Assistant de notification : est ce que votre ordi marche lente ?

Fermé

Windows 10

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 - 17 avril 2015 à 20:07
lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 - 17 avril 2015 à 21:30

Bonsoir,

Comme beaucoup sur le forum j'ai un problème avec mon ordinateur portable qui est ralentit par un virus(?). En plus du ralentissement un message apparaît en bas a droite de l'écran environ toutes les 15mn affichant un numéro de téléphone, l'icone Skype et le message " est ce que votre ordinateur marche trop lente ? "

J'ai lu les forums et j'ai essayé Malawerbytes (que j'utilise souvent )qui n'a pas fonctionné, un scan minutieux d' Avast qui n'a rien trouvé et plusieurs "nettoyages" avec Ccleaner et Glary Utilities. Rien à faire.

J'ai trouvé comme solution des logiciels de diagnostic mais je n'arrive pas a les maîtriser.

Quelqu'un pour m'aider ?

Merci d'avance

Valentin

A voir également:

Cafadebug
Notification snapchat mais pas de message - Forum Snapchat
Activer notification visite profil facebook - Guide
Une notification snapchat qui ne veut pas partir ✓ - Forum Snapchat
Logitech download assistant ✓ - Forum Windows 10
J'aime par erreur facebook notification - Forum Facebook

4 réponses

Réponse 1 / 4

lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 806
17 avril 2015 à 20:09

▶ Télécharge ici : FRST (de Farbar)
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.

▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.

▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.

▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.

Les rapport se trouvent ici : C:\FRST\Logs

▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 20:18

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2015 04
Ran by Valentin at 2015-04-17 20:15:04
Running from C:\Users\Valentin\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Archiveur WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Energy Management (x32 Version: 8.0.2.14 - Lenovo) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version: - Boneloaf)
Glary Utilities 4.6 (HKLM-x32\...\Glary Utilities 4) (Version: 4.6.0.90 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Guide de l'utilisateur (x32 Version: 1.0.0.17 - Lenovo) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Killing Floor (HKLM-x32\...\Killing Floor_is1) (Version: Killing Floor v.1050 - compiled by testncrash)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Media Preview (HKLM\...\{B1EAEDC4-9415-4A9B-A0A2-282B168C7D7C}) (Version: 1.3.1.343 - BabelSoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
OEM Application Profile (x32 Version: 1.00.0000 - Nom de votre société) Hidden
Package de pilotes Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Package de pilotes Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Popcorn Time (HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\...\Popcorn Time) (Version: - Popcorn Official)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Skype(TM) 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

13-04-2015 19:33:11 Windows Update
16-04-2015 20:26:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {064BF89A-3628-4636-90B7-FAB9EC70D398} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-09] (Lenovo)
Task: {0A1F8EB2-42A6-4D04-B11D-EC09C381C275} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe
Task: {1D41F1B2-AE52-448B-AEEA-5551FECAF44A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
Task: {2894DC90-B231-40FD-A4B5-0FDEDC7A4C18} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {3D07C9DB-6EBB-4822-9DAA-83F746698273} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {6B0547D6-2546-40D7-8349-EAA857487542} - System32\Tasks\suprize_updating_service => C:\Program Files (x86)\suprize\suprize_updating_service.exe [2015-04-02] () <==== ATTENTION
Task: {7BB1F172-5E97-48B8-889D-52AB23E41B4D} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {7CE35D55-90AB-432F-8FA6-B4ACA4D7F49F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {9C67C03E-9D5B-4AD7-A1CD-A2B803D8537C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {9E39C75F-A6F5-4162-A812-5A0D3782E270} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {B2A529DF-E53F-4F6F-83D9-E6DE0C570B25} - System32\Tasks\{E61A546F-1D53-4B31-B13E-2669AE66D2DF} => Chrome.exe http://ui.skype.com/ui/0/6.16.73.105.456/fr/abandoninstall?page=tsBing
Task: {B66A321F-F82C-4E58-9691-07FDC2EE8355} - System32\Tasks\suprize_notification_service => C:\Program Files (x86)\suprize\suprize_notification_service.exe [2015-04-02] (FileProperties_CompanyName) <==== ATTENTION
Task: {C49AAB3C-EE17-4E0B-9A7C-2246C249DE9C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {CB7BF675-D326-4586-901C-0EE3ACE27C2E} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {E4432E3E-1BD1-4D51-B916-9B9A1E89C729} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {E77DA74F-879C-46DE-8760-1679964055F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\suprize_notification_service.job => C:\Program Files (x86)\suprize\suprize_notification_service.exeã/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='suprize' /appid='73143' /srcid='2913' /bic='936e234db0b39238a67a3940dd9469cf' /verifier='b4beae0f998ac2ff3cb4a1502f3f5349' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\WINDOWS\Tasks\suprize_updating_service.job => C:\Program Files (x86)\suprize\suprize_updating_service.exe¨ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=suprize_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2013-12-17 03:03 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-03-01 18:57 - 2012-11-20 00:44 - 00786432 _____ () C:\Program Files (x86)\Gaming Mouse\DareUMonitor.exe
2014-11-22 02:03 - 2014-11-22 02:03 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2014-08-06 18:37 - 2014-08-06 18:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-04-17 13:47 - 2015-04-17 13:47 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15041700\algo.dll
2014-03-01 18:57 - 2012-08-13 13:01 - 00057344 _____ () C:\Program Files (x86)\Gaming Mouse\lan.dll
2014-03-01 18:57 - 2012-04-19 18:15 - 00061440 _____ () C:\Program Files (x86)\Gaming Mouse\hiddriver.dll
2014-08-06 18:37 - 2014-08-06 18:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-17 02:43 - 2013-08-08 23:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-15 18:58 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 18:58 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Valentin\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Valentin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img5.jpg
DNS Servers: 212.27.40.240 - 212.27.40.241

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run32: => "RtsFT"

==================== Accounts: =============================

Administrateur (S-1-5-21-1168376273-1215870054-2859435503-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1168376273-1215870054-2859435503-1003 - Limited - Enabled)
Invité (S-1-5-21-1168376273-1215870054-2859435503-501 - Limited - Disabled)
Valentin (S-1-5-21-1168376273-1215870054-2859435503-1001 - Administrator - Enabled) => C:\Users\Valentin

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 42%
Total physical RAM: 3993.77 MB
Available physical RAM: 2290.46 MB
Total Pagefile: 16281.77 MB
Available Pagefile: 14384.77 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:426.65 GB) (Free:306.08 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A69EC710)

Partition: GPT Partition Type.

==================== End Of Log ============================

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 20:19

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-04-2015 04
Ran by Valentin (administrator) on LENOVO-PC-VAL on 17-04-2015 20:14:23
Running from C:\Users\Valentin\Downloads
Loaded Profiles: Valentin (Available profiles: Valentin)
Platform: Windows 8.1 (X64) OS Language: Français (France)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(FileProperties_CompanyName) C:\Program Files (x86)\suprize\suprize_notification_service.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
() C:\Program Files (x86)\Gaming Mouse\DareUMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(FileProperties_CompanyName) C:\Program Files (x86)\suprize\suprize_notification_service.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2013-12-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-12-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Lenovo Input Device Main Program] => C:\Program Files\Lenovo\Lenovo Ultraslim Plus Wireless Keyboard & Mouse\Pelico.exe
HKLM-x32\...\Run: [Dare-U mouse] => C:\Program Files (x86)\Gaming Mouse\DareUMonitor.exe [786432 2012-11-20] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.lenovo.com/fr/fr/
HKU\S-1-5-21-1168376273-1215870054-2859435503-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1168376273-1215870054-2859435503-1001 -> URL http://search.conduit.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPCFA81A8B-9F01-42B4-805C-66FA28291F73&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1168376273-1215870054-2859435503-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06] (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-06] (AVAST Software)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin HKU\S-1-5-21-1168376273-1215870054-2859435503-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Lenovo\LenovoAppShop\bin\npAppUp_x64.dll No File
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-03]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-14]
CHR Extension: (Google Docs) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-14]
CHR Extension: (Google Drive) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-14]
CHR Extension: (YouTube) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-14]
CHR Extension: (Adblock Plus) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-14]
CHR Extension: (Google Search) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-14]
CHR Extension: (Google Sheets) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-14]
CHR Extension: (Bookmark Manager) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-14]
CHR Extension: (Google Wallet) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-14]
CHR Extension: (Gmail) - C:\Users\Valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-07-15] (Qualcomm Atheros Communications, Inc.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-02-12] (Glarysoft Ltd)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-13] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-17 20:14 - 2015-04-17 20:14 - 02097664 _____ (Farbar) C:\Users\Valentin\Downloads\FRST64.exe
2015-04-17 20:14 - 2015-04-17 20:14 - 00016893 _____ () C:\Users\Valentin\Downloads\FRST.txt
2015-04-17 19:22 - 2015-04-17 19:22 - 00000149 _____ () C:\WINDOWS\setupact.log
2015-04-17 19:22 - 2015-04-17 19:22 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-17 19:08 - 2015-04-17 19:08 - 02217984 _____ () C:\Users\Valentin\Downloads\adwcleaner_4.201.exe
2015-04-15 18:27 - 2015-04-15 18:27 - 00001069 _____ () C:\Users\Valentin\Desktop\Killing Floor.lnk
2015-04-15 18:27 - 2015-04-15 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killing Floor
2015-04-15 18:21 - 2015-04-17 00:06 - 00000000 ____D () C:\Program Files (x86)\Killing Floor
2015-04-15 18:19 - 2015-04-15 18:20 - 00000000 ____D () C:\Users\Valentin\Desktop\kf_novgames_1050
2015-04-14 16:18 - 2015-04-14 16:18 - 00003262 _____ () C:\WINDOWS\System32\Tasks\Trojan Killer
2015-04-14 16:16 - 2015-04-14 16:17 - 68183480 _____ (GridinSoft LLC) C:\Users\Valentin\Downloads\gtk-2.2.7.0-setup.exe
2015-04-13 23:54 - 2015-04-17 19:39 - 01280267 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-07 11:35 - 2015-04-17 15:22 - 00000000 ____D () C:\SWTOOLS
2015-04-07 11:35 - 2015-04-07 11:35 - 02475920 _____ (Lenovo Group Limited ) C:\Users\Valentin\Downloads\e7kyb03us17.exe
2015-04-06 21:27 - 2015-04-14 16:37 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\TS3Client
2015-04-06 21:27 - 2015-04-06 21:27 - 00001189 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-04-06 21:27 - 2015-04-06 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-04-06 21:27 - 2015-04-06 21:27 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2015-04-06 21:25 - 2015-04-06 21:26 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Valentin\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2015-04-03 11:28 - 2015-04-03 11:54 - 00000000 ____D () C:\ProgramData\HappyCloud
2015-04-03 11:28 - 2015-04-03 11:28 - 10458976 _____ () C:\Users\Valentin\Downloads\TERA-Setup-HC.exe
2015-04-02 16:50 - 2015-04-17 19:12 - 00000004 _____ () C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-02 15:50 - 2015-04-17 19:50 - 00001330 _____ () C:\WINDOWS\Tasks\suprize_notification_service.job
2015-04-02 15:50 - 2015-04-17 19:12 - 00000692 _____ () C:\WINDOWS\Tasks\suprize_updating_service.job
2015-04-02 15:50 - 2015-04-02 15:50 - 00004344 _____ () C:\WINDOWS\System32\Tasks\suprize_notification_service
2015-04-02 15:50 - 2015-04-02 15:50 - 00003706 _____ () C:\WINDOWS\System32\Tasks\suprize_updating_service
2015-04-02 15:50 - 2015-04-02 15:50 - 00000000 ____D () C:\Program Files (x86)\suprize
2015-03-31 21:18 - 2015-03-31 21:18 - 00090882 _____ () C:\Users\Valentin\Downloads\install_flashplayer16x32ax_ver.2.0031.sd_update.vbs
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Valentin\AppData\Roaming\bMabji9vCfoNY
2015-03-31 10:14 - 2015-03-31 10:14 - 00005655 _____ () C:\Users\Valentin\AppData\Roaming\17Yqgz1y3YA4r
2015-03-27 17:13 - 2015-03-27 17:13 - 00000000 ____D () C:\Users\Valentin\AppData\Local\Lenovo
2015-03-27 07:50 - 2015-03-27 07:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2015-03-21 13:51 - 2015-03-21 13:52 - 00000000 ____D () C:\Users\Valentin\Documents\Heroes of the Storm
2015-03-21 13:49 - 2015-03-21 13:49 - 00001222 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-03-21 13:49 - 2015-03-21 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-03-21 13:36 - 2015-04-16 00:20 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2015-03-19 13:39 - 2015-04-13 20:07 - 00000000 ____D () C:\Users\Valentin\Desktop\Géo

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-17 20:14 - 2014-03-26 11:24 - 00000000 ____D () C:\FRST
2015-04-17 20:13 - 2014-03-02 23:57 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\ClassicShell
2015-04-17 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-17 19:33 - 2014-03-03 11:02 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1168376273-1215870054-2859435503-1001
2015-04-17 19:32 - 2014-04-03 11:01 - 00001104 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-17 19:23 - 2014-03-02 23:50 - 02482688 ___SH () C:\Users\Valentin\Desktop\Thumbs.db
2015-04-17 19:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-17 19:22 - 2014-03-26 11:55 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-17 19:12 - 2014-04-03 11:01 - 00001100 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-17 19:12 - 2014-02-26 16:54 - 00000000 __RDO () C:\Users\Valentin\SkyDrive
2015-04-17 19:11 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-17 19:11 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-17 19:10 - 2014-03-26 11:45 - 00000000 ____D () C:\AdwCleaner
2015-04-17 19:10 - 2014-02-27 18:04 - 23123276 _____ () C:\Users\Public\CAFADEBUG.log
2015-04-17 18:12 - 2013-08-22 17:20 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-17 15:03 - 2014-05-14 20:21 - 01302016 ___SH () C:\Users\Valentin\Downloads\Thumbs.db
2015-04-16 00:55 - 2014-04-27 18:11 - 00000000 ____D () C:\Users\Valentin\AppData\Local\Battle.net
2015-04-16 00:20 - 2014-04-27 18:19 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-15 19:24 - 2014-03-25 21:54 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\Skype
2015-04-15 16:13 - 2013-12-17 03:13 - 00813388 _____ () C:\WINDOWS\system32\perfh00C.dat
2015-04-15 16:13 - 2013-12-17 03:13 - 00159948 _____ () C:\WINDOWS\system32\perfc00C.dat
2015-04-15 16:13 - 2013-08-28 10:36 - 01827432 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-15 16:03 - 2014-03-02 20:31 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-15 15:12 - 2014-03-02 20:31 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-15 14:20 - 2015-02-20 23:54 - 00000000 ____D () C:\Users\Valentin\AppData\Local\Popcorn-Time
2015-04-15 13:22 - 2014-03-03 00:24 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\vlc
2015-04-14 16:37 - 2014-05-20 23:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-14 01:24 - 2013-08-22 17:38 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 00:22 - 2014-04-27 18:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-04-13 21:54 - 2014-03-03 00:14 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
2015-04-13 20:07 - 2014-03-03 00:13 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2015-04-10 15:55 - 2014-12-14 23:05 - 00000000 ____D () C:\Users\Valentin\Downloads\Gameforge Live
2015-04-09 11:26 - 2013-12-17 02:56 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-04-09 11:21 - 2015-02-05 11:28 - 00000000 ____D () C:\Users\Valentin\Desktop\Exposés autres 2015
2015-04-09 11:19 - 2013-12-17 03:07 - 00020992 _____ () C:\WINDOWS\system32\VfService.trf
2015-04-09 11:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-09 11:00 - 2015-02-08 17:16 - 00000000 ____D () C:\Program Files (x86)\Mumble
2015-04-07 21:58 - 2014-02-26 16:47 - 00000000 ____D () C:\Users\Valentin
2015-04-07 11:35 - 2013-12-17 03:03 - 00000000 ____D () C:\Program Files\Lenovo
2015-04-01 12:45 - 2015-02-08 17:17 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\Mumble
2015-03-27 07:50 - 2014-03-01 18:36 - 00000000 ____D () C:\Users\Valentin\AppData\Roaming\LSC
2015-03-27 07:43 - 2014-03-03 20:29 - 00000000 ___RD () C:\Users\Valentin\Desktop\Maintenance
2015-03-27 07:42 - 2014-03-01 18:36 - 00000000 ____D () C:\Users\Valentin\AppData\Local\LSC
2015-03-27 07:42 - 2013-12-17 03:03 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-03-27 07:42 - 2013-12-17 02:56 - 00000000 ____D () C:\ProgramData\Lenovo
2015-03-26 20:37 - 2013-12-17 03:03 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2015-03-21 13:51 - 2014-04-27 18:11 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-19 13:29 - 2014-03-25 18:16 - 00000000 ____D () C:\Users\Valentin\Desktop\Travaux fac

==================== Files in the root of some directories =======

2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Valentin\AppData\Roaming\17Yqgz1y3YA4r
2015-03-31 10:14 - 2015-03-31 10:14 - 0005655 _____ () C:\Users\Valentin\AppData\Roaming\bMabji9vCfoNY
2015-02-06 21:21 - 2015-04-13 22:17 - 0003650 _____ () C:\Users\Valentin\AppData\Roaming\SpeedRunnersLog.txt
2014-12-17 11:41 - 2014-12-17 11:42 - 0007602 _____ () C:\Users\Valentin\AppData\Local\resmon.resmoncfg
2013-12-17 02:43 - 2013-12-17 02:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Valentin\AppData\Local\Temp\Quarantine.exe
C:\Users\Valentin\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-14 17:09

==================== End Of Log ============================

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 20:20

https://www.cjoint.com/c/EDruHF7Rb9k

https://www.cjoint.com/c/EDruIeMylSI

J'ai fait ce qu'il fallait ?

Réponse 2 / 4

lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 806
Modifié par lilidurhone le 17/04/2015 à 20:29

Oui c'est bon je regarde

Désinstalles

Glary (sert à rien)
Trojan Killer

ZHPCleaner

Désactiver l'Anti-virus

Ton moteur de recherche va se fermer il faudra le réouvrir pour poster les rapports

téléchargement : https://nicolascoolman.eu

- Cet outil ne nécessite aucune installation, il est très rapide car basé sur l'éxécution de scripts.
- Clique droit sur le dossier téléchargé

- Clique sur Scanner :

- Savoir que tous les navigateurs ou onglets ouvert seront fermés et qu'il faudra les remettre

- En cas de présence d'un proxy, un message apparaît avec la question suivante
- Avez-vous installé ce proxy ? suivi de l'adresse IP du proxy
- Si vous n'avez pas installé de Proxy, cliquer sur "NON" pour accepter la réparation du proxy.

- En cas de présence d'un serveur inconnu, un message peut apparaître avec la question suivante
- Avez-vous installé ce serveur ? suivi du nom du serveur
- Si vous n'avez pas installé de serveur,, cliquer sur "NON" pour accepter la réparation

- Fournir le rapport

Si problème il y a il existe toujours une solution
~~~~~~ Cs ~~~~~~

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 20:42

~ ZHPCleaner v2015.4.17.171 by Nicolas Coolman (17/04/2015)
~ Run by Valentin (Administrator) (17/04/2015 20:37:19)
~ Forum : https://nicolascoolman.eu
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Valentin\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Valentin\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 81, 64-bit (Build 9600)

---\\ Service. (0)
~ Aucun élément malicieux trouvé.

---\\ Navigateur internet. (0)
~ Aucun élément malicieux trouvé.

---\\ Fichier hôte. (1)
~ Le fichier hôte est légitime. (21)

---\\ Tâche planifiée. (0)
~ Aucun élément malicieux trouvé.
---\\ Explorateur ( Dossiers, Fichiers ). (10)
TROUVÉ fichier: C:\WINDOWS\System32\Tasks\suprize_notification_service (Adware.CrossRider^)
TROUVÉ fichier: C:\WINDOWS\System32\Tasks\suprize_updating_service (Adware.CrossRider^)
TROUVÉ fichier: C:\Program Files (x86)\suprize\suprize_notification_service.exe [FileProperties_CompanyName - FileProperties_FileDescription] (Adware.CrossRider^)
TROUVÉ fichier: C:\Program Files (x86)\suprize\suprize_updating_service.exe (Adware.CrossRider^)
TROUVÉ fichier: C:\WINDOWS\Tasks\suprize_notification_service.job (Adware.CrossRider^)
TROUVÉ fichier: C:\WINDOWS\Tasks\suprize_updating_service.job (Adware.CrossRider^)
TROUVÉ dossier: C:\Program Files (x86)\suprize (Adware.CrossRider^)
TROUVÉ dossier: C:\Users\Valentin\AppData\LocalLow\3 Sprockets\FightTheDragon (Adware.Sambreel)
TROUVÉ dossier: C:\Users\Valentin\AppData\LocalLow\3 Sprockets (Adware.Sambreel)
TROUVÉ fichier: C:\WINDOWS\Prefetch\DISKCLEANER.EXE-E739F804.pf (Rogue.DiskCleaner)

---\\ Base de Registres ( Clés, Valeurs, Données ). (2)
TROUVÉ clé: HKCU\Software\suprize [] (Adware.CrossRider^)

---\\ Bilan de la réparation
~ Aucune réparation effectuée.
~ Ce navigateur est absent (Mozilla Firefox)
~ Ce navigateur est absent (Opera Software)

---\\ Statistiques
~ Items scannés : 73048
~ Items trouvés : 12
~ Items réparés : 0

End of clean at 20:41:22
===================
ZHPCleaner-[S]-17042015-20_41_22.txt

Réponse 3 / 4

lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 806
17 avril 2015 à 20:53

ok fais nettoyer

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 21:03

c'est fait, le message a repop mn après :/

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 21:03

2mn après*

Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015 1
17 avril 2015 à 21:13

j'ai relancé un scan et refait un nettoyage, le problème a l'air d'être résolu

lilidurhone Messages postés 43347 Date d'inscription lundi 25 avril 2011 Statut Contributeur sécurité Dernière intervention 31 octobre 2024 3 806 > Valdelsol38 Messages postés 34 Date d'inscription samedi 23 août 2008 Statut Membre Dernière intervention 17 avril 2015
17 avril 2015 à 21:30

tu peux me fournir le rapport

Discussions similaires

redémarrage pc bloque suite nettoyage adwcleaner

refaire le système de mon ordinateur

L'écran ne s'éteint plus en période d'inactivité

Autoriser l'execution d'une application

Quicken 2000

raccourci clavier pur dupliquer écran