Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017
Exécuté par pc (administrateur) sur LENOVO-PC (26-02-2017 21:55:00)
Exécuté depuis C:\Users\pc\Desktop
Profils chargés: pc &  (Profils disponibles: pc)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Windows\jmesoft\Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABFSWK.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(© 2015 Microsoft Corporation) C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Lenovo) C:\Windows\jmesoft\hotkey.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Farbar) C:\Users\pc\Desktop\FRST64(1).exe

==================== Registre (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\...\Run: [BingSvc] => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\...\Run: [BingSvc] => C:\Users\pc\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-15] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2015-04-25]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{bad61cde-98fd-4d8c-90b5-a17a953613e1}: [DhcpNameServer] 192.168.0.254

Internet Explorer:
==================
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxps://www.google.com/
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxps://www.google.com/
HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\47j56lgh.default [2017-02-26]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\47j56lgh.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\47j56lgh.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\47j56lgh.default -> hxxp://www.google.fr
FF Keyword.URL: Mozilla\Firefox\Profiles\47j56lgh.default -> hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Extension: (Bing Search) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\47j56lgh.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-15]
FF Extension: (AVG SafePrice) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\47j56lgh.default\Extensions\sp@avg.com.xpi [2016-11-14]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\47j56lgh.default\features\{b0d0e07d-20e6-4016-b3fc-f4dc9ae4f76f}\disableSHA1rollout@mozilla.org.xpi [2017-02-25]
FF SearchPlugin: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\47j56lgh.default\searchplugins\bing-.xml [2016-02-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [Pas de fichier]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-02-14] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2033088592-2200444845-2501453311-1002: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2033088592-2200444845-2501453311-1002: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2017-02-26]
CHR Extension: (Google Slides) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-25]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-25]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Google Cast) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-03-31]
CHR Extension: (Google Sheets) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-25]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
CHR HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2033088592-2200444845-2501453311-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2033088592-2200444845-2501453311-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02242017200416311\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-29] () [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [971160 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337600 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [Fichier non signé]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1662424 2014-02-19] ()
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2014-02-14] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Advanced Micro Devices, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-02-06] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2014-04-16] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-24] (Malwarebytes)
S3 MosIrUsb; C:\WINDOWS\system32\DRIVERS\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2017-02-13] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U2 agp440; pas de ImagePath
S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
U0 Compbatt; pas de ImagePath
U2 ERSvc; pas de ImagePath
U2 IAStorDataMgrsvc; pas de ImagePath
U2 NIHardwareService; pas de ImagePath
U2 NVSvc; pas de ImagePath
U2 Parvdm; pas de ImagePath
U2 srService; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-02-26 21:55 - 2017-02-26 21:55 - 00023579 _____ C:\Users\pc\Desktop\FRST.txt
2017-02-26 21:53 - 2017-02-26 21:52 - 02423296 _____ (Farbar) C:\Users\pc\Desktop\FRST64(1).exe
2017-02-24 19:35 - 2017-02-24 19:35 - 00015326 ____R C:\Users\pc\Desktop\Pre_Scan_24_02_2017_19_35_41.txt
2017-02-24 19:35 - 2017-02-24 19:35 - 00015326 ____R C:\Pre_Scan_24_02_2017_19_35_41.txt
2017-02-24 19:35 - 2017-02-24 19:35 - 00001072 _____ C:\Users\pc\Desktop\Internet Explorer.lnk
2017-02-24 18:53 - 2017-02-24 18:53 - 00000000 ____D C:\AdsFix
2017-02-24 18:50 - 2017-02-24 19:59 - 00000000 ____D C:\Pre_Scan
2017-02-24 18:50 - 2017-02-24 18:50 - 00001574 _____ C:\Users\pc\Desktop\Pre_Scan_Restore.lnk
2017-02-24 18:50 - 2017-02-24 18:50 - 00001238 _____ C:\Users\pc\Desktop\Pre_Scan_Donate.lnk
2017-02-24 18:49 - 2017-02-24 18:47 - 03489192 _____ (SosVirus) C:\Users\pc\Desktop\Pre_Scan.exe
2017-02-23 22:43 - 2017-02-23 22:43 - 00002509 _____ C:\Users\pc\Desktop\ZHPFixReport.txt
2017-02-23 22:41 - 2017-02-23 22:41 - 00001933 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2017-02-23 22:41 - 2017-02-23 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2017-02-23 22:41 - 2017-02-23 22:41 - 00000000 ____D C:\Program Files (x86)\ZHPFix
2017-02-23 22:40 - 2017-02-23 22:38 - 03521617 _____ (Nicolas Coolman ) C:\Users\pc\Desktop\ZHPFix.exe
2017-02-22 19:13 - 2017-02-22 19:13 - 00133184 _____ C:\Users\pc\Desktop\ZHPDiag.txt
2017-02-22 19:08 - 2017-02-22 19:08 - 00000873 _____ C:\Users\pc\Desktop\ZHPDiag.lnk
2017-02-22 19:06 - 2017-02-22 19:05 - 02699264 _____ C:\Users\pc\Desktop\ZHPDiag3.exe
2017-02-21 23:06 - 2017-02-23 22:43 - 00000000 ____D C:\Users\pc\AppData\Local\CrashDumps
2017-02-20 20:52 - 2017-02-20 20:52 - 00071872 _____ C:\Users\pc\Desktop\SFT.txt
2017-02-20 20:43 - 2017-02-20 20:43 - 01352704 _____ C:\Users\pc\Desktop\SFT.exe
2017-02-20 04:58 - 2017-02-12 20:50 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-19 15:31 - 2017-02-19 15:30 - 147877704 _____ C:\Users\pc\Desktop\6z6tdiw4.exe
2017-02-15 22:59 - 2017-02-19 23:35 - 00000000 ____D C:\Users\pc\Doctor Web
2017-02-15 22:56 - 2017-02-15 20:52 - 147719288 _____ C:\Users\pc\Desktop\9vbel2ns.exe
2017-02-13 22:07 - 2017-02-13 22:07 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-13 22:05 - 2017-02-13 22:05 - 00000910 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-02-13 22:05 - 2017-02-13 22:05 - 00000000 ____D C:\ProgramData\RogueKiller
2017-02-13 22:05 - 2017-02-13 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-02-13 22:05 - 2017-02-13 22:05 - 00000000 ____D C:\Program Files\RogueKiller
2017-02-13 19:59 - 2017-02-24 20:01 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-13 19:58 - 2017-02-24 20:04 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-13 19:58 - 2017-02-24 20:01 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-13 19:58 - 2017-02-24 20:01 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-13 19:58 - 2017-02-24 20:01 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-13 19:58 - 2017-02-13 19:58 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-13 19:58 - 2017-02-13 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-13 19:58 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-13 19:57 - 2017-02-13 19:57 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-12 20:26 - 2017-02-12 20:33 - 00000883 _____ C:\Users\pc\Desktop\ZHPCleaner.lnk
2017-02-12 19:43 - 2017-02-26 21:55 - 00000000 ____D C:\FRST
2017-02-12 19:42 - 2017-02-12 19:41 - 02421248 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2017-02-11 19:36 - 2017-02-11 19:36 - 00000000 ____D C:\koboExtStorage
2017-02-11 19:15 - 2017-02-11 19:15 - 00000000 ____D C:\Users\pc\AppData\Local\Kobo
2017-02-11 19:05 - 2017-02-11 19:05 - 00001047 _____ C:\Users\Public\Desktop\Kobo.lnk
2017-02-11 19:05 - 2017-02-11 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
2017-02-11 19:04 - 2017-02-11 19:05 - 00000000 ____D C:\Program Files (x86)\Kobo

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2017-02-26 21:54 - 2016-11-19 15:18 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2017-02-26 21:48 - 2016-09-30 02:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 17:41 - 2015-02-15 08:36 - 00000000 ____D C:\ProgramData\MFAData
2017-02-26 12:59 - 2016-09-30 02:46 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-02-26 02:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-25 07:00 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-24 20:07 - 2016-07-16 23:40 - 00786270 _____ C:\WINDOWS\system32\perfh00C.dat
2017-02-24 20:07 - 2016-07-16 23:40 - 00162148 _____ C:\WINDOWS\system32\perfc00C.dat
2017-02-24 20:07 - 2016-04-18 23:21 - 01975782 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-24 20:00 - 2016-09-30 02:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-24 20:00 - 2016-09-30 02:15 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-02-24 20:00 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-24 19:59 - 2016-09-30 02:18 - 00000000 ____D C:\Users\pc
2017-02-24 18:50 - 2014-11-21 15:39 - 04843012 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2017-02-24 17:41 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-23 22:43 - 2015-05-08 09:41 - 00000000 ____D C:\Users\pc\AppData\Roaming\ZHP
2017-02-23 22:43 - 2014-11-21 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-23 21:49 - 2015-02-18 06:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 21:43 - 2015-02-18 06:06 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 07:32 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 16:02 - 2015-05-27 21:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-18 09:11 - 2016-12-06 09:06 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-18 09:11 - 2016-04-19 06:29 - 00002413 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-18 09:11 - 2016-04-19 06:29 - 00000000 ___RD C:\Users\pc\OneDrive
2017-02-16 07:33 - 2015-12-05 14:54 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-16 07:30 - 2014-11-21 15:36 - 00000000 ____D C:\WINDOWS\jmesoft
2017-02-15 07:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 07:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-14 19:46 - 2015-02-14 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-02-14 19:17 - 2016-12-01 08:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-14 19:17 - 2015-07-17 18:57 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-02-14 19:17 - 2015-04-27 20:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-14 19:11 - 2016-06-09 06:30 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-02-14 19:11 - 2016-06-09 06:30 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-02-14 04:08 - 2015-02-13 20:58 - 00000000 ____D C:\Users\pc\AppData\Roaming\Nitro PDF
2017-02-13 23:44 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-13 19:57 - 2015-05-26 12:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-11 19:05 - 2016-04-18 22:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-11 13:09 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-06 23:13 - 2016-02-21 16:13 - 00002451 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 23:13 - 2016-02-21 16:13 - 00002443 _____ C:\Users\pc\Desktop\Google Chrome.lnk
2017-02-06 20:48 - 2016-10-12 16:37 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-10-12 16:37 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 19:39 - 2015-07-11 13:44 - 00000265 _____ C:\WINDOWS\SmartTRAK.INI

==================== Fichiers à la racine de certains dossiers =======

2015-02-13 21:44 - 2015-02-13 21:44 - 0007602 _____ () C:\Users\pc\AppData\Local\Resmon.ResmonCfg
2016-09-30 02:14 - 2016-09-30 02:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2017-02-21 08:12

==================== Fin de FRST.txt ============================