Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Exécuté par charl (22-03-2017 19:50:57)
Exécuté depuis C:\Users\charl\Desktop
Windows 10 Home Version 1607 (X64) (2017-03-21 08:21:26)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-602083953-162087395-171390333-500 - Administrator - Disabled)
charl (S-1-5-21-602083953-162087395-171390333-1001 - Administrator - Enabled) => C:\Users\charl
DefaultAccount (S-1-5-21-602083953-162087395-171390333-503 - Limited - Disabled)
Invité (S-1-5-21-602083953-162087395-171390333-501 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.18 - Adobe Systems)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.45.53 - Conexant)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
GameFirst IV (x32 Version: 1.5.12 - ASUS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google SketchUp Pro 7 (HKLM-x32\...\{80FE4BC2-661C-4DEC-A6A4-7EEF1036B286}) (Version: 2.0.11069 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
IceWarp Desktop Client (HKLM-x32\...\{153175D3-DF55-4414-A7AD-014EDF728670}) (Version: 6.0.24928.0 - IceWarp Ltd.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (x32 Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{cc892976-0919-4ba9-ab52-ae15d2127a12}) (Version: 18.21.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7870.2024 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.7870.2024 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-602083953-162087395-171390333-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6001.1070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.8 - ASUS)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{37B47810-E821-4B53-B3D2-3DB1F2084B7E}) (Version: 15.3.331 - Trimble Navigation Limited)
SketchUp 2016 (HKLM-x32\...\{CF062509-06B2-4F57-9373-166B04719F94}) (Version: 16.1.1450 - Trimble Navigation Limited)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
V-Ray for SketchUp adv (HKLM-x32\...\V-Ray for SketchUp adv 2.00.25244) (Version: 2.00.25244 - Chaos Software, Ltd)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {06E36667-544C-448D-B24B-0CFBC0CF30FA} - System32\Tasks\temp\bk4007-tmp\p1490192290 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {075DE14D-EAFC-45F0-B8C7-83A8C3C87D3B} - System32\Tasks\microsoft-windows-photos_17-214-10010-0_x64__8wekyb3d8bbwe\microsoft-photos => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {0787957D-F8F2-49FC-86C5-DC3334F032DD} - System32\Tasks\temp\wzse0 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {0E22EEF9-F22C-4B5E-86AD-D1E87ED5594D} - System32\Tasks\temp\ixp000-tmp\dxwsetup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {0EB0D1F6-5B91-4F28-B773-293A234E482F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {0FE7F77D-9CDE-49BF-A27C-2ED8922AF24D} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868-41201-0_x64__8wekyb3d8bbwe\hxtsr-exe => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {131A7C06-31E1-4058-97CC-FEE1042DAFCA} - System32\Tasks\temp\bk192f-tmp\p1490192149 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {165EDA1A-E92A-4716-95E5-A2090D2F2388} - System32\Tasks\temp\bk2a88 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {16F2201D-B4CB-49D5-9F20-7945A76D8495} - System32\Tasks\microsoft-windows-photos_16-511 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {177C18B0-B1A5-473E-95E8-E09B30639844} - System32\Tasks\temp\bkcf8e-tmp\p1490192196 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {17EF178D-9F35-4D61-B077-7D00F9D24C01} - System32\Tasks\temp\bkadc0 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {1A0701C2-AD1F-4209-B199-D30E437DF49C} - System32\Tasks\temp\bkd873-tmp\p1490189035 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {1CA97032-A57C-40A2-8088-6CB76032277F} - System32\Tasks\557H68H396u212 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA <==== ATTENTION
Task: {1FF6A391-705B-442A-88E2-EB896028BDBF} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868-41201 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {20DF5D3C-B892-4E03-A1CB-C390A919D9C2} - System32\Tasks\microsoft\onedrive\onedrivestandaloneupdater => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {22C4094B-1EC6-4767-B031-717ABF1C3F43} - System32\Tasks\temp\is-mqdf3-tmp\driver_booster_setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2529865A-7226-4437-B820-5C6177A34B0F} - System32\Tasks\temp\bk7590-tmp\p1490188616 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {262F195C-E3B8-4532-B61A-7CB6844261E0} - System32\Tasks\temp\bkc01b-tmp\p1490188570 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {28079EE7-AD31-4D3B-BF42-A0149F02D538} - \ROG Gaming Center -> Pas de fichier <==== ATTENTION
Task: {297509C4-E39F-42F9-B7C9-E6A49B38257C} - System32\Tasks\temp\gdaa2-tmp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2979E082-DCB9-4F33-AC74-B47DA6B69436} - System32\Tasks\temp\bk4d29 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2A73CCFF-F660-46D5-8FE2-F87B31B80732} - System32\Tasks\microsoft-windows-photos_16-511-8780 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2C81CC28-95B1-4FB7-91A0-276BA15169D8} - System32\Tasks\acrobat 11-0\acrobat\acrodist-exe => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {2E211227-9B30-41F3-9046-290344313FE7} - System32\Tasks\temp\wzse0-tmp\setup64 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {30C06FAF-3833-4993-BACE-DF32C81EBBB5} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {312D4DC8-FA6D-4693-8133-7FEEE23A9343} - \Intel\Intel Telemetry 2 -> Pas de fichier <==== ATTENTION
Task: {32EA43AE-238F-4D22-9FBD-6A2A6A850DAB} - System32\Tasks\temp\is-v9be4 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {34C407AF-F3AE-4AAA-908E-7683F98CCC01} - System32\Tasks\temp\bk8f99-tmp\p1490190053 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {34CDB377-1C15-49C9-9B5F-7BC2BD92B563} - System32\Tasks\microsoft-windowscommunicationsapps_17 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {34D9353D-5B45-4190-8956-31BEC10C0F7D} - System32\Tasks\temp\_iu14d2n-tmp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {38A394A3-AD6F-4C51-9EF5-27C7081BE2C1} - System32\Tasks\microsoft-skypeapp_11-12-112-0_x64__kzf8qxf38zg5c\skypehost => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {38D1C81F-27C1-452D-BB55-FD25D7047525} - System32\Tasks\intel(r) integrated clock controller service\iccproxy => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {3ABBD38B-CA1F-41AF-82C4-7638E90AB48D} - System32\Tasks\driver booster\4-3-0\inststat => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3BCF6DB8-CF09-4556-84E4-B9234E2953FA} - System32\Tasks\temp\bk4770-tmp\p1490190100 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3C055881-B1F3-4FAE-B04A-BD9DB6B677B4} - System32\Tasks\microsoft-windows-photos_17-214-10010 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3C0CC4C3-B491-4B4B-A495-7C7FD9B512FD} - System32\Tasks\acrobat 11-0\acrobat\acrodist => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {3E4C92F7-D327-4A0A-ABBA-CF9659BB713F} - System32\Tasks\temp\is-5i67l-tmp\promote => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3E9158AE-638C-4C8F-8332-E5774DF333E1} - System32\Tasks\microsoft-windows => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3F034E30-8EBB-4EFD-A68D-7E45CE2FF55A} - System32\Tasks\80N250N974t276-dll => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {413B5411-2AF8-4F75-8CD0-53EF9E730FB4} - System32\Tasks\temp\bk9cb-tmp\p1490188524 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {475B4C87-FADF-47C4-86A2-5336AA95A9C2} - System32\Tasks\80N250N974t276 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG <==== ATTENTION
Task: {496F4119-C720-4885-A20C-29AB23A408C9} - \ASUS Splendid ACMON -> Pas de fichier <==== ATTENTION
Task: {49A02D2C-52E4-4D2E-9EDC-A5EF71DBAD8C} - System32\Tasks\temp\bk7590 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4BB07AD0-4193-4CDB-9FE8-FCA3460229C5} - System32\Tasks\temp\bk3e88 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4C1139C4-7C4D-4482-916C-DE128D5B14C3} - System32\Tasks\microsoft-windows-photos_16-511-8780-0_x64__8wekyb3d8bbwe\microsoft-photos => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4D3FFB91-AE92-44BE-B838-12314F1BBA97} - System32\Tasks\temp\gumf3e5-tmp\googleupdate => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA <==== ATTENTION
Task: {4D51C870-0237-4415-824F-DCDC00A9968B} - System32\Tasks\temp\bkd11d => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4E45A4C2-004F-4236-BC86-65BEDC302A41} - System32\Tasks\driver booster\4 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA <==== ATTENTION
Task: {566154B8-284C-43D8-BF42-C6FE80B16973} - System32\Tasks\temp\bk87ac-tmp\p1490191915 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {590D68BC-E221-4424-A06E-B1104DE69B2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-22] (Google Inc.)
Task: {59145443-ACA2-4F7B-8E69-9C438970CC3D} - System32\Tasks\temp\bk232d => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {5B5F35D3-FA1C-41E5-AC54-04697D233D8C} - System32\Tasks\driver booster\4-3-0\drvinstall\dpinstx64 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6184F127-04B1-4866-A491-E878857D928C} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015-10 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {62157470-9D9B-4610-99CB-064455D06006} - System32\Tasks\temp\nsbf19b-tmp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {63FAA1B9-8E55-440D-B1D4-FDEEB7602E80} - System32\Tasks\temp\bkadc0-tmp\p1490191728 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {64092C72-0651-43DE-A821-8420E4BCA651} - System32\Tasks\microsoft-windows-photos_17-214 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - \ASUS\ASUS Product Register Service -> Pas de fichier <==== ATTENTION
Task: {64BD1222-2042-490C-8CCD-6C95346239E2} - System32\Tasks\temp\bk4486-tmp\p1490189128 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {668A386F-FD47-4D85-99E9-74750F936EB3} - System32\Tasks\temp\is-cffiv-tmp-dbinst\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {69267067-7ECB-49D0-8677-109C3F7F97F7} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6A9F7FC3-4054-4C2F-AE3D-2D52E489B1B8} - System32\Tasks\temp\is-cffiv => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6D146AB6-21FD-45DA-B7AC-0CDF78DEE546} - System32\Tasks\temp\bkb50a-tmp\p1490190194 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6D54AEA1-9CD3-4DF3-857D-9D6DE9C1AE2F} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon -> Pas de fichier <==== ATTENTION
Task: {6F430ACF-6BE6-4B48-8EFF-AF1B1161EF59} - System32\Tasks\microsoft-windows-photos_16 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {70E3AF83-01AC-4C80-AB76-70FAD899EAC0} - System32\Tasks\temp\bkf79f-tmp\p1490192337 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {73116BDD-EC8B-4184-83E1-A9700CD9BB0F} - System32\Tasks\acrobat 11-0\acrobat\acrotray-exe => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {732F2112-B902-4211-BFA3-3835C6DF0F40} - System32\Tasks\temp\wps\~99c53c\au_ => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {756A0D74-A546-4643-8F8E-766A0591D15E} - System32\Tasks\temp\ixp000 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {774EE84E-63D2-4D2F-A37F-4B73E2CDDC1D} - System32\Tasks\acrobat 11-0\acrobat\acrobat_sl => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {797A7643-CC3D-4125-9890-1429485067FC} - System32\Tasks\temp\bk1afc-tmp\p1490191822 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {7CCAA596-003F-4C5C-9796-1162097F358C} - System32\Tasks\temp\bk6bb7-tmp\p1490190241 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {7F2E55F1-7710-4437-8849-6C8AB04838D0} - System32\Tasks\temp\bk2217 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {81AE35C4-25AB-4D8F-A76A-AD396C9E9DD3} - System32\Tasks\acrobat 11-0\acrobat\browser\wcchromeextn\wcchromenativemessaginghost => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {828C9786-F98B-4639-8EF8-F2A760717AC0} - \ASUS USB Charger Plus -> Pas de fichier <==== ATTENTION
Task: {83826D28-8FF3-46FB-A94A-A4D299316E6A} - System32\Tasks\temp\bk6d4a => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {86AA5A9B-AC23-4364-810C-3E60C2431C12} - System32\Tasks\temp\bk63a3-tmp\p1490191775 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {86C4059F-C3BC-475E-A12F-1EAF412D93DB} - System32\Tasks\microsoft-windows-photos_17 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {88EFF826-1604-4FB4-887F-C98354A4763D} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8A19E419-6941-4684-A1C0-33540B651DC2} - System32\Tasks\temp\bk6bb7 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8A5EA2B7-5804-4178-8921-7607BC6C5C62} - System32\Tasks\temp\bkfe4c-tmp\p1490190147 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8B630B2A-AF8D-4E35-A08D-98FD7ED082E1} - System32\Tasks\temp\bkabc4-tmp\p1490192056 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8BA41A6C-4DC1-43C9-96C6-AAE9C0B36D61} - System32\Tasks\Driver Booster SkipUAC (charl) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
Task: {8BEB3311-F671-4237-8E26-6B7E858A4225} - System32\Tasks\temp\bk2217-tmp\p1490190288 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8E0E3DF8-E27C-425D-8D9B-C8FB2B97C548} - System32\Tasks\temp\bk3e88-tmp\p1490191962 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {94165E5E-A491-4A26-AB73-204657E2A945} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-22] (Google Inc.)
Task: {943927D1-580B-4EF9-BA96-CFDAE5BCB4F4} - System32\Tasks\temp\is-mqdf3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {95A0A632-D902-479B-AEDD-198D94DD17FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {983BBC00-E48D-474C-A760-4414BF2D0B75} - System32\Tasks\acrobat 11 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {9C313C26-68F7-400E-8C36-9F1C327A9808} - System32\Tasks\temp\bkd11d-tmp\p1490191868 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {9DAA0CA0-0E8E-4865-BFBA-2F3ABFBDBE32} - System32\Tasks\temp\~nsu-tmp\au_ => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {9F8E91FF-37EF-4832-90C0-CCFC5C90D8F1} - System32\Tasks\{cc892976-0919-4ba9-ab52-ae15d2127a12}\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {A3A58504-481A-4751-AAD5-D28F061A08A3} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015-10-19 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {A47EBE6A-8B6B-4DB2-98E8-7A5A205CA43A} - \ASUS Smart Gesture Launcher -> Pas de fichier <==== ATTENTION
Task: {A6BC2B6C-2503-479A-8296-AB7A61B7D5BA} - System32\Tasks\temp\bk8dc9-tmp\p1490189082 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {A6E8844A-ECAE-4B97-A30E-5081BF233455} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {A7620E9B-63C7-4DF5-A868-A6AE644B6805} - System32\Tasks\temp\bk63a3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {A7C75211-7288-42CF-9C6F-6EEDE4BE739F} - System32\Tasks\temp\is-jpbis => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {AAC73F93-BDCE-40B3-B5AF-6F3040AABE6E} - System32\Tasks\temp\bk97d3-tmp\p1490188756 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {AB0D70C8-505B-402F-836D-F29A5963695D} - System32\Tasks\temp\bk192f => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {ABA60EAF-C3D3-4360-A7C2-AF452B5E169D} - System32\Tasks\temp\is-sno66-tmp\setuphlp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {B15F0AB5-FF63-49B5-B243-42BDC70526CC} - System32\Tasks\acrobat 11-0\acrobat\acrord32 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {B4B95B6C-2F68-4805-9AC8-EBEACDB06205} - System32\Tasks\intel(r) security assist\isa => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {B7658F90-3FCA-467C-B84C-E1AC938B3439} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {BCF4AE33-0AAA-46E3-B0BA-3151735CFFB6} - System32\Tasks\temp\bk232d-tmp\p1490188989 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {C250A3B2-4BE7-4156-BA1A-715B00ADBAF7} - System32\Tasks\temp\bk2a88-tmp\p1490188663 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {C6D6A1CF-11D0-4FD8-9EF8-F3C1B6260624} - System32\Tasks\temp\bk6d4a-tmp\p1490188942 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {C84E8AC4-EE62-4617-8D49-7DC1A01EB5BC} - System32\Tasks\acrobat 11-0\acrobat\acrobat => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {CB0F5456-FB45-4E91-A664-23A9001C3A3A} - System32\Tasks\temp\bkabc4 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {CB8BA516-7736-4103-9EE7-D7CDAF52E029} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868-41201-0_x64__8wekyb3d8bbwe\hxtsr => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {CE3743C0-52FF-4B82-8AE7-D261BCCE83A5} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec -> Pas de fichier <==== ATTENTION
Task: {CED6EDC9-B5FA-47C8-A020-12AFFBCF2D16} - System32\Tasks\temp\bk637b-tmp\p1490192102 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D1E8B958-8EEF-4D7B-ABC2-1798A6B4785E} - System32\Tasks\temp\cr_30302-tmp\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D2824A23-818D-405B-9B6F-6B22960828F1} - System32\Tasks\temp\_iu14d2n => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {D285CCE2-E028-4A54-8EDD-72C90BAABF0B} - System32\Tasks\temp\bk270 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D3037314-FC0C-490E-AB0D-EE0C351E3738} - \ATK Package 36D18D69AFC3 -> Pas de fichier <==== ATTENTION
Task: {D3C60C28-5E69-4E59-85F4-2FB0B14DB758} - System32\Tasks\temp\bkf5bb-tmp\p1490191681 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D5468651-66A8-4F8C-87BC-12E137F45109} - System32\Tasks\microsoft-windows-photos_16-511-8780-0_x64__8wekyb3d8bbwe\microsoft => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D68321B1-AC77-46A0-A94C-3E30C44FC252} - System32\Tasks\acrobat 11-0\acrobat\acrotray => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {D82D3F2C-BD7C-4A62-9EDD-8464E4AF7B23} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D9638974-9DCA-42F2-9AD0-53B6938725A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {DBB16FCB-8CBA-436D-A855-69C58A747D52} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015-10-19-9 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {DC3F4725-7645-479D-8B83-A8A994CDE06C} - System32\Tasks\temp\bkd873 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {DC5E873A-3ADB-486E-A852-0EACA8E354DF} - System32\Tasks\temp\bk637b => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E2C9954C-6EFB-4C1E-B048-855A197F5AF4} - System32\Tasks\temp\bkcf8e => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E494F048-45FA-4D77-B352-8B7572DF17E3} - System32\Tasks\microsoft-windowscommunicationsapps_17-8016-42007-0_x64__8wekyb3d8bbwe\hxtsr => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {E55A70F7-599A-4F21-8E2A-722BE8BABA4D} - System32\Tasks\temp\bk97d3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E6439281-F049-464C-A3FA-A03474AF0904} - System32\Tasks\temp\cr_1a8d0-tmp\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E7DCCE60-BB60-42C1-BC7C-83BF842BB848} - System32\Tasks\temp\bk270-tmp\p1490188849 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E8B97B42-1026-4AAE-AC98-D34F2DD8CA36} - System32\Tasks\temp\bk8f99 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {EBB77723-5DF2-4C78-BBE8-BC27C514D014} - System32\Tasks\temp\bk4d29-tmp\p1490188803 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {EC4E1446-00D0-47E5-A3CF-05581ED45FEC} - System32\Tasks\microsoft-windows-photos_17-214-10010-0_x64__8wekyb3d8bbwe\microsoft => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {ECA8D33A-C0CE-4813-8D33-F1D2DEF06C82} - System32\Tasks\temp\bkfe4c => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {F06DEBA1-1D39-4E7E-AB88-D74B4FFB9CC1} - System32\Tasks\intel(r) management engine components\lms\lms => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {F4B1E7B9-1CD9-485A-B55B-F77E46B0D5EF} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F821A0CA-EB6D-433E-8B64-5B708849783B} - System32\Tasks\acrobat 11-0\acrobat\acrobat-exe => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {F99650D9-A007-4A62-8296-49C2D0D5B9E6} - \ATK Package A22126881260 -> Pas de fichier <==== ATTENTION
Task: {FA094F47-0BD2-4005-8928-E62DF5BDBB77} - System32\Tasks\temp\bkd86f-tmp\p1490190007 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {FB1C46CA-2905-4690-B39F-B593F9A149A1} - System32\Tasks\driver booster\4-3-0\autoupdate => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {FC801134-C0F3-4187-8D7E-17E5BBA98F09} - System32\Tasks\temp\is-v9be4-tmp\driver_booster_setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {FEEA539F-C13E-4FCF-A392-132AC0F35E0D} - System32\Tasks\driver booster\4-3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\microsoft.job => rundll32.exe C:\ProgramData\557H68H396u212\557H68H396u212.dll
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
Shortcut: C:\Users\charl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.)
==================== Modules chargés (Avec liste blanche) ==============
2015-05-19 09:11 - 2015-05-19 09:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2017-03-22 16:24 - 2014-03-22 16:07 - 03095040 _____ () C:\ProgramData\80N250N974t276\80N250N974t276.dll
2017-03-22 17:22 - 2017-03-22 17:22 - 00214016 _____ () C:\WINDOWS\TEMP\g2932.tmp.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-14 21:17 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-21 09:01 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-14 21:17 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-14 21:17 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-19 10:16 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:17 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 21:17 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-14 21:18 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-22 08:18 - 2017-03-22 08:19 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-22 08:18 - 2017-03-22 08:19 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-22 08:18 - 2017-03-22 08:19 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-22 08:18 - 2017-03-22 08:19 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-14 21:17 - 2017-03-04 07:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-03-22 08:14 - 2017-03-22 08:15 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-07-22 00:18 - 2015-07-22 00:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-22 14:26 - 2017-03-22 03:23 - 00106496 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\addons\sdkfilesver.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 00029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-07-30 22:56 - 2015-06-24 12:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-27 09:55 - 2017-02-27 09:55 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\fr_fr\acrotray.fra
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-10-30 08:24 - 2017-03-21 13:00 - 00001123 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-602083953-162087395-171390333-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\charl\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A4CC9C89-EB1B-4B31-A040-5DF7B4C67AE1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{64D2FD06-9545-48F5-8CB5-75604F903614}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C6A626A3-B005-4C48-9B7A-955B71A0CE6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B7731310-6106-49F2-9823-DCC6A42219EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C7EF7362-B51F-41CB-ADC2-66D8C979945B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{994CDFAD-C561-483D-A01A-ED9EC0CA1C4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B96F1212-9165-4725-81AF-191E667DEAE6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C00F62B3-38D2-4A7D-9D7A-D923C3C15FF4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [TCP Query User{797D9CE6-ED39-417D-B40F-B7F055428301}C:\program files (x86)\archicad 15\archicad.exe] => (Allow) C:\program files (x86)\archicad 15\archicad.exe
FirewallRules: [UDP Query User{23276E73-298B-42DF-A6BE-4799472B7ADF}C:\program files (x86)\archicad 15\archicad.exe] => (Allow) C:\program files (x86)\archicad 15\archicad.exe
FirewallRules: [TCP Query User{2CB27390-4482-4E1F-9FB3-9C14A340AF80}C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{32C3DDD0-F229-4B0D-8E40-8343DE32EDEA}C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [{DA097057-9EE0-4CD6-A887-E4B8B74BDE15}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{66AD4CBB-52A7-4F34-AFFB-A94406930C03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{A2F67983-A833-4042-97B6-8118B826222B}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{BDF03199-7A69-4C10-8D47-F1248AC3F389}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{78CD2B48-8EA5-4063-A2F8-AB9474BD8C89}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{D110DFBB-34DB-4EF1-8A4C-22EA25BEAC6E}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [{9DA7EA7D-0B1A-4F7B-B695-C91664D86B4E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FF84FF02-7A65-43D8-A905-9B45EAC0F4D8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1FD50295-0DB4-4F5C-9315-AE0851650D9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{ECDC3AB7-14A8-4C43-8230-F7313C959183}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0CFE9AB0-AAE8-4DEF-9725-02ABC17EF904}] => (Allow) C:\Program Files (x86)\Boxfat\Application\chrome.exe
FirewallRules: [{C23AF968-BD2D-45D3-9BC5-B5120DC91D1E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{337BCA65-1254-4EEE-974D-352AAA90468E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{29F34ABA-F87C-4725-9A26-75DAFABD74E0}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Points de restauration =========================
22-03-2017 11:13:32 Windows Update
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (03/22/2017 07:47:22 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (03/22/2017 05:34:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-FG6J3T9)
Description: Échec de l’activation de l’application Microsoft.WindowsStore_8wekyb3d8bbwe!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (03/22/2017 05:21:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (03/22/2017 04:50:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (03/22/2017 04:33:36 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (03/22/2017 04:30:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante ctfmon.exe, version : 10.0.14393.0, horodatage : 0x57899148
Nom du module défaillant : InputService.dll, version : 10.0.14393.953, horodatage : 0x58ba5875
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00057f66
ID du processus défaillant : 0x228c
Heure de début de l’application défaillante : 0x01d2a31750448690
Chemin d’accès de l’application défaillante : C:\WINDOWS\SysWOW64\ctfmon.exe
Chemin d’accès du module défaillant: C:\WINDOWS\system32\InputService.dll
ID de rapport : f22714a0-8c7d-41a6-912f-197a0b83f123
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (03/22/2017 04:29:45 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-602083953-162087395-171390333-1001}/">.
Error: (03/22/2017 04:29:39 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-602083953-162087395-171390333-1001}/">.
Error: (03/22/2017 04:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPCleaner.exe version 2017.3.22.49 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 18f0
Heure de début : 01d2a3205356bbcf
Heure de fin : 4294967295
Chemin d'accès de l'application : C:\Users\charl\ZHPCleaner.exe
ID de rapport : ce7d238a-0f13-11e7-8946-a402b9a5e05f
Nom complet du package défaillant :
ID de l'application relative au package défaillant :
Error: (03/22/2017 04:19:04 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Erreurs système:
=============
Error: (03/22/2017 07:48:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 07:48:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 07:48:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:34:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG6J3T9)
Description: Le serveur App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (03/22/2017 05:34:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:41 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2017-03-22 19:50:45.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 19:50:45.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 19:50:45.164
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 19:50:45.161
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.863
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\ydurhhgvherrkbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.823
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\ydurhhgvherrkbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\fisvrkkvdhysxz.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.758
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\fisvrkkvdhysxz.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.725
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\npcrjgzofzxyddt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.693
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\npcrjgzofzxyddt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 24%
Mémoire physique - RAM - totale: 8090.88 MB
Mémoire physique - RAM - disponible: 6082.16 MB
Mémoire virtuelle totale: 10010.88 MB
Mémoire virtuelle disponible: 8069.59 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:237.72 GB) (Free:167.75 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:910 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6348169D)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 4844FE47)
Partition: GPT.
==================== Fin de Addition.txt ============================
Exécuté par charl (22-03-2017 19:50:57)
Exécuté depuis C:\Users\charl\Desktop
Windows 10 Home Version 1607 (X64) (2017-03-21 08:21:26)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
Administrateur (S-1-5-21-602083953-162087395-171390333-500 - Administrator - Disabled)
charl (S-1-5-21-602083953-162087395-171390333-1001 - Administrator - Enabled) => C:\Users\charl
DefaultAccount (S-1-5-21-602083953-162087395-171390333-503 - Limited - Disabled)
Invité (S-1-5-21-602083953-162087395-171390333-501 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.18 - Adobe Systems)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.45.53 - Conexant)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)
GameFirst IV (x32 Version: 1.5.12 - ASUS) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.110 - Google Inc.)
Google SketchUp Pro 7 (HKLM-x32\...\{80FE4BC2-661C-4DEC-A6A4-7EEF1036B286}) (Version: 2.0.11069 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
IceWarp Desktop Client (HKLM-x32\...\{153175D3-DF55-4414-A7AD-014EDF728670}) (Version: 6.0.24928.0 - IceWarp Ltd.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (x32 Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{cc892976-0919-4ba9-ab52-ae15d2127a12}) (Version: 18.21.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7870.2024 - Microsoft Corporation)
Microsoft Office Professionnel Plus 2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.7870.2024 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-602083953-162087395-171390333-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6001.1070 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Panneau de configuration NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden
PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.8 - ASUS)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{37B47810-E821-4B53-B3D2-3DB1F2084B7E}) (Version: 15.3.331 - Trimble Navigation Limited)
SketchUp 2016 (HKLM-x32\...\{CF062509-06B2-4F57-9373-166B04719F94}) (Version: 16.1.1450 - Trimble Navigation Limited)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
V-Ray for SketchUp adv (HKLM-x32\...\V-Ray for SketchUp adv 2.00.25244) (Version: 2.00.25244 - Chaos Software, Ltd)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Personnalisé CLSID (Avec liste blanche): ==========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {06E36667-544C-448D-B24B-0CFBC0CF30FA} - System32\Tasks\temp\bk4007-tmp\p1490192290 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {075DE14D-EAFC-45F0-B8C7-83A8C3C87D3B} - System32\Tasks\microsoft-windows-photos_17-214-10010-0_x64__8wekyb3d8bbwe\microsoft-photos => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {0787957D-F8F2-49FC-86C5-DC3334F032DD} - System32\Tasks\temp\wzse0 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {0E22EEF9-F22C-4B5E-86AD-D1E87ED5594D} - System32\Tasks\temp\ixp000-tmp\dxwsetup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {0EB0D1F6-5B91-4F28-B773-293A234E482F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {0FE7F77D-9CDE-49BF-A27C-2ED8922AF24D} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868-41201-0_x64__8wekyb3d8bbwe\hxtsr-exe => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {131A7C06-31E1-4058-97CC-FEE1042DAFCA} - System32\Tasks\temp\bk192f-tmp\p1490192149 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {165EDA1A-E92A-4716-95E5-A2090D2F2388} - System32\Tasks\temp\bk2a88 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {16F2201D-B4CB-49D5-9F20-7945A76D8495} - System32\Tasks\microsoft-windows-photos_16-511 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {177C18B0-B1A5-473E-95E8-E09B30639844} - System32\Tasks\temp\bkcf8e-tmp\p1490192196 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {17EF178D-9F35-4D61-B077-7D00F9D24C01} - System32\Tasks\temp\bkadc0 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {1A0701C2-AD1F-4209-B199-D30E437DF49C} - System32\Tasks\temp\bkd873-tmp\p1490189035 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {1CA97032-A57C-40A2-8088-6CB76032277F} - System32\Tasks\557H68H396u212 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA <==== ATTENTION
Task: {1FF6A391-705B-442A-88E2-EB896028BDBF} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868-41201 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {20DF5D3C-B892-4E03-A1CB-C390A919D9C2} - System32\Tasks\microsoft\onedrive\onedrivestandaloneupdater => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {22C4094B-1EC6-4767-B031-717ABF1C3F43} - System32\Tasks\temp\is-mqdf3-tmp\driver_booster_setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2529865A-7226-4437-B820-5C6177A34B0F} - System32\Tasks\temp\bk7590-tmp\p1490188616 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {262F195C-E3B8-4532-B61A-7CB6844261E0} - System32\Tasks\temp\bkc01b-tmp\p1490188570 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {28079EE7-AD31-4D3B-BF42-A0149F02D538} - \ROG Gaming Center -> Pas de fichier <==== ATTENTION
Task: {297509C4-E39F-42F9-B7C9-E6A49B38257C} - System32\Tasks\temp\gdaa2-tmp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2979E082-DCB9-4F33-AC74-B47DA6B69436} - System32\Tasks\temp\bk4d29 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2A73CCFF-F660-46D5-8FE2-F87B31B80732} - System32\Tasks\microsoft-windows-photos_16-511-8780 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {2C81CC28-95B1-4FB7-91A0-276BA15169D8} - System32\Tasks\acrobat 11-0\acrobat\acrodist-exe => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {2E211227-9B30-41F3-9046-290344313FE7} - System32\Tasks\temp\wzse0-tmp\setup64 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {30C06FAF-3833-4993-BACE-DF32C81EBBB5} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {312D4DC8-FA6D-4693-8133-7FEEE23A9343} - \Intel\Intel Telemetry 2 -> Pas de fichier <==== ATTENTION
Task: {32EA43AE-238F-4D22-9FBD-6A2A6A850DAB} - System32\Tasks\temp\is-v9be4 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {34C407AF-F3AE-4AAA-908E-7683F98CCC01} - System32\Tasks\temp\bk8f99-tmp\p1490190053 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {34CDB377-1C15-49C9-9B5F-7BC2BD92B563} - System32\Tasks\microsoft-windowscommunicationsapps_17 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {34D9353D-5B45-4190-8956-31BEC10C0F7D} - System32\Tasks\temp\_iu14d2n-tmp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {38A394A3-AD6F-4C51-9EF5-27C7081BE2C1} - System32\Tasks\microsoft-skypeapp_11-12-112-0_x64__kzf8qxf38zg5c\skypehost => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {38D1C81F-27C1-452D-BB55-FD25D7047525} - System32\Tasks\intel(r) integrated clock controller service\iccproxy => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {3ABBD38B-CA1F-41AF-82C4-7638E90AB48D} - System32\Tasks\driver booster\4-3-0\inststat => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3BCF6DB8-CF09-4556-84E4-B9234E2953FA} - System32\Tasks\temp\bk4770-tmp\p1490190100 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3C055881-B1F3-4FAE-B04A-BD9DB6B677B4} - System32\Tasks\microsoft-windows-photos_17-214-10010 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3C0CC4C3-B491-4B4B-A495-7C7FD9B512FD} - System32\Tasks\acrobat 11-0\acrobat\acrodist => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {3E4C92F7-D327-4A0A-ABBA-CF9659BB713F} - System32\Tasks\temp\is-5i67l-tmp\promote => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3E9158AE-638C-4C8F-8332-E5774DF333E1} - System32\Tasks\microsoft-windows => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {3F034E30-8EBB-4EFD-A68D-7E45CE2FF55A} - System32\Tasks\80N250N974t276-dll => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {413B5411-2AF8-4F75-8CD0-53EF9E730FB4} - System32\Tasks\temp\bk9cb-tmp\p1490188524 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {475B4C87-FADF-47C4-86A2-5336AA95A9C2} - System32\Tasks\80N250N974t276 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG <==== ATTENTION
Task: {496F4119-C720-4885-A20C-29AB23A408C9} - \ASUS Splendid ACMON -> Pas de fichier <==== ATTENTION
Task: {49A02D2C-52E4-4D2E-9EDC-A5EF71DBAD8C} - System32\Tasks\temp\bk7590 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4BB07AD0-4193-4CDB-9FE8-FCA3460229C5} - System32\Tasks\temp\bk3e88 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4C1139C4-7C4D-4482-916C-DE128D5B14C3} - System32\Tasks\microsoft-windows-photos_16-511-8780-0_x64__8wekyb3d8bbwe\microsoft-photos => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4D3FFB91-AE92-44BE-B838-12314F1BBA97} - System32\Tasks\temp\gumf3e5-tmp\googleupdate => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA <==== ATTENTION
Task: {4D51C870-0237-4415-824F-DCDC00A9968B} - System32\Tasks\temp\bkd11d => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {4E45A4C2-004F-4236-BC86-65BEDC302A41} - System32\Tasks\driver booster\4 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA <==== ATTENTION
Task: {566154B8-284C-43D8-BF42-C6FE80B16973} - System32\Tasks\temp\bk87ac-tmp\p1490191915 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {590D68BC-E221-4424-A06E-B1104DE69B2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-22] (Google Inc.)
Task: {59145443-ACA2-4F7B-8E69-9C438970CC3D} - System32\Tasks\temp\bk232d => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {5B5F35D3-FA1C-41E5-AC54-04697D233D8C} - System32\Tasks\driver booster\4-3-0\drvinstall\dpinstx64 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6184F127-04B1-4866-A491-E878857D928C} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015-10 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {62157470-9D9B-4610-99CB-064455D06006} - System32\Tasks\temp\nsbf19b-tmp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {63FAA1B9-8E55-440D-B1D4-FDEEB7602E80} - System32\Tasks\temp\bkadc0-tmp\p1490191728 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {64092C72-0651-43DE-A821-8420E4BCA651} - System32\Tasks\microsoft-windows-photos_17-214 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - \ASUS\ASUS Product Register Service -> Pas de fichier <==== ATTENTION
Task: {64BD1222-2042-490C-8CCD-6C95346239E2} - System32\Tasks\temp\bk4486-tmp\p1490189128 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {668A386F-FD47-4D85-99E9-74750F936EB3} - System32\Tasks\temp\is-cffiv-tmp-dbinst\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {69267067-7ECB-49D0-8677-109C3F7F97F7} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6A9F7FC3-4054-4C2F-AE3D-2D52E489B1B8} - System32\Tasks\temp\is-cffiv => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6D146AB6-21FD-45DA-B7AC-0CDF78DEE546} - System32\Tasks\temp\bkb50a-tmp\p1490190194 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {6D54AEA1-9CD3-4DF3-857D-9D6DE9C1AE2F} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon -> Pas de fichier <==== ATTENTION
Task: {6F430ACF-6BE6-4B48-8EFF-AF1B1161EF59} - System32\Tasks\microsoft-windows-photos_16 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {70E3AF83-01AC-4C80-AB76-70FAD899EAC0} - System32\Tasks\temp\bkf79f-tmp\p1490192337 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {73116BDD-EC8B-4184-83E1-A9700CD9BB0F} - System32\Tasks\acrobat 11-0\acrobat\acrotray-exe => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {732F2112-B902-4211-BFA3-3835C6DF0F40} - System32\Tasks\temp\wps\~99c53c\au_ => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {756A0D74-A546-4643-8F8E-766A0591D15E} - System32\Tasks\temp\ixp000 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {774EE84E-63D2-4D2F-A37F-4B73E2CDDC1D} - System32\Tasks\acrobat 11-0\acrobat\acrobat_sl => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {797A7643-CC3D-4125-9890-1429485067FC} - System32\Tasks\temp\bk1afc-tmp\p1490191822 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {7CCAA596-003F-4C5C-9796-1162097F358C} - System32\Tasks\temp\bk6bb7-tmp\p1490190241 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {7F2E55F1-7710-4437-8849-6C8AB04838D0} - System32\Tasks\temp\bk2217 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {81AE35C4-25AB-4D8F-A76A-AD396C9E9DD3} - System32\Tasks\acrobat 11-0\acrobat\browser\wcchromeextn\wcchromenativemessaginghost => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {828C9786-F98B-4639-8EF8-F2A760717AC0} - \ASUS USB Charger Plus -> Pas de fichier <==== ATTENTION
Task: {83826D28-8FF3-46FB-A94A-A4D299316E6A} - System32\Tasks\temp\bk6d4a => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {86AA5A9B-AC23-4364-810C-3E60C2431C12} - System32\Tasks\temp\bk63a3-tmp\p1490191775 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {86C4059F-C3BC-475E-A12F-1EAF412D93DB} - System32\Tasks\microsoft-windows-photos_17 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {88EFF826-1604-4FB4-887F-C98354A4763D} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8A19E419-6941-4684-A1C0-33540B651DC2} - System32\Tasks\temp\bk6bb7 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8A5EA2B7-5804-4178-8921-7607BC6C5C62} - System32\Tasks\temp\bkfe4c-tmp\p1490190147 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8B630B2A-AF8D-4E35-A08D-98FD7ED082E1} - System32\Tasks\temp\bkabc4-tmp\p1490192056 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8BA41A6C-4DC1-43C9-96C6-AAE9C0B36D61} - System32\Tasks\Driver Booster SkipUAC (charl) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
Task: {8BEB3311-F671-4237-8E26-6B7E858A4225} - System32\Tasks\temp\bk2217-tmp\p1490190288 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {8E0E3DF8-E27C-425D-8D9B-C8FB2B97C548} - System32\Tasks\temp\bk3e88-tmp\p1490191962 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {94165E5E-A491-4A26-AB73-204657E2A945} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-22] (Google Inc.)
Task: {943927D1-580B-4EF9-BA96-CFDAE5BCB4F4} - System32\Tasks\temp\is-mqdf3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {95A0A632-D902-479B-AEDD-198D94DD17FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {983BBC00-E48D-474C-A760-4414BF2D0B75} - System32\Tasks\acrobat 11 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {9C313C26-68F7-400E-8C36-9F1C327A9808} - System32\Tasks\temp\bkd11d-tmp\p1490191868 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {9DAA0CA0-0E8E-4865-BFBA-2F3ABFBDBE32} - System32\Tasks\temp\~nsu-tmp\au_ => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {9F8E91FF-37EF-4832-90C0-CCFC5C90D8F1} - System32\Tasks\{cc892976-0919-4ba9-ab52-ae15d2127a12}\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {A3A58504-481A-4751-AAD5-D28F061A08A3} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015-10-19 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {A47EBE6A-8B6B-4DB2-98E8-7A5A205CA43A} - \ASUS Smart Gesture Launcher -> Pas de fichier <==== ATTENTION
Task: {A6BC2B6C-2503-479A-8296-AB7A61B7D5BA} - System32\Tasks\temp\bk8dc9-tmp\p1490189082 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {A6E8844A-ECAE-4B97-A30E-5081BF233455} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {A7620E9B-63C7-4DF5-A868-A6AE644B6805} - System32\Tasks\temp\bk63a3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {A7C75211-7288-42CF-9C6F-6EEDE4BE739F} - System32\Tasks\temp\is-jpbis => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {AAC73F93-BDCE-40B3-B5AF-6F3040AABE6E} - System32\Tasks\temp\bk97d3-tmp\p1490188756 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {AB0D70C8-505B-402F-836D-F29A5963695D} - System32\Tasks\temp\bk192f => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {ABA60EAF-C3D3-4360-A7C2-AF452B5E169D} - System32\Tasks\temp\is-sno66-tmp\setuphlp => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {B15F0AB5-FF63-49B5-B243-42BDC70526CC} - System32\Tasks\acrobat 11-0\acrobat\acrord32 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {B4B95B6C-2F68-4805-9AC8-EBEACDB06205} - System32\Tasks\intel(r) security assist\isa => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {B7658F90-3FCA-467C-B84C-E1AC938B3439} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-04] (Microsoft Corporation)
Task: {BCF4AE33-0AAA-46E3-B0BA-3151735CFFB6} - System32\Tasks\temp\bk232d-tmp\p1490188989 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {C250A3B2-4BE7-4156-BA1A-715B00ADBAF7} - System32\Tasks\temp\bk2a88-tmp\p1490188663 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {C6D6A1CF-11D0-4FD8-9EF8-F3C1B6260624} - System32\Tasks\temp\bk6d4a-tmp\p1490188942 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {C84E8AC4-EE62-4617-8D49-7DC1A01EB5BC} - System32\Tasks\acrobat 11-0\acrobat\acrobat => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {CB0F5456-FB45-4E91-A664-23A9001C3A3A} - System32\Tasks\temp\bkabc4 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {CB8BA516-7736-4103-9EE7-D7CDAF52E029} - System32\Tasks\microsoft-windowscommunicationsapps_17-6868-41201-0_x64__8wekyb3d8bbwe\hxtsr => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {CE3743C0-52FF-4B82-8AE7-D261BCCE83A5} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec -> Pas de fichier <==== ATTENTION
Task: {CED6EDC9-B5FA-47C8-A020-12AFFBCF2D16} - System32\Tasks\temp\bk637b-tmp\p1490192102 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D1E8B958-8EEF-4D7B-ABC2-1798A6B4785E} - System32\Tasks\temp\cr_30302-tmp\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D2824A23-818D-405B-9B6F-6B22960828F1} - System32\Tasks\temp\_iu14d2n => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {D285CCE2-E028-4A54-8EDD-72C90BAABF0B} - System32\Tasks\temp\bk270 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D3037314-FC0C-490E-AB0D-EE0C351E3738} - \ATK Package 36D18D69AFC3 -> Pas de fichier <==== ATTENTION
Task: {D3C60C28-5E69-4E59-85F4-2FB0B14DB758} - System32\Tasks\temp\bkf5bb-tmp\p1490191681 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D5468651-66A8-4F8C-87BC-12E137F45109} - System32\Tasks\microsoft-windows-photos_16-511-8780-0_x64__8wekyb3d8bbwe\microsoft => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {D68321B1-AC77-46A0-A94C-3E30C44FC252} - System32\Tasks\acrobat 11-0\acrobat\acrotray => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {D82D3F2C-BD7C-4A62-9EDD-8464E4AF7B23} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D9638974-9DCA-42F2-9AD0-53B6938725A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {DBB16FCB-8CBA-436D-A855-69C58A747D52} - System32\Tasks\temp\is-jpbis-tmp\zhpfix_2015-10-19-9 => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {DC3F4725-7645-479D-8B83-A8A994CDE06C} - System32\Tasks\temp\bkd873 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {DC5E873A-3ADB-486E-A852-0EACA8E354DF} - System32\Tasks\temp\bk637b => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E2C9954C-6EFB-4C1E-B048-855A197F5AF4} - System32\Tasks\temp\bkcf8e => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E494F048-45FA-4D77-B352-8B7572DF17E3} - System32\Tasks\microsoft-windowscommunicationsapps_17-8016-42007-0_x64__8wekyb3d8bbwe\hxtsr => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {E55A70F7-599A-4F21-8E2A-722BE8BABA4D} - System32\Tasks\temp\bk97d3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E6439281-F049-464C-A3FA-A03474AF0904} - System32\Tasks\temp\cr_1a8d0-tmp\setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E7DCCE60-BB60-42C1-BC7C-83BF842BB848} - System32\Tasks\temp\bk270-tmp\p1490188849 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {E8B97B42-1026-4AAE-AC98-D34F2DD8CA36} - System32\Tasks\temp\bk8f99 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {EBB77723-5DF2-4C78-BBE8-BC27C514D014} - System32\Tasks\temp\bk4d29-tmp\p1490188803 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {EC4E1446-00D0-47E5-A3CF-05581ED45FEC} - System32\Tasks\microsoft-windows-photos_17-214-10010-0_x64__8wekyb3d8bbwe\microsoft => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {ECA8D33A-C0CE-4813-8D33-F1D2DEF06C82} - System32\Tasks\temp\bkfe4c => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {F06DEBA1-1D39-4E7E-AB88-D74B4FFB9CC1} - System32\Tasks\intel(r) management engine components\lms\lms => Rundll32.exe "C:\ProgramData\80N250N974t276\80N250N974t276.dll",NtXRaygyUIG
Task: {F4B1E7B9-1CD9-485A-B55B-F77E46B0D5EF} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F821A0CA-EB6D-433E-8B64-5B708849783B} - System32\Tasks\acrobat 11-0\acrobat\acrobat-exe => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {F99650D9-A007-4A62-8296-49C2D0D5B9E6} - \ATK Package A22126881260 -> Pas de fichier <==== ATTENTION
Task: {FA094F47-0BD2-4005-8928-E62DF5BDBB77} - System32\Tasks\temp\bkd86f-tmp\p1490190007 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {FB1C46CA-2905-4690-B39F-B593F9A149A1} - System32\Tasks\driver booster\4-3-0\autoupdate => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {FC801134-C0F3-4187-8D7E-17E5BBA98F09} - System32\Tasks\temp\is-v9be4-tmp\driver_booster_setup => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
Task: {FEEA539F-C13E-4FCF-A392-132AC0F35E0D} - System32\Tasks\driver booster\4-3 => Rundll32.exe "C:\ProgramData\557H68H396u212\557H68H396u212.dll",HuUyRasYbnDA
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\microsoft.job => rundll32.exe C:\ProgramData\557H68H396u212\557H68H396u212.dll
==================== Raccourcis =============================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
Shortcut: C:\Users\charl\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Boxfat\Application\chrome.exe (Google Inc.)
==================== Modules chargés (Avec liste blanche) ==============
2015-05-19 09:11 - 2015-05-19 09:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2017-03-22 16:24 - 2014-03-22 16:07 - 03095040 _____ () C:\ProgramData\80N250N974t276\80N250N974t276.dll
2017-03-22 17:22 - 2017-03-22 17:22 - 00214016 _____ () C:\WINDOWS\TEMP\g2932.tmp.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-14 21:17 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-21 09:01 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-14 21:17 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-14 21:17 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-19 10:16 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:17 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 21:17 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-14 21:17 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-14 21:18 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-22 08:18 - 2017-03-22 08:19 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-22 08:18 - 2017-03-22 08:19 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-22 08:18 - 2017-03-22 08:19 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-22 08:18 - 2017-03-22 08:19 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-14 21:17 - 2017-03-04 07:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-03-22 08:14 - 2017-03-22 08:15 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.79.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-07-22 00:18 - 2015-07-22 00:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-22 14:26 - 2017-03-22 03:23 - 00106496 _____ () c:\programdata\microsoft\phone tools\corecon\12.0\addons\sdkfilesver.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-02 18:01 - 2015-12-02 18:01 - 00029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-07-30 22:56 - 2015-06-24 12:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-27 09:55 - 2017-02-27 09:55 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\fr_fr\acrotray.fra
==================== Alternate Data Streams (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Mode sans échec (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé.)
==================== Internet Explorer sites de confiance/sensibles ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre.)
==================== Hosts contenu: ==========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2015-10-30 08:24 - 2017-03-21 13:00 - 00001123 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 cpm.paneladmin.pro
127.0.0.1 publisher.hmdiadmingate.xyz
127.0.0.1 distribution.hmdiadmingate.xyz
127.0.0.1 hmdicrewtracksystem.xyz
127.0.0.1 linkmate.space
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 doctorlink.space
127.0.0.1 beautifllink.xyz
==================== Autres zones ============================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-602083953-162087395-171390333-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\charl\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Le Pare-feu est activé.
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
==================== RèglesPare-feu (Avec liste blanche) ===============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A4CC9C89-EB1B-4B31-A040-5DF7B4C67AE1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{64D2FD06-9545-48F5-8CB5-75604F903614}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C6A626A3-B005-4C48-9B7A-955B71A0CE6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B7731310-6106-49F2-9823-DCC6A42219EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C7EF7362-B51F-41CB-ADC2-66D8C979945B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{994CDFAD-C561-483D-A01A-ED9EC0CA1C4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B96F1212-9165-4725-81AF-191E667DEAE6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C00F62B3-38D2-4A7D-9D7A-D923C3C15FF4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [TCP Query User{797D9CE6-ED39-417D-B40F-B7F055428301}C:\program files (x86)\archicad 15\archicad.exe] => (Allow) C:\program files (x86)\archicad 15\archicad.exe
FirewallRules: [UDP Query User{23276E73-298B-42DF-A6BE-4799472B7ADF}C:\program files (x86)\archicad 15\archicad.exe] => (Allow) C:\program files (x86)\archicad 15\archicad.exe
FirewallRules: [TCP Query User{2CB27390-4482-4E1F-9FB3-9C14A340AF80}C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{32C3DDD0-F229-4B0D-8E40-8343DE32EDEA}C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files (x86)\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [{DA097057-9EE0-4CD6-A887-E4B8B74BDE15}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{66AD4CBB-52A7-4F34-AFFB-A94406930C03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{A2F67983-A833-4042-97B6-8118B826222B}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [UDP Query User{BDF03199-7A69-4C10-8D47-F1248AC3F389}C:\program files\sketchup\sketchup 2015\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2015\sketchup.exe
FirewallRules: [TCP Query User{78CD2B48-8EA5-4063-A2F8-AB9474BD8C89}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{D110DFBB-34DB-4EF1-8A4C-22EA25BEAC6E}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [{9DA7EA7D-0B1A-4F7B-B695-C91664D86B4E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FF84FF02-7A65-43D8-A905-9B45EAC0F4D8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1FD50295-0DB4-4F5C-9315-AE0851650D9E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{ECDC3AB7-14A8-4C43-8230-F7313C959183}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0CFE9AB0-AAE8-4DEF-9725-02ABC17EF904}] => (Allow) C:\Program Files (x86)\Boxfat\Application\chrome.exe
FirewallRules: [{C23AF968-BD2D-45D3-9BC5-B5120DC91D1E}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{337BCA65-1254-4EEE-974D-352AAA90468E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{29F34ABA-F87C-4725-9A26-75DAFABD74E0}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Points de restauration =========================
22-03-2017 11:13:32 Windows Update
==================== Éléments en erreur du Gestionnaire de périphériques =============
==================== Erreurs du Journal des événements: =========================
Erreurs Application:
==================
Error: (03/22/2017 07:47:22 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (03/22/2017 05:34:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-FG6J3T9)
Description: Échec de l’activation de l’application Microsoft.WindowsStore_8wekyb3d8bbwe!App avec l’erreur : -2144927141 Pour plus d’informations, voir le journal Microsoft-Windows-TWinUI/Opérationnel.
Error: (03/22/2017 05:21:09 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (03/22/2017 04:50:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (03/22/2017 04:33:36 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest ». Erreur dans le fichier de manifeste ou de stratégie « C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL » à la ligne 1.
L’identité de composant trouvé dans le manifeste ne correspond pas à celle du composant demandé.
La référence est UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La définition est UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Utilisez sxstrace.exe pour un diagnostic détaillé.
Error: (03/22/2017 04:30:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante ctfmon.exe, version : 10.0.14393.0, horodatage : 0x57899148
Nom du module défaillant : InputService.dll, version : 10.0.14393.953, horodatage : 0x58ba5875
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00057f66
ID du processus défaillant : 0x228c
Heure de début de l’application défaillante : 0x01d2a31750448690
Chemin d’accès de l’application défaillante : C:\WINDOWS\SysWOW64\ctfmon.exe
Chemin d’accès du module défaillant: C:\WINDOWS\system32\InputService.dll
ID de rapport : f22714a0-8c7d-41a6-912f-197a0b83f123
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (03/22/2017 04:29:45 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-602083953-162087395-171390333-1001}/">.
Error: (03/22/2017 04:29:39 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Le service de recherche Windows n’a pas pu traiter la liste des emplacements inclus et exclus à cause de l’erreur <30, 0x80040d07, "iehistory://{S-1-5-21-602083953-162087395-171390333-1001}/">.
Error: (03/22/2017 04:25:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Le programme ZHPCleaner.exe version 2017.3.22.49 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance.
ID de processus : 18f0
Heure de début : 01d2a3205356bbcf
Heure de fin : 4294967295
Chemin d'accès de l'application : C:\Users\charl\ZHPCleaner.exe
ID de rapport : ce7d238a-0f13-11e7-8946-a402b9a5e05f
Nom complet du package défaillant :
ID de l'application relative au package défaillant :
Error: (03/22/2017 04:19:04 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR
DPTF Build Version: 8.1.10600.150
DPTF Build Date: Jun 26 2015 11:46:12
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Erreurs système:
=============
Error: (03/22/2017 07:48:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 07:48:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 07:48:19 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:34:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FG6J3T9)
Description: Le serveur App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca ne s’est pas enregistré sur DCOM avant la fin du temps imparti.
Error: (03/22/2017 05:34:48 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
et l’APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:42 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID AUTORITE NT\SERVICE LOCAL de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
Error: (03/22/2017 05:22:41 PM) (Source: DCOM) (EventID: 10016) (User: AUTORITE NT)
Description: Les paramètres d’autorisation propres à l’application n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
et l’APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
au SID AUTORITE NT\Système de l’utilisateur (S-1-5-18) depuis l’adresse LocalHost (avec LRPC) s’exécutant dans le SID Non disponible du conteneur d’applications (Non disponible). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.
CodeIntegrity:
===================================
Date: 2017-03-22 19:50:45.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 19:50:45.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiostorageadapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 19:50:45.164
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 19:50:45.161
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.863
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\ydurhhgvherrkbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.823
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\ydurhhgvherrkbr.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.791
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\fisvrkkvdhysxz.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.758
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\fisvrkkvdhysxz.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.725
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\npcrjgzofzxyddt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-03-22 15:19:45.693
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\charl\AppData\Local\Temp\bkAE7B.tmp\npcrjgzofzxyddt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Infos Mémoire ===========================
Processeur: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
Pourcentage de mémoire utilisée: 24%
Mémoire physique - RAM - totale: 8090.88 MB
Mémoire physique - RAM - disponible: 6082.16 MB
Mémoire virtuelle totale: 10010.88 MB
Mémoire virtuelle disponible: 8069.59 MB
==================== Lecteurs ================================
Drive c: (OS) (Fixed) (Total:237.72 GB) (Free:167.75 GB) NTFS ==>[système avec composants d'amorçage (obtenu depuis lecteur)]
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:910 GB) NTFS
==================== MBR & Table des partitions ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6348169D)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 4844FE47)
Partition: GPT.
==================== Fin de Addition.txt ============================