Assistant de notification : est ce que votre ordi marche lente ?

Valdelsol38 Messages postés 38 Statut Membre -  
lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonsoir,

Comme beaucoup sur le forum j'ai un problème avec mon ordinateur portable qui est ralentit par un virus(?). En plus du ralentissement un message apparaît en bas a droite de l'écran environ toutes les 15mn affichant un numéro de téléphone, l'icone Skype et le message " est ce que votre ordinateur marche trop lente ? "

J'ai lu les forums et j'ai essayé Malawerbytes (que j'utilise souvent )qui n'a pas fonctionné, un scan minutieux d' Avast qui n'a rien trouvé et plusieurs "nettoyages" avec Ccleaner et Glary Utilities. Rien à faire.

J'ai trouvé comme solution des logiciels de diagnostic mais je n'arrive pas a les maîtriser.

Quelqu'un pour m'aider ?

Merci d'avance

Valentin

4 réponses

  1. lilidurhone Messages postés 800 Date d'inscription   Statut Contributeur sécurité Dernière intervention   3 818
     
    ▶ Télécharge ici : FRST (de Farbar)
    !!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
    Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

    ▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

    ▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

    ▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

    Les rapport se trouvent ici : C:\FRST\Logs

    ▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.
    0
    1. Valdelsol38 Messages postés 38 Statut Membre 1
       
      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04
      Ran by Valentin at 2015-04-17 20:15:04
      Running from C:\Users\Valentin\Downloads
      Boot Mode: Normal
      ==========================================================


      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

      ==================== Installed Programs ======================

      (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
      AMD Catalyst Install Manager (HKLM\...\{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
      Archiveur WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
      avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
      Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
      Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
      CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
      Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
      Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
      Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
      Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
      Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
      Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
      Gang Beasts (HKLM-x32\...\Steam App 285900) (Version: - Boneloaf)
      Glary Utilities 4.6 (HKLM-x32\...\Glary Utilities 4) (Version: 4.6.0.90 - Glarysoft Ltd)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
      Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
      Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
      Guide de l'utilisateur (x32 Version: 1.0.0.17 - Lenovo) Hidden
      Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
      Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
      Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
      Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
      Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
      Killing Floor (HKLM-x32\...\Killing Floor_is1) (Version: Killing Floor v.1050 - compiled by testncrash)
      League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
      League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
      Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
      Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
      Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
      Media Preview (HKLM\...\{B1EAEDC4-9415-4A9B-A0A2-282B168C7D7C}) (Version: 1.3.1.343 - BabelSoft)
      Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
      MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
      OEM Application Profile (x32 Version: 1.00.0000 - Nom de votre société) Hidden
      Package de pilotes Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
      Package de pilotes Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
      Popcorn Time (HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\...\Popcorn Time) (Version: - Popcorn Official)
      PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
      Skype(TM) 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
      SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
      Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
      Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
      TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
      TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
      Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
      VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

      ==================== Custom CLSID (selected items): ==========================

      (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


      ==================== Restore Points =========================

      13-04-2015 19:33:11 Windows Update
      16-04-2015 20:26:23 Windows Update

      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

      ==================== Scheduled Tasks (whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

      Task: {064BF89A-3628-4636-90B7-FAB9EC70D398} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-09] (Lenovo)
      Task: {0A1F8EB2-42A6-4D04-B11D-EC09C381C275} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
      Task: {1D41F1B2-AE52-448B-AEEA-5551FECAF44A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
      Task: {2894DC90-B231-40FD-A4B5-0FDEDC7A4C18} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
      Task: {3D07C9DB-6EBB-4822-9DAA-83F746698273} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
      Task: {6B0547D6-2546-40D7-8349-EAA857487542} - System32\Tasks\suprize_updating_service => C:\Program Files (x86)\suprize\suprize_updating_service.exe [2015-04-02] () <==== ATTENTION
      Task: {7BB1F172-5E97-48B8-889D-52AB23E41B4D} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
      Task: {7CE35D55-90AB-432F-8FA6-B4ACA4D7F49F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
      Task: {9C67C03E-9D5B-4AD7-A1CD-A2B803D8537C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
      Task: {9E39C75F-A6F5-4162-A812-5A0D3782E270} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
      Task: {B2A529DF-E53F-4F6F-83D9-E6DE0C570B25} - System32\Tasks\{E61A546F-1D53-4B31-B13E-2669AE66D2DF} => Chrome.exe http://ui.skype.com/ui/0/6.16.73.105.456/fr/abandoninstall?page=tsBing
      Task: {B66A321F-F82C-4E58-9691-07FDC2EE8355} - System32\Tasks\suprize_notification_service => C:\Program Files (x86)\suprize\suprize_notification_service.exe [2015-04-02] (FileProperties_CompanyName) <==== ATTENTION
      Task: {C49AAB3C-EE17-4E0B-9A7C-2246C249DE9C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
      Task: {CB7BF675-D326-4586-901C-0EE3ACE27C2E} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
      Task: {E4432E3E-1BD1-4D51-B916-9B9A1E89C729} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
      Task: {E77DA74F-879C-46DE-8760-1679964055F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
      Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      Task: C:\WINDOWS\Tasks\suprize_notification_service.job => C:\Program Files (x86)\suprize\suprize_notification_service.exeã/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='suprize' /appid='73143' /srcid='2913' /bic='936e234db0b39238a67a3940dd9469cf' /verifier='b4beae0f998ac2ff3cb4a1502f3f5349' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
      Task: C:\WINDOWS\Tasks\suprize_updating_service.job => C:\Program Files (x86)\suprize\suprize_updating_service.exe¨ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=suprize_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION

      ==================== Loaded Modules (whitelisted) ==============

      2013-12-17 03:03 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
      2014-03-01 18:57 - 2012-11-20 00:44 - 00786432 _____ () C:\Program Files (x86)\Gaming Mouse\DareUMonitor.exe
      2014-11-22 02:03 - 2014-11-22 02:03 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
      2014-08-06 18:37 - 2014-08-06 18:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
      2015-04-17 13:47 - 2015-04-17 13:47 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15041700\algo.dll
      2014-03-01 18:57 - 2012-08-13 13:01 - 00057344 _____ () C:\Program Files (x86)\Gaming Mouse\lan.dll
      2014-03-01 18:57 - 2012-04-19 18:15 - 00061440 _____ () C:\Program Files (x86)\Gaming Mouse\hiddriver.dll
      2014-08-06 18:37 - 2014-08-06 18:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
      2013-12-17 02:43 - 2013-08-08 23:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
      2015-04-15 18:58 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
      2015-04-15 18:58 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll

      ==================== Alternate Data Streams (whitelisted) =========

      (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

      AlternateDataStreams: C:\Windows:nlsPreferences
      AlternateDataStreams: C:\Users\Valentin\SkyDrive:ms-properties

      ==================== Safe Mode (whitelisted) ===================

      (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

      ==================== EXE Association (whitelisted) ===============

      (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Valentin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img5.jpg
      DNS Servers: 212.27.40.240 - 212.27.40.241

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      (Currently there is no automatic fix for this section.)

      HKLM\...\StartupApproved\Run: => "IgfxTray"
      HKLM\...\StartupApproved\Run: => "Persistence"
      HKLM\...\StartupApproved\Run32: => "RtsFT"

      ==================== Accounts: =============================

      Administrateur (S-1-5-21-1168376273-1215870054-2859435503-500 - Administrator - Disabled)
      HomeGroupUser$ (S-1-5-21-1168376273-1215870054-2859435503-1003 - Limited - Enabled)
      Invité (S-1-5-21-1168376273-1215870054-2859435503-501 - Limited - Disabled)
      Valentin (S-1-5-21-1168376273-1215870054-2859435503-1001 - Administrator - Enabled) => C:\Users\Valentin

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================

      System errors:
      =============

      Microsoft Office Sessions:
      =========================

      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
      Percentage of memory in use: 42%
      Total physical RAM: 3993.77 MB
      Available physical RAM: 2290.46 MB
      Total Pagefile: 16281.77 MB
      Available Pagefile: 14384.77 MB
      Total Virtual: 131072 MB
      Available Virtual: 131071.84 MB

      ==================== Drives ================================

      Drive c: (Windows8_OS) (Fixed) (Total:426.65 GB) (Free:306.08 GB) NTFS
      Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.48 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 465.8 GB) (Disk ID: A69EC710)

      Partition: GPT Partition Type.

      ==================== End Of Log ============================
      0
    2. Valdelsol38 Messages postés 38 Statut Membre 1
       
      Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
      Ran by Valentin (administrator) on LENOVO-PC-VAL on 17-04-2015 20:14:23
      Running from C:\Users\Valentin\Downloads
      Loaded Profiles: Valentin (Available profiles: Valentin)
      Platform: Windows 8.1 (X64) OS Language: Français (France)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
      (Microsoft Corporation) C:\Windows\System32\dasHost.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
      (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
      (FileProperties_CompanyName) C:\Program Files (x86)\suprize\suprize_notification_service.exe
      (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
      (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
      (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
      (Realtek semiconductor) C:\Windows\RTFTrack.exe
      (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
      (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
      () C:\Program Files (x86)\Gaming Mouse\DareUMonitor.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
      (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
      (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
      (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
      (Microsoft Corporation) C:\Windows\System32\rundll32.exe
      (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (FileProperties_CompanyName) C:\Program Files (x86)\suprize\suprize_notification_service.exe


      ==================== Registry (Whitelisted) ==================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
      HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-25] (Conexant Systems, Inc.)
      HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
      HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
      HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2013-12-17] (Lenovo (Beijing) Limited)
      HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-12-17] (Lenovo(beijing) Limited)
      HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
      HKLM\...\Run: [Lenovo Input Device Main Program] => C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\Pelico.exe
      HKLM-x32\...\Run: [Dare-U mouse] => C:\Program Files (x86)\Gaming Mouse\DareUMonitor.exe [786432 2012-11-20] ()
      HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
      Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
      HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
      ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
      ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
      ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
      BootExecute: autocheck autochk *

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
      HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
      HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.lenovo.com/fr/fr/
      HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?pc=UP97&ocid=UP97DHP
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-21-1168376273-1215870054-2859435503-1001 -> URL http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPCFA81A8B-9F01-42B4-805C-66FA28291F73&q={searchTerms}&SSPV=
      SearchScopes: HKU\S-1-5-21-1168376273-1215870054-2859435503-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
      BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06] (AVAST Software)
      BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
      BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-06] (AVAST Software)
      BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
      Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
      Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
      Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
      Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
      StartMenuInternet: IEXPLORE.EXE - iexplore.exe

      FireFox:
      ========
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
      FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
      FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
      FF Plugin HKU\S-1-5-21-1168376273-1215870054-2859435503-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
      FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
      FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-03]
      StartMenuInternet: FIREFOX.EXE - firefox.exe

      Chrome:
      =======
      CHR Profile: C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default
      CHR Extension: (Google Slides) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-14]
      CHR Extension: (Google Docs) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-14]
      CHR Extension: (Google Drive) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-14]
      CHR Extension: (YouTube) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-14]
      CHR Extension: (Adblock Plus) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-14]
      CHR Extension: (Google Search) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-14]
      CHR Extension: (Google Sheets) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-14]
      CHR Extension: (Bookmark Manager) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
      CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-14]
      CHR Extension: (Google Wallet) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-14]
      CHR Extension: (Gmail) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-14]

      ==================== Services (Whitelisted) =================

      (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
      R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
      R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
      S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
      S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
      R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

      ==================== Drivers (Whitelisted) ====================

      (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

      R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
      R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
      R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
      R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
      R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
      R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
      R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
      R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
      R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-07-15] (Qualcomm Atheros Communications, Inc.)
      R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-02-12] (Glarysoft Ltd)
      S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
      R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-17] (Malwarebytes Corporation)
      R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
      S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
      R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
      R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
      R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
      R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
      R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
      U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
      S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
      S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
      S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)

      ==================== NetSvcs (Whitelisted) ===================

      (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


      ==================== One Month Created Files and Folders ========

      (If an entry is included in the fixlist, the file\folder will be moved.)

      2015-04-17 20:14 - 2015-04-17 20:14 - 02097664 _____ (Farbar) C:\Users\Valentin\Downloads\FRST64.exe
      2015-04-17 20:14 - 2015-04-17 20:14 - 00016893 _____ () C:\Users\Valentin\Downloads\FRST.txt
      2015-04-17 19:22 - 2015-04-17 19:22 - 00000149 _____ () C:\WINDOWS\setupact.log
      2015-04-17 19:22 - 2015-04-17 19:22 - 00000000 _____ () C:\WINDOWS\setuperr.log
      2015-04-17 19:08 - 2015-04-17 19:08 - 02217984 _____ () C:\Users\Valentin\Downloads\adwcleaner_4.201.exe
      2015-04-15 18:27 - 2015-04-15 18:27 - 00001069 _____ () C:\Users\Valentin\Desktop\Killing Floor.lnk
      2015-04-15 18:27 - 2015-04-15 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killing Floor
      2015-04-15 18:21 - 2015-04-17 00:06 - 00000000 ____D () C:\Program Files (x86)\Killing Floor
      2015-04-15 18:19 - 2015-04-15 18:20 - 00000000 ____D () C:\Users\Valentin\Desktop\kf_novgames_1050
      2015-04-14 16:18 - 2015-04-14 16:18 - 00003262 _____ () C:\WINDOWS\System32\Tasks\Trojan Killer
      2015-04-14 16:16 - 2015-04-14 16:17 - 68183480 _____ (GridinSoft LLC) C:\Users\Valentin\Downloads\gtk-2.2.7.0-setup.exe
      2015-04-13 23:54 - 2015-04-17 19:39 - 01280267 _____ () C:\WINDOWS\WindowsUpdate.log
      2015-04-07 11:35 - 2015-04-17 15:22 - 00000000 ____D () C:\SWTOOLS
      2015-04-07 11:35 - 2015-04-07 11:35 - 02475920 _____ (Lenovo Group Limited ) C:\Users\Valentin\Downloads\e7kyb03us17.exe
      2015-04-06 21:27 - 2015-04-14 16:37 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\TS3Client
      2015-04-06 21:27 - 2015-04-06 21:27 - 00001189 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
      2015-04-06 21:27 - 2015-04-06 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
      2015-04-06 21:27 - 2015-04-06 21:27 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
      2015-04-06 21:25 - 2015-04-06 21:26 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Valentin\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
      2015-04-03 11:28 - 2015-04-03 11:54 - 00000000 ____D () C:\ProgramData\HappyCloud
      2015-04-03 11:28 - 2015-04-03 11:28 - 10458976 _____ () C:\Users\Valentin\Downloads\TERA-Setup-HC.exe
      2015-04-02 16:50 - 2015-04-17 19:12 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
      2015-04-02 15:50 - 2015-04-17 19:50 - 00001330 _____ () C:\WINDOWS\Tasks\suprize_notification_service.job
      2015-04-02 15:50 - 2015-04-17 19:12 - 00000692 _____ () C:\WINDOWS\Tasks\suprize_updating_service.job
      2015-04-02 15:50 - 2015-04-02 15:50 - 00004344 _____ () C:\WINDOWS\System32\Tasks\suprize_notification_service
      2015-04-02 15:50 - 2015-04-02 15:50 - 00003706 _____ () C:\WINDOWS\System32\Tasks\suprize_updating_service
      2015-04-02 15:50 - 2015-04-02 15:50 - 00000000 ____D () C:\Program Files (x86)\suprize
      2015-03-31 21:18 - 2015-03-31 21:18 - 00090882 _____ () C:\Users\Valentin\Downloads\install_flashplayer16x32ax_ver.2.0031.sd_update.vbs
      2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Valentin\AppData\Roaming\bMabji9vCfoNY
      2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Valentin\AppData\Roaming\17Yqgz1y3YA4r
      2015-03-27 17:13 - 2015-03-27 17:13 - 00000000 ____D () C:\Users\Valentin\AppData\Local\Lenovo
      2015-03-27 07:50 - 2015-03-27 07:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
      2015-03-21 13:51 - 2015-03-21 13:52 - 00000000 ____D () C:\Users\Valentin\Documents\Heroes of the Storm
      2015-03-21 13:49 - 2015-03-21 13:49 - 00001222 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
      2015-03-21 13:49 - 2015-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
      2015-03-21 13:36 - 2015-04-16 00:20 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
      2015-03-19 13:39 - 2015-04-13 20:07 - 00000000 ____D () C:\Users\Valentin\Desktop\Géo

      ==================== One Month Modified Files and Folders =======

      (If an entry is included in the fixlist, the file\folder will be moved.)

      2015-04-17 20:14 - 2014-03-26 11:24 - 00000000 ____D () C:\FRST
      2015-04-17 20:13 - 2014-03-02 23:57 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\ClassicShell
      2015-04-17 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
      2015-04-17 19:33 - 2014-03-03 11:02 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1168376273-1215870054-2859435503-1001
      2015-04-17 19:32 - 2014-04-03 11:01 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
      2015-04-17 19:23 - 2014-03-02 23:50 - 02482688 ___SH () C:\Users\Valentin\Desktop\Thumbs.db
      2015-04-17 19:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
      2015-04-17 19:22 - 2014-03-26 11:55 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
      2015-04-17 19:12 - 2014-04-03 11:01 - 00001100 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
      2015-04-17 19:12 - 2014-02-26 16:54 - 00000000 __RDO () C:\Users\Valentin\SkyDrive
      2015-04-17 19:11 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
      2015-04-17 19:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
      2015-04-17 19:10 - 2014-03-26 11:45 - 00000000 ____D () C:\AdwCleaner
      2015-04-17 19:10 - 2014-02-27 18:04 - 23123276 _____ () C:\Users\Public\CAFADEBUG.log
      2015-04-17 18:12 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
      2015-04-17 15:03 - 2014-05-14 20:21 - 01302016 ___SH () C:\Users\Valentin\Downloads\Thumbs.db
      2015-04-16 00:55 - 2014-04-27 18:11 - 00000000 ____D () C:\Users\Valentin\AppData\Local\Battle.net
      2015-04-16 00:20 - 2014-04-27 18:19 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
      2015-04-15 19:24 - 2014-03-25 21:54 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\Skype
      2015-04-15 16:13 - 2013-12-17 03:13 - 00813388 _____ () C:\WINDOWS\system32\perfh00C.dat
      2015-04-15 16:13 - 2013-12-17 03:13 - 00159948 _____ () C:\WINDOWS\system32\perfc00C.dat
      2015-04-15 16:13 - 2013-08-28 10:36 - 01827432 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
      2015-04-15 16:03 - 2014-03-02 20:31 - 00000000 ____D () C:\WINDOWS\system32\MRT
      2015-04-15 15:12 - 2014-03-02 20:31 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
      2015-04-15 14:20 - 2015-02-20 23:54 - 00000000 ____D () C:\Users\Valentin\AppData\Local\Popcorn-Time
      2015-04-15 13:22 - 2014-03-03 00:24 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\vlc
      2015-04-14 16:37 - 2014-05-20 23:33 - 00000000 ____D () C:\Program Files (x86)\Steam
      2015-04-14 01:24 - 2013-08-22 17:38 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
      2015-04-14 01:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
      2015-04-14 00:22 - 2014-04-27 18:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
      2015-04-13 21:54 - 2014-03-03 00:14 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
      2015-04-13 20:07 - 2014-03-03 00:13 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
      2015-04-10 15:55 - 2014-12-14 23:05 - 00000000 ____D () C:\Users\Valentin\Downloads\Gameforge Live
      2015-04-09 11:26 - 2013-12-17 02:56 - 00000000 ____D () C:\Program Files (x86)\Lenovo
      2015-04-09 11:21 - 2015-02-05 11:28 - 00000000 ____D () C:\Users\Valentin\Desktop\Exposés autres 2015
      2015-04-09 11:19 - 2013-12-17 03:07 - 00020992 _____ () C:\WINDOWS\system32\VfService.trf
      2015-04-09 11:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
      2015-04-09 11:00 - 2015-02-08 17:16 - 00000000 ____D () C:\Program Files (x86)\Mumble
      2015-04-07 21:58 - 2014-02-26 16:47 - 00000000 ____D () C:\Users\Valentin
      2015-04-07 11:35 - 2013-12-17 03:03 - 00000000 ____D () C:\Program Files\Lenovo
      2015-04-01 12:45 - 2015-02-08 17:17 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\Mumble
      2015-03-27 07:50 - 2014-03-01 18:36 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\LSC
      2015-03-27 07:43 - 2014-03-03 20:29 - 00000000 ___RD () C:\Users\Valentin\Desktop\Maintenance
      2015-03-27 07:42 - 2014-03-01 18:36 - 00000000 ____D () C:\Users\Valentin\AppData\Local\LSC
      2015-03-27 07:42 - 2013-12-17 03:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
      2015-03-27 07:42 - 2013-12-17 02:56 - 00000000 ____D () C:\ProgramData\Lenovo
      2015-03-26 20:37 - 2013-12-17 03:03 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
      2015-03-21 13:51 - 2014-04-27 18:11 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
      2015-03-19 13:29 - 2014-03-25 18:16 - 00000000 ____D () C:\Users\Valentin\Desktop\Travaux fac

      ==================== Files in the root of some directories =======

      2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Valentin\AppData\Roaming\17Yqgz1y3YA4r
      2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Valentin\AppData\Roaming\bMabji9vCfoNY
      2015-02-06 21:21 - 2015-04-13 22:17 - 0003650 _____ () C:\Users\Valentin\AppData\Roaming\SpeedRunnersLog.txt
      2014-12-17 11:41 - 2014-12-17 11:42 - 0007602 _____ () C:\Users\Valentin\AppData\Local\resmon.resmoncfg
      2013-12-17 02:43 - 2013-12-17 02:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

      Some content of TEMP:
      ====================
      C:\Users\Valentin\AppData\Local\Temp\Quarantine.exe
      C:\Users\Valentin\AppData\Local\Temp\sqlite3.dll


      ==================== Bamital & volsnap Check =================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\System32\winlogon.exe => File is digitally signed
      C:\Windows\System32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\System32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\System32\services.exe => File is digitally signed
      C:\Windows\System32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\System32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\System32\rpcss.dll => File is digitally signed
      C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


      LastRegBack: 2015-04-14 17:09

      ==================== End Of Log ============================
      0