-564120366-3866111022-3182706723-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5.2 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft) Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft) Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft) Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft) Mises à jour NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Pilote audio HD : 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation) NVIDIA Pilote du contrôleur 3D Vision 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation) NVIDIA Pilote graphique 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation) Panneau de configuration NVIDIA 309.08 (Version: 309.08 - NVIDIA Corporation) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VIVOTEK ST7501 (HKLM-x32\...\ST7501) (Version: 1.8.5.3 - VIVOTEK, Inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-564120366-3866111022-3182706723-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\NVR\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) ==================== Restore Points ========================= 26-07-2015 19:00:08 Sauvegarde Windows 28-07-2015 09:31:02 Windows Update 28-07-2015 10:38:25 Windows Update 28-07-2015 16:04:31 Chrome Cleanup Tool 28-07-2015 17:54:46 Supprimé Microsoft Office File Validation Add-In 02-08-2015 17:17:24 Windows Update 02-08-2015 19:00:04 Sauvegarde Windows 03-08-2015 15:45:52 Removed Java 7 Update 25 05-08-2015 11:01:31 Windows Update 05-08-2015 11:06:36 Windows Update 06-08-2015 09:55:46 Windows Update 06-08-2015 14:08:44 Installation du package de pilotes : Visicom Media Inc. Périphérique d’acquisition d’images 06-08-2015 14:10:20 Installation du package de pilotes : Visicom Media Inc. Contrôleurs audio, vidéo et jeu ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B47F3CE-2C75-4B3D-8DEC-3C94DBE5B73E} - System32\Tasks\{68E4F547-2C24-40C9-AF7D-FC38710FFB78} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {10DD6B1C-4B9F-411B-9547-9C7D0BF8CE26} - System32\Tasks\{10BBEBB7-7C22-4EA9-A8B4-38399801EF1B} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {120E31FE-3924-4DFF-BD77-D90ED18914D8} - System32\Tasks\{B4A40335-AF2A-40D3-8448-3C97A9E3E5A7} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE Task: {1985A127-574A-4913-A4F2-9C521B1A01F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.) Task: {1AD7317E-D1FE-41A9-ADC8-E64B36645BC7} - System32\Tasks\{8B1B9F6C-C81D-4282-925A-332C2A5235A8} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {1DB7C118-EDB4-4B9C-B716-B4068B5E72C9} - System32\Tasks\BYAIAMUF => C:\Users\NVR\AppData\Roaming\BYAIAMUF.exe [2015-08-05] (Cinema PlusV16.03) <==== ATTENTION Task: {24ADA33D-C46A-457F-BC37-155142A5858C} - System32\Tasks\{E5811BBF-798A-4783-AD0B-5D35A657F7D1} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {2A1E7C2A-5B62-4CE4-B1C6-0F9C5F3F3DB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {37CCFA90-FDD8-4FFA-B131-444BC83902C4} - System32\Tasks\{DB7ED06E-E1DF-4C61-A3A6-346A5EFEE016} => pcalua.exe -a C:\Users\NVR\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=smt Task: {4E068252-34AE-4EF6-97BF-1CEE90B1D5B1} - System32\Tasks\{976F7E15-3C18-4A36-8529-D466ECB5733D} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {50A79BE2-2C8A-4803-90C3-27A0AB20F97B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.) Task: {513421A4-DB1A-4274-B5A3-F63B730FFCA1} - System32\Tasks\{B031A870-34A7-4472-A0D4-9C02178002BD} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {5A9623F6-A687-4AAD-99DD-E477B77BC704} - System32\Tasks\{18DE5AF2-7786-4D28-8A62-DA0DFC382C54} => C:\Users\NVR\Desktop\Install\ST7501_LiveClient_setup.exe <==== ATTENTION Task: {5CF735BB-B14D-4522-A6A7-6955DD012083} - System32\Tasks\{34C458AD-AE29-4D51-BF04-9F4A8AAF42A7} => pcalua.exe -a C:\Users\NVR\AppData\Local\AviraResume\setup.exe -d C:\Users\NVR\Desktop -c /NOTEMPCLEANUP /CLEANUPSRCFILES Task: {649BCD70-8CCC-4617-AF2E-DAC6625ADC2B} - System32\Tasks\{2D30D6AE-A43B-42F1-B6B3-1ABD15618F49} => C:\Users\NVR\Desktop\archive\archive voleurs\play_back\st7501- 1.6.1.4\ST7501_LiveClient_setup.exe Task: {6F8B580C-1A14-4B52-9E3D-E771B88596FB} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {75D8CF7F-743E-495D-8B12-B4CC0D5F06D8} - System32\Tasks\{952EF321-B6CB-46E0-B1B7-E5E746E7162F} => pcalua.exe -a C:\Users\NVR\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw Task: {765EC1A8-52FE-4396-AE8C-8DEE83359237} - System32\Tasks\{953F95B3-8410-4E4A-A0A4-722A10E1684B} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {76EBFF20-53DE-4CDE-B0A8-1DE9125F428B} - System32\Tasks\{9637EBD8-7CD3-41D5-B402-6F97C3D6D883} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {78580912-B4B9-4B76-8953-BC0ED41A07B1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-564120366-3866111022-3182706723-1000Core => C:\Users\NVR\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-11] (Dropbox, Inc.) Task: {79223046-6182-4D8C-B0C5-E62BC62014B3} - System32\Tasks\{3712AD16-C16E-4033-B646-390B86187625} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {7D5CB324-A4FB-4BE3-B163-DAE316DAF2BC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-564120366-3866111022-3182706723-1000UA => C:\Users\NVR\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-11] (Dropbox, Inc.) Task: {81B74DCF-67EA-434B-8003-AE18070A4E9F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {89D47DB6-8F4E-46B1-9B96-1647C2E5D67B} - System32\Tasks\{B17C5B32-B10D-4799-B7DF-2653C9D44944} => C:\Users\NVR\Dropbox\caisse enfant_20150402_130445~20150402_130709.exe Task: {9196C6EF-A360-453B-B33D-3B9E2EA1B532} - System32\Tasks\{0AF30D46-C1D2-4DDB-B022-52595078238B} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {93A8B47C-FBC4-459A-A729-3E1BC8AFD008} - System32\Tasks\{A74D2992-622D-470B-80A8-1F516D78F6D3} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {A427A12D-C7C5-41BA-90F0-BB56FA3597E4} - System32\Tasks\{B835F9C0-5524-45A4-9A7F-C382824FA41F} => C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe [2014-07-31] () Task: {B2596601-1FCF-412C-BC66-757B5F45E352} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {B297845A-5549-48D9-821F-F532F0B8A534} - System32\Tasks\{3B88786E-5802-4819-8CEA-44D05433FD82} => Chrome.exe http://ui.skype.com/ui/0/7.0.0.102/fr/abandoninstall?page=tsMain Task: {E809CCFC-E166-4198-9B00-71154FB4652B} - System32\Tasks\VideoKeep => c:\programdata\{93f14a61-0574-e8f0-93f1-14a610572984}\idm 6 23 build 16 crack and serial key latest update fullversion.html.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\BYAIAMUF.job => C:\Users\NVR\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-564120366-3866111022-3182706723-1000Core.job => C:\Users\NVR\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-564120366-3866111022-3182706723-1000UA.job => C:\Users\NVR\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\VideoKeep.job => c:\programdata\{93f14a61-0574-e8f0-93f1-14a610572984}\idm 6 23 build 16 crack and serial key latest update fullversion.html.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2013-05-06 13:11 - 2015-01-31 01:57 - 00086160 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-20 14:17 - 2015-07-20 14:17 - 00376832 _____ () C:\Program Files\Checker\check.exe 2015-08-06 14:25 - 2015-08-06 14:25 - 00161792 _____ () C:\Program Files (x86)\03000200-1438867482-0500-0006-000700080009\hnsb697E.tmp 2015-08-04 12:45 - 2015-08-04 12:45 - 00035840 _____ () C:\ProgramData\ExtTag\ExtTag.exe 2015-08-06 14:25 - 2015-08-06 14:25 - 00209920 _____ () C:\Program Files (x86)\03000200-1438867482-0500-0006-000700080009\jnsr5264.tmp 2015-08-06 20:11 - 2015-08-06 20:11 - 00607232 _____ () C:\Program Files (x86)\03000200-1438867482-0500-0006-000700080009\knseD799.tmp 2015-08-05 09:36 - 2015-08-05 09:36 - 00855040 _____ () C:\Program Files\Checker\packages\af1289f0-4937-4cc3-b1bb-31bde5a91a06\fchk.exe 2015-06-01 18:28 - 2015-06-01 18:28 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2015-08-04 16:01 - 2015-08-04 16:01 - 00145408 _____ () C:\ProgramData\ExtTag\hiswmi1s.exe 2014-07-31 14:24 - 2014-07-31 14:24 - 09190296 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\VMSLiveClient.exe 2015-08-07 10:13 - 2015-08-07 10:13 - 00071168 _____ () c:\users\nvr\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuzqutg.dll 2015-03-04 22:45 - 2015-07-17 01:31 - 00012800 _____ () C:\Users\NVR\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 22:45 - 2015-07-17 01:31 - 00779776 _____ () C:\Users\NVR\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-29 09:50 - 2015-07-17 01:31 - 00056320 _____ () C:\Users\NVR\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 22:45 - 2015-07-17 01:31 - 00012288 _____ () C:\Users\NVR\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2014-07-25 14:17 - 2014-07-25 14:17 - 02099200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\ffmpeg.dll 2014-07-25 14:17 - 2014-07-25 14:17 - 02107392 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\DataBroker.dll 2014-07-25 14:17 - 2014-07-25 14:17 - 00068608 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\SrvDepResource.dll 2014-07-25 14:17 - 2014-07-25 14:17 - 00993280 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\FilterFactory.dll 2014-07-25 14:16 - 2014-07-25 14:16 - 00130048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\NetScheduler.dll 2014-07-25 14:17 - 2014-07-25 14:17 - 00148480 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\PacketMaker.dll 2014-07-25 14:15 - 2014-07-25 14:15 - 00151552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\libexpat.dll 2014-07-31 14:05 - 2014-07-31 14:05 - 00073216 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\MessageParser.dll 2014-07-25 14:17 - 2014-07-25 14:17 - 00046080 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\ServerControllerLoader.DLL 2014-07-25 14:17 - 2014-07-25 14:17 - 00044032 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Client\LiveClient\ServerUtilityLoader.DLL 2015-08-04 16:01 - 2015-08-04 16:01 - 00968704 _____ () C:\ProgramData\ExtTag\fgobjs55.dll 2015-08-05 10:08 - 2015-07-31 07:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll 2015-08-05 10:08 - 2015-07-31 07:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-564120366-3866111022-3182706723-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NVR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{933BEA76-DEBE-4983-8471-33498BCB7E5A}C:\users\nvr\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nvr\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{500CB112-3D9B-4895-AD0B-AEBAE6F76624}C:\users\nvr\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nvr\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{367A4F96-08E5-4D46-B18B-BB9D65AABD56}] => (Allow) LPort=1886 FirewallRules: [{631BB9BF-0930-4575-BDD1-362B8497E77A}] => (Allow) LPort=1886 FirewallRules: [{ACB42753-7607-403C-826E-F13205AADFAA}] => (Allow) C:\Users\NVR\AppData\Local\Temp\ctmpua\ctmpua.exe FirewallRules: [{A7D6650F-03F1-4949-A7AB-32EB378F4844}] => (Allow) C:\Users\NVR\AppData\Local\Temp\ctmpua\ctmpua.exe FirewallRules: [{B4A28CBB-5D41-4B37-A274-4BDA2A72078B}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe FirewallRules: [{03937C5B-DAFE-4610-91E2-1EA2F64DA2D4}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe FirewallRules: [{50679F84-1994-434B-9447-D022699AD3C1}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe FirewallRules: [{7B42F449-C309-444A-AE10-01C7305D1E62}] => (Allow) C:\ProgramData\EroBisis\onuaci.exe FirewallRules: [{299F47F7-7390-43A2-89F0-C79A0138FE63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Port de communication (COM3) Description: Port de communication Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318} Manufacturer: (Types de port standard) Service: Serial Problem: : Windows cannot determine the settings for this device. Consult the documentation that came with this device and use the Resource tab to set the configuration. (Code 34) Resolution: The device requires manual configuration. See the hardware documentation or contact the hardware vendor for instructions on manually configuring the device. After you configure the device itself, you can use the "Resources" tab in Device Manager to configure the resource settings in Windows. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/07/2015 10:13:06 AM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Impossible d’initialiser l’index. Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/07/2015 10:13:06 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Impossible d’initialiser l’application. Contexte : Application Windows Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/07/2015 10:13:06 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Impossible d’initialiser l’objet rassembleur. Contexte : Application Windows, Catalogue SystemIndex Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/07/2015 10:13:06 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Impossible d’initialiser le plug-in dans . Contexte : Application Windows, Catalogue SystemIndex Détails : Élément introuvable. (HRESULT : 0x80070490) (0x80070490) Error: (08/07/2015 10:13:05 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Impossible d’initialiser le plug-in dans . Contexte : Application Windows, Catalogue SystemIndex Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/07/2015 10:13:05 AM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Le service Windows Search ne peut pas charger les informations de la banque de propriétés. Contexte : Application Windows, Catalogue SystemIndex Détails : La base de données d’index des contenus est endommagée. (HRESULT : 0xc0041800) (0xc0041800) Error: (08/07/2015 10:13:05 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : The catalog is corrupt. Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/07/2015 10:13:05 AM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Le service de recherche a détecté des fichiers de données endommagés dans l’index {id=4700}. Le service tentera de corriger automatiquement ce problème en recréant l’index. Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/07/2015 10:13:05 AM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Le service Windows Search ne peut pas ouvrir la banque de propriétés Jet. Détails : 0x%08x (0xc0041800 - La base de données d’index des contenus est endommagée. (HRESULT : 0xc0041800)) Error: (08/07/2015 10:13:05 AM) (Source: ESENT) (EventID: 455) (User: ) Description: Windows (3892) Windows: L'Erreur -1811 s'est produite lors de l'ouverture du fichier journal C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00054.log. System errors: ============= Error: (08/07/2015 10:14:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 Error: (08/07/2015 10:14:56 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error: (08/07/2015 10:13:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (08/07/2015 10:13:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Windows Search s’est arrêté avec l’erreur service particulière %%-1073473535. Error: (08/07/2015 09:39:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80240020 : Passer à la version Windows 10 Professionnel. Error: (08/07/2015 09:36:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service NVIDIA Update Service Daemon n’a pas pu démarrer en raison de l’erreur : %%1069 Error: (08/07/2015 09:36:45 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Le service nvUpdatusService n’a pas pu ouvrir de session en tant que .\UpdatusUser avec le mot de passe actuellement configuré en raison de l’erreur suivante : %%1330 Pour vous assurer que le service est configuré correctement, utilisez le composant logiciel enfichable Services dans Microsoft Management Console (MMC). Error: (08/07/2015 09:35:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service Windows Search s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service. Error: (08/07/2015 09:35:03 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Le service Windows Search s’est arrêté avec l’erreur service particulière %%-1073473535. Error: (08/06/2015 02:53:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Le service kalghuir s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 600 millisecondes : Redémarrer le service. Microsoft Office: ========================= ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU E5520 @ 2.27GHz Percentage of memory in use: 54% Total physical RAM: 4087 MB Available physical RAM: 1861.33 MB Total Virtual: 8172.2 MB Available Virtual: 5286 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:662.56 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3A323A31) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End of log ============================