RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
ExÃ©cutÃ© par JEAN YVES PORTABLE (administrateur) sur JEAN-YVES-PORT (27-01-2017 03:47:04)
ExÃ©cutÃ© depuis C:\Users\JEAN YVES PORTABLE\Desktop
Profils chargÃ©s: JEAN YVES PORTABLE (Profils disponibles: UpdatusUser & JEAN YVES PORTABLE)
Platform: Windows 8.1 (Update) (X64) Langue: FranÃ§ais (France)
Internet Explorer Version 11 (Navigateur par dÃ©faut: FF)
Mode d'amorÃ§age: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\WINDOWS\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxext.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registre (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-3678433967-19092864-1708051356-1002\...\Run: [Viber] => C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber\Viber.exe [776400 2015-02-03] ()
HKU\S-1-5-21-3678433967-19092864-1708051356-1002\...\MountPoints2: {473448cc-cf8c-11e4-becf-48d2247423e5} - "E:\AutoRun.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-08] (AVAST Software)

==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Tcpip\Parameters: [DhcpNameServer] 80.10.46.232
Tcpip\..\Interfaces\{4C280265-0916-4FAA-AC38-BCFC03DCE378}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{733FC8E8-BDA6-41DB-8879-67A27290F732}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8FE3B31F-223A-417C-93AE-8E13F7E6BE19}: [DhcpNameServer] 80.10.46.232

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-3678433967-19092864-1708051356-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKU\S-1-5-21-3678433967-19092864-1708051356-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=fr-fr
HKU\S-1-5-21-3678433967-19092864-1708051356-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3678433967-19092864-1708051356-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.fr/
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
Toolbar: HKLM - Pas de nom - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Pas de fichier
Toolbar: HKU\S-1-5-21-3678433967-19092864-1708051356-1002 -> Pas de nom - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  Pas de fichier

FireFox:
========
FF ProfilePath: C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\rgnhhcj9.default [2017-01-27]
FF NewTab: Mozilla\Firefox\Profiles\rgnhhcj9.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\rgnhhcj9.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\rgnhhcj9.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\rgnhhcj9.default -> Google
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\rgnhhcj9.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\rgnhhcj9.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\rgnhhcj9.default -> hxxps://www.google.com/?bcutc=sp-006
FF Keyword.URL: Mozilla\Firefox\Profiles\rgnhhcj9.default -> hxxps://www.google.com/search?bcutc=sp-006
FF SearchPlugin: C:\Users\JEAN YVES PORTABLE\AppData\Roaming\Mozilla\Firefox\Profiles\rgnhhcj9.default\searchplugins\google-avast.xml [2016-12-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=fr-fr
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default [2017-01-26]
CHR Extension: (Google Docs) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-02]
CHR Extension: (GoogleÂ Drive) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (YouTube) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Recherche Google) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Adobe Acrobat) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-18]
CHR Extension: (Avast SafePrice) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Bing) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-08-31]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-11]
CHR Extension: (Avast Online Security) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-19]
CHR Extension: (Skype) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-24]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\JEAN YVES PORTABLE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKU\S-1-5-21-3678433967-19092864-1708051356-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

S2 0232111485433656mcinstcleanup; C:\WINDOWS\TEMP\023211~1.EXE [922152 2016-03-02] (McAfee, Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [Fichier non signÃ©]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Fichier non signÃ©]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-09-01] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-08] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-08] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-08] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
S3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Intel(R) Corporation) [Fichier non signÃ©]
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-20] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-09-01] (Dritek System Inc.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
S3 MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Un mois - CrÃ©Ã©s - fichiers et dossiers ========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2017-01-27 03:47 - 2017-01-27 03:47 - 00018864 _____ C:\Users\JEAN YVES PORTABLE\Desktop\FRST.txt
2017-01-27 03:46 - 2017-01-27 03:47 - 00000000 ___DC C:\FRST
2017-01-27 03:45 - 2017-01-27 03:45 - 02420736 _____ (Farbar) C:\Users\JEAN YVES PORTABLE\Desktop\FRST64.exe
2017-01-27 03:25 - 2017-01-27 03:25 - 03480040 _____ (McAfee, Inc.) C:\Users\JEAN YVES PORTABLE\Desktop\MCPR.exe
2017-01-26 23:23 - 2017-01-26 23:23 - 00000512 ____C C:\PhysicalDisk0_MBR.bin
2017-01-26 13:32 - 2017-01-27 03:19 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\AppData\Local\tkdata
2017-01-26 13:32 - 2017-01-26 13:32 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-01-26 13:31 - 2017-01-26 13:31 - 00000000 ____D C:\Program Files\Intel Security
2017-01-26 13:29 - 2017-01-26 13:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 13:29 - 2017-01-26 13:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-26 13:20 - 2017-01-26 13:18 - 00000030 ____C C:\AVScanner.ini
2017-01-26 13:18 - 2017-01-27 03:30 - 00000000 ____D C:\Program Files\TrueKey
2017-01-23 02:34 - 2017-01-23 02:45 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\FEROZA
2017-01-09 07:48 - 2016-12-01 15:13 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-01-09 07:48 - 2016-12-01 15:13 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-01-09 07:48 - 2016-12-01 15:11 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-01-09 07:48 - 2016-12-01 15:11 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-01-09 07:48 - 2016-10-20 14:14 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-01-09 07:48 - 2016-10-20 14:10 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-01-07 02:00 - 2017-01-07 02:00 - 00000000 __HDC C:\OneDriveTemp
2017-01-02 00:08 - 2017-01-02 00:08 - 00102526 _____ C:\Users\JEAN YVES PORTABLE\Desktop\18yo_teen_boy_wank_for_cam_-_iphone_recording_after_shopping.html
2017-01-01 18:59 - 2017-01-01 18:59 - 00180680 _____ C:\Users\JEAN YVES PORTABLE\Downloads\actualisation decembre 2016.pdf

==================== Un mois - ModifiÃ©s - fichiers et dossiers ========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2017-01-27 03:37 - 2014-01-22 01:56 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3678433967-19092864-1708051356-1002
2017-01-27 03:36 - 2016-11-19 11:56 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\AppData\LocalLow\Mozilla
2017-01-27 03:34 - 2016-09-15 15:40 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\OneDrive
2017-01-27 03:34 - 2016-09-15 15:40 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\OneDrive
2017-01-27 03:33 - 2015-01-16 12:07 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\AppData\Local\Viber
2017-01-27 03:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 03:27 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-01-27 03:13 - 2015-02-20 00:48 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\AppData\Roaming\ZHP
2017-01-27 03:04 - 2014-01-23 21:05 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-26 23:36 - 2015-02-25 06:17 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\MOI
2017-01-26 23:36 - 2015-02-25 06:17 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\MOI
2017-01-26 18:01 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-26 13:27 - 2015-12-04 16:30 - 00000000 ____D C:\Program Files\Common Files\AV
2017-01-26 13:18 - 2014-01-23 21:04 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\AppData\Local\Adobe
2017-01-26 08:43 - 2015-09-21 05:41 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\J.B
2017-01-26 08:43 - 2015-09-21 05:41 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\J.B
2017-01-25 21:28 - 2014-04-19 18:00 - 00000000 ____D C:\Users\JEAN YVES PORTABLE
2017-01-25 15:59 - 2014-03-25 14:55 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\ANNONCES
2017-01-25 11:23 - 2014-01-30 14:14 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\PHOTOS REDUIT
2017-01-25 00:11 - 2015-12-25 00:03 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\PHOTOS
2017-01-24 20:36 - 2014-03-19 14:10 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\FOND D'ECRAN
2017-01-23 10:44 - 2016-07-21 13:19 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\MAMAN
2017-01-23 10:44 - 2016-07-21 13:19 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\MAMAN
2017-01-22 08:58 - 2016-07-22 07:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat ReaderÂ DC.lnk
2017-01-21 00:39 - 2016-11-19 13:03 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\WISH
2017-01-17 15:18 - 2016-07-11 21:30 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-15 17:49 - 2015-07-02 22:32 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\CAF -RSA
2017-01-15 17:49 - 2015-07-02 22:32 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\CAF -RSA
2017-01-14 06:53 - 2015-01-25 23:04 - 00000000 ____D C:\ProgramData\Skype
2017-01-14 06:53 - 2015-01-25 23:04 - 00000000 ____D C:\ProgramData\Skype
2017-01-13 13:50 - 2016-08-30 23:43 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\MAISONS
2017-01-13 10:01 - 2014-01-27 07:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-13 09:56 - 2014-01-27 07:01 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-12 08:41 - 2016-07-22 07:57 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 20:53 - 2016-01-19 14:42 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\IMPOTS
2017-01-11 20:53 - 2016-01-19 14:42 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\IMPOTS
2017-01-11 13:11 - 2015-08-11 21:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-01-11 13:11 - 2015-08-11 21:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-01-11 09:36 - 2015-08-11 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-01-10 12:04 - 2014-01-23 21:05 - 00003754 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-01-10 12:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-10 12:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-09 14:12 - 2014-03-25 14:53 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\Desktop\PRO
2017-01-06 23:11 - 2015-02-09 21:12 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\LES HERMALS
2017-01-06 23:11 - 2015-02-09 21:12 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\LES HERMALS
2017-01-05 21:05 - 2015-03-30 07:31 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\PAPA
2017-01-05 21:05 - 2015-03-30 07:31 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\PAPA
2017-01-05 20:22 - 2016-11-19 11:58 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\ENGIE
2017-01-05 20:22 - 2016-11-19 11:58 - 00000000 ____D C:\Users\JEAN YVES PORTABLE\ENGIE
2016-12-30 15:03 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-12-28 19:46 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports

==================== Fichiers Ã  la racine de certains dossiers =======

2015-01-05 23:59 - 2015-04-26 14:16 - 0052224 _____ () C:\Users\JEAN YVES PORTABLE\AppData\Roaming\CDRusersDB.v12
2014-02-21 14:08 - 2014-09-04 02:10 - 0000088 _____ () C:\Users\JEAN YVES PORTABLE\AppData\Roaming\WB.CFG
2013-09-01 04:22 - 2013-09-01 04:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-20 09:38 - 2015-02-20 09:38 - 0004902 _____ () C:\ProgramData\eaapqbsg.gfr

Fichiers Ã  dÃ©placer ou supprimer:
====================
C:\Users\JEAN YVES PORTABLE\ZHPCleaner.exe


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\explorer.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\services.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\User32.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signÃ© numÃ©riquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signÃ© numÃ©riquement

LastRegBack: 2015-02-11 22:59

==================== Fin de FRST.txt ============================