Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 18-08-08.01 - DANIEL 07/11/2018 16:56:15.1.4 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3984.2451 [GMT 1:00]
Lancé depuis: d:\temp\a telecharger temporaire\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\MB3Install
c:\programdata\MB3Install\MBAMIService.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2018-10-07 au 2018-11-07 ))))))))))))))))))))))))))))))))))))
.
.
2018-11-07 15:59 . 2018-11-07 15:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-11-05 00:01 . 2018-11-05 00:01 -------- d-----w- c:\program files (x86)\Skins
2018-11-04 17:06 . 2018-11-06 10:55 112864 ----a-w- c:\windows\system32\drivers\farflt.sys
2018-11-04 17:06 . 2018-11-06 10:55 94328 ----a-w- c:\windows\system32\drivers\mwac.sys
2018-11-04 17:06 . 2018-04-26 04:36 152184 ----a-w- c:\windows\system32\drivers\mbae64.sys
2018-11-04 17:06 . 2018-11-06 10:45 -------- d-----w- c:\programdata\Malwarebytes
2018-11-04 14:13 . 2018-11-04 16:43 -------- d-----w- C:\FRST
2018-11-04 02:05 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe
2018-11-04 02:05 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2018-11-04 02:05 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2018-11-04 02:05 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll
2018-11-04 02:05 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll
2018-11-04 02:05 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll
2018-11-04 02:05 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll
2018-11-03 18:29 . 2018-11-03 18:29 -------- d-----w- c:\program files (x86)\JeffProd
2018-11-03 18:29 . 2001-03-13 13:53 326656 ----a-w- c:\windows\SysWow64\temp.005
2018-11-03 18:29 . 2001-03-13 13:49 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2018-11-03 18:29 . 2001-03-13 13:47 17920 ----a-w- c:\windows\SysWow64\temp.003
2018-11-03 18:29 . 2001-03-13 13:47 164112 ----a-w- c:\windows\SysWow64\temp.001
2018-11-03 18:29 . 2001-03-13 13:47 598288 ----a-w- c:\windows\SysWow64\temp.000
2018-11-03 18:29 . 2001-03-13 13:45 147728 ----a-w- c:\windows\SysWow64\temp.002
2018-11-03 18:29 . 2000-08-20 20:00 1388544 ----a-w- c:\windows\SysWow64\temp.004
2018-11-03 18:29 . 1998-05-18 01:06 368912 ----a-w- c:\windows\SysWow64\vbar332.dll
2018-11-03 02:07 . 2016-03-23 22:40 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2018-11-03 02:07 . 2016-03-23 22:40 3181568 ----a-w- c:\windows\system32\rdpcorets.dll
2018-11-03 02:07 . 2017-03-07 14:05 243200 ----a-w- c:\windows\system32\rdpudd.dll
2018-11-03 02:06 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\programdata\HP
2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\program files\HP
2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\program files (x86)\HP
2018-11-02 16:54 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui
2018-11-02 16:54 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2018-11-02 16:54 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2018-11-02 16:54 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-11-02 16:54 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-11-02 16:54 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2018-11-02 16:54 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2018-11-02 16:54 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2018-11-02 16:54 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2018-11-02 16:54 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2018-11-02 16:54 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2018-11-02 16:53 . 2018-11-02 16:53 -------- d-----w- c:\program files (x86)\Intel
2018-11-02 16:53 . 2018-11-02 16:53 -------- d-----w- C:\Intel
2018-11-02 16:52 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2018-11-02 16:52 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2018-11-02 16:52 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2018-11-02 16:52 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2018-11-02 16:44 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2018-11-02 16:44 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2018-11-02 12:41 . 2018-11-02 12:41 -------- d-----w- c:\program files\CCleaner
2018-11-02 10:20 . 2018-11-02 10:20 -------- d-----w- c:\program files\VS Revo Group
2018-10-31 23:18 . 2018-10-31 23:22 -------- d-----w- c:\programdata\RogueKiller
2018-10-31 23:18 . 2018-10-31 23:18 -------- d-----w- c:\program files\RogueKiller
2018-10-31 18:49 . 2018-10-31 18:49 136745976 -c--a-w- c:\windows\system32\MRT.exe
2018-10-31 17:32 . 2018-10-31 17:35 -------- d-----w- C:\AdwCleaner
2018-10-31 17:09 . 2018-10-31 17:09 899184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2018-10-31 17:08 . 2018-10-31 17:08 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2018-10-31 17:08 . 2018-10-31 17:08 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2018-10-31 12:56 . 2018-10-31 12:56 399360 ----a-w- c:\windows\RegBootClean64.exe
2018-10-31 12:44 . 2018-10-31 12:44 -------- d-----w- c:\program files (x86)\AVAST Software
2018-10-31 02:20 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui
2018-10-31 02:08 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2018-10-31 02:08 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2018-10-31 02:08 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2018-10-31 02:08 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2018-10-31 02:08 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2018-10-31 02:08 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2018-10-31 02:08 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2018-10-30 21:49 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2018-10-30 21:49 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2018-10-30 21:49 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2018-10-30 21:49 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2018-10-30 21:49 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll
2018-10-30 21:49 . 2016-03-16 18:28 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2018-10-30 21:49 . 2016-03-16 18:28 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2018-10-30 21:49 . 2016-03-16 18:27 286720 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2018-10-30 21:47 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2018-10-30 21:47 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2018-10-30 21:47 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2018-10-30 21:47 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2018-10-30 21:47 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2018-10-30 21:47 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2018-10-30 21:47 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2018-10-30 21:47 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2018-10-30 21:47 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2018-10-30 21:47 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2018-10-30 21:47 . 2016-01-21 00:51 73664 ----a-w- c:\windows\system32\drivers\disk.sys
2018-10-30 21:45 . 2013-12-04 02:27 485888 ----a-w- c:\windows\system32\secproc_isv.dll
2018-10-30 21:44 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2018-10-30 21:44 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2018-10-30 21:44 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2018-10-30 21:44 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2018-10-30 21:44 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2018-10-30 21:44 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2018-10-30 21:44 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2018-10-30 21:44 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2018-10-30 21:44 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2018-10-30 21:37 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2018-10-30 21:37 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2018-10-30 21:37 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2018-10-30 21:37 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll
2018-10-30 21:37 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2018-10-30 21:37 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2018-10-30 21:37 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2018-10-30 21:37 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2018-10-30 21:37 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2018-10-30 21:37 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2018-10-30 21:37 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2018-10-30 21:37 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2018-10-29 23:19 . 2018-11-02 16:38 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2018-10-29 12:08 . 2018-10-29 12:08 -------- d-----w- c:\program files (x86)\Microsoft.NET
2018-10-29 12:06 . 2018-10-29 12:06 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2018-10-28 19:37 . 2018-10-28 19:37 -------- d-----r- C:\acroldr
2018-10-28 17:42 . 2018-10-28 17:42 -------- d-----w- c:\windows\Vbox
2018-10-28 17:41 . 2018-10-28 17:41 -------- d-----w- c:\windows\SysWow64\Spool
2018-10-28 17:41 . 2018-10-28 17:41 -------- d-----w- c:\program files (x86)\Micrografx
2018-10-28 17:40 . 2018-10-28 17:40 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2018-10-28 15:50 . 2018-10-28 15:50 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2018-10-28 14:55 . 2018-10-28 14:55 447328 ----a-w- c:\windows\system32\drivers\file_protector.sys
2018-10-28 14:55 . 2018-10-28 14:55 -------- d-----w- c:\programdata\Acronis Mobile Backup Data
2018-10-28 14:55 . 2018-10-28 14:55 375136 ----a-w- c:\windows\system32\drivers\file_tracker.sys
2018-10-28 14:55 . 2018-10-28 14:55 688864 ----a-w- c:\windows\system32\drivers\tnd.sys
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-09-09 00:42 . 2018-11-02 01:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-08-13 07:49 . 2017-08-13 07:49 551736 ----a-w- c:\program files (x86)\ClassicIEDLL_64.dll
2017-08-13 07:49 . 2017-08-13 07:49 3664184 ----a-w- c:\program files (x86)\ClassicStartMenuDLL.dll
2017-08-13 07:49 . 2017-08-13 07:49 163640 ----a-w- c:\program files (x86)\ClassicStartMenu.exe
2017-08-13 07:49 . 2017-08-13 07:49 103736 ----a-w- c:\program files (x86)\ClassicIE_64.exe
2017-08-13 07:49 . 2017-08-13 07:49 98616 ----a-w- c:\program files (x86)\ClassicExplorerSettings.exe
2017-08-13 07:49 . 2017-08-13 07:49 885560 ----a-w- c:\program files (x86)\ClassicExplorer64.dll
2017-08-13 07:49 . 2017-08-13 07:49 760632 ----a-w- c:\program files (x86)\ClassicExplorer32.dll
2017-08-13 07:49 . 2017-08-13 07:49 507192 ----a-w- c:\program files (x86)\ClassicIEDLL_32.dll
2017-08-13 07:49 . 2017-08-13 07:49 402744 ----a-w- c:\program files (x86)\ClassicShellUpdate.exe
2017-08-13 07:49 . 2017-08-13 07:49 104248 ----a-w- c:\program files (x86)\ClassicIE_32.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2017-08-13 07:49 760632 ----a-w- c:\program files (x86)\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2018-10-23 19467544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 tnd;Acronis Try&Decide filter;c:\windows\system32\DRIVERS\tnd.sys;c:\windows\SYSNATIVE\DRIVERS\tnd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AcronisActiveProtectionService;Acronis Active Protection (TM) Service;c:\program files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe;c:\program files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 EaseUS Agent;Service Agent EaseUS;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
R4 mmsminisrv;Acronis Managed Machine Service Mini;c:\program files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe;c:\program files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [x]
R4 mobile_backup_server;Serveur de sauvegarde mobile Acronis;c:\program files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe;c:\program files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [x]
R4 mobile_backup_status_server;Serveur de statut de sauvegarde mobile Acronis;c:\program files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe;c:\program files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [x]
R4 RealtekWlanU;RealtekWlanU;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [x]
R4 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x]
S0 EPMVolFlt;EPMVolFlt;c:\windows\\SystemRoot\System32\drivers\EPMVolFlt.sys;c:\windows\\SystemRoot\System32\drivers\EPMVolFlt.sys [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
S0 file_tracker;Acronis File Tracker Driver;c:\windows\system32\DRIVERS\file_tracker.sys;c:\windows\SYSNATIVE\DRIVERS\file_tracker.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\drivers\aswHdsKe.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CleanupPSvc;Avast Cleanup Premium;c:\program files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe;c:\program files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 file_protector;Acronis File Protector Driver;c:\windows\system32\DRIVERS\file_protector.sys;c:\windows\SYSNATIVE\DRIVERS\file_protector.sys [x]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
S2 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S2 virtual_file;Acronis Virtual File Driver;c:\windows\system32\DRIVERS\virtual_file.sys;c:\windows\SYSNATIVE\DRIVERS\virtual_file.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisDrive]
@="{5D74FD4B-4EFB-4586-8022-8637BBE40970}"
[HKEY_CLASSES_ROOT\CLSID\{5D74FD4B-4EFB-4586-8022-8637BBE40970}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2018-10-24 23:49 1847000 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2017-08-13 07:49 885560 ----a-w- c:\program files (x86)\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2018-10-24 242392]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Classic Start Menu"="c:\program files (x86)\ClassicStartMenu.exe" [2017-08-13 163640]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2017-01-18 588136]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\tgfntfr5.default\
FF - prefs.js: browser.search.selectedEngine - Bing Search Engine
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-MBAMService
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2018-11-07 17:00:49
ComboFix-quarantined-files.txt 2018-11-07 16:00
ComboFix2.txt 2018-11-05 18:21
.
Avant-CF: 74 074 177 536 octets libres
Après-CF: 73 945 362 432 octets libres
.
- - End Of File - - C1C57E74760A915236608CA07CC2E3AC
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3984.2451 [GMT 1:00]
Lancé depuis: d:\temp\a telecharger temporaire\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\MB3Install
c:\programdata\MB3Install\MBAMIService.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2018-10-07 au 2018-11-07 ))))))))))))))))))))))))))))))))))))
.
.
2018-11-07 15:59 . 2018-11-07 15:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-11-05 00:01 . 2018-11-05 00:01 -------- d-----w- c:\program files (x86)\Skins
2018-11-04 17:06 . 2018-11-06 10:55 112864 ----a-w- c:\windows\system32\drivers\farflt.sys
2018-11-04 17:06 . 2018-11-06 10:55 94328 ----a-w- c:\windows\system32\drivers\mwac.sys
2018-11-04 17:06 . 2018-04-26 04:36 152184 ----a-w- c:\windows\system32\drivers\mbae64.sys
2018-11-04 17:06 . 2018-11-06 10:45 -------- d-----w- c:\programdata\Malwarebytes
2018-11-04 14:13 . 2018-11-04 16:43 -------- d-----w- C:\FRST
2018-11-04 02:05 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe
2018-11-04 02:05 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2018-11-04 02:05 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2018-11-04 02:05 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll
2018-11-04 02:05 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll
2018-11-04 02:05 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll
2018-11-04 02:05 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll
2018-11-03 18:29 . 2018-11-03 18:29 -------- d-----w- c:\program files (x86)\JeffProd
2018-11-03 18:29 . 2001-03-13 13:53 326656 ----a-w- c:\windows\SysWow64\temp.005
2018-11-03 18:29 . 2001-03-13 13:49 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2018-11-03 18:29 . 2001-03-13 13:47 17920 ----a-w- c:\windows\SysWow64\temp.003
2018-11-03 18:29 . 2001-03-13 13:47 164112 ----a-w- c:\windows\SysWow64\temp.001
2018-11-03 18:29 . 2001-03-13 13:47 598288 ----a-w- c:\windows\SysWow64\temp.000
2018-11-03 18:29 . 2001-03-13 13:45 147728 ----a-w- c:\windows\SysWow64\temp.002
2018-11-03 18:29 . 2000-08-20 20:00 1388544 ----a-w- c:\windows\SysWow64\temp.004
2018-11-03 18:29 . 1998-05-18 01:06 368912 ----a-w- c:\windows\SysWow64\vbar332.dll
2018-11-03 02:07 . 2016-03-23 22:40 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2018-11-03 02:07 . 2016-03-23 22:40 3181568 ----a-w- c:\windows\system32\rdpcorets.dll
2018-11-03 02:07 . 2017-03-07 14:05 243200 ----a-w- c:\windows\system32\rdpudd.dll
2018-11-03 02:06 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\programdata\HP
2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\program files\HP
2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\program files (x86)\HP
2018-11-02 16:54 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui
2018-11-02 16:54 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2018-11-02 16:54 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2018-11-02 16:54 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-11-02 16:54 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-11-02 16:54 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2018-11-02 16:54 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2018-11-02 16:54 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2018-11-02 16:54 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2018-11-02 16:54 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2018-11-02 16:54 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2018-11-02 16:53 . 2018-11-02 16:53 -------- d-----w- c:\program files (x86)\Intel
2018-11-02 16:53 . 2018-11-02 16:53 -------- d-----w- C:\Intel
2018-11-02 16:52 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2018-11-02 16:52 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2018-11-02 16:52 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2018-11-02 16:52 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2018-11-02 16:44 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2018-11-02 16:44 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2018-11-02 12:41 . 2018-11-02 12:41 -------- d-----w- c:\program files\CCleaner
2018-11-02 10:20 . 2018-11-02 10:20 -------- d-----w- c:\program files\VS Revo Group
2018-10-31 23:18 . 2018-10-31 23:22 -------- d-----w- c:\programdata\RogueKiller
2018-10-31 23:18 . 2018-10-31 23:18 -------- d-----w- c:\program files\RogueKiller
2018-10-31 18:49 . 2018-10-31 18:49 136745976 -c--a-w- c:\windows\system32\MRT.exe
2018-10-31 17:32 . 2018-10-31 17:35 -------- d-----w- C:\AdwCleaner
2018-10-31 17:09 . 2018-10-31 17:09 899184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2018-10-31 17:08 . 2018-10-31 17:08 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2018-10-31 17:08 . 2018-10-31 17:08 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2018-10-31 12:56 . 2018-10-31 12:56 399360 ----a-w- c:\windows\RegBootClean64.exe
2018-10-31 12:44 . 2018-10-31 12:44 -------- d-----w- c:\program files (x86)\AVAST Software
2018-10-31 02:20 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui
2018-10-31 02:08 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2018-10-31 02:08 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2018-10-31 02:08 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2018-10-31 02:08 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2018-10-31 02:08 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2018-10-31 02:08 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2018-10-31 02:08 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2018-10-30 21:49 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2018-10-30 21:49 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2018-10-30 21:49 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2018-10-30 21:49 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2018-10-30 21:49 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll
2018-10-30 21:49 . 2016-03-16 18:28 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2018-10-30 21:49 . 2016-03-16 18:28 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2018-10-30 21:49 . 2016-03-16 18:27 286720 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2018-10-30 21:47 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2018-10-30 21:47 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2018-10-30 21:47 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2018-10-30 21:47 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2018-10-30 21:47 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2018-10-30 21:47 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2018-10-30 21:47 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2018-10-30 21:47 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2018-10-30 21:47 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2018-10-30 21:47 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2018-10-30 21:47 . 2016-01-21 00:51 73664 ----a-w- c:\windows\system32\drivers\disk.sys
2018-10-30 21:45 . 2013-12-04 02:27 485888 ----a-w- c:\windows\system32\secproc_isv.dll
2018-10-30 21:44 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2018-10-30 21:44 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2018-10-30 21:44 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2018-10-30 21:44 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2018-10-30 21:44 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2018-10-30 21:44 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2018-10-30 21:44 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2018-10-30 21:44 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2018-10-30 21:44 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2018-10-30 21:37 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2018-10-30 21:37 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2018-10-30 21:37 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2018-10-30 21:37 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll
2018-10-30 21:37 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2018-10-30 21:37 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2018-10-30 21:37 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2018-10-30 21:37 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2018-10-30 21:37 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2018-10-30 21:37 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2018-10-30 21:37 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2018-10-30 21:37 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2018-10-29 23:19 . 2018-11-02 16:38 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2018-10-29 12:08 . 2018-10-29 12:08 -------- d-----w- c:\program files (x86)\Microsoft.NET
2018-10-29 12:06 . 2018-10-29 12:06 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2018-10-28 19:37 . 2018-10-28 19:37 -------- d-----r- C:\acroldr
2018-10-28 17:42 . 2018-10-28 17:42 -------- d-----w- c:\windows\Vbox
2018-10-28 17:41 . 2018-10-28 17:41 -------- d-----w- c:\windows\SysWow64\Spool
2018-10-28 17:41 . 2018-10-28 17:41 -------- d-----w- c:\program files (x86)\Micrografx
2018-10-28 17:40 . 2018-10-28 17:40 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2018-10-28 15:50 . 2018-10-28 15:50 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2018-10-28 14:55 . 2018-10-28 14:55 447328 ----a-w- c:\windows\system32\drivers\file_protector.sys
2018-10-28 14:55 . 2018-10-28 14:55 -------- d-----w- c:\programdata\Acronis Mobile Backup Data
2018-10-28 14:55 . 2018-10-28 14:55 375136 ----a-w- c:\windows\system32\drivers\file_tracker.sys
2018-10-28 14:55 . 2018-10-28 14:55 688864 ----a-w- c:\windows\system32\drivers\tnd.sys
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-09-09 00:42 . 2018-11-02 01:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-08-13 07:49 . 2017-08-13 07:49 551736 ----a-w- c:\program files (x86)\ClassicIEDLL_64.dll
2017-08-13 07:49 . 2017-08-13 07:49 3664184 ----a-w- c:\program files (x86)\ClassicStartMenuDLL.dll
2017-08-13 07:49 . 2017-08-13 07:49 163640 ----a-w- c:\program files (x86)\ClassicStartMenu.exe
2017-08-13 07:49 . 2017-08-13 07:49 103736 ----a-w- c:\program files (x86)\ClassicIE_64.exe
2017-08-13 07:49 . 2017-08-13 07:49 98616 ----a-w- c:\program files (x86)\ClassicExplorerSettings.exe
2017-08-13 07:49 . 2017-08-13 07:49 885560 ----a-w- c:\program files (x86)\ClassicExplorer64.dll
2017-08-13 07:49 . 2017-08-13 07:49 760632 ----a-w- c:\program files (x86)\ClassicExplorer32.dll
2017-08-13 07:49 . 2017-08-13 07:49 507192 ----a-w- c:\program files (x86)\ClassicIEDLL_32.dll
2017-08-13 07:49 . 2017-08-13 07:49 402744 ----a-w- c:\program files (x86)\ClassicShellUpdate.exe
2017-08-13 07:49 . 2017-08-13 07:49 104248 ----a-w- c:\program files (x86)\ClassicIE_32.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2017-08-13 07:49 760632 ----a-w- c:\program files (x86)\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2018-10-23 19467544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x]
R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 tnd;Acronis Try&Decide filter;c:\windows\system32\DRIVERS\tnd.sys;c:\windows\SYSNATIVE\DRIVERS\tnd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AcronisActiveProtectionService;Acronis Active Protection (TM) Service;c:\program files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe;c:\program files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 EaseUS Agent;Service Agent EaseUS;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x]
R4 mmsminisrv;Acronis Managed Machine Service Mini;c:\program files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe;c:\program files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [x]
R4 mobile_backup_server;Serveur de sauvegarde mobile Acronis;c:\program files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe;c:\program files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [x]
R4 mobile_backup_status_server;Serveur de statut de sauvegarde mobile Acronis;c:\program files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe;c:\program files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [x]
R4 RealtekWlanU;RealtekWlanU;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [x]
R4 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [x]
R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x]
S0 EPMVolFlt;EPMVolFlt;c:\windows\\SystemRoot\System32\drivers\EPMVolFlt.sys;c:\windows\\SystemRoot\System32\drivers\EPMVolFlt.sys [x]
S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x]
S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x]
S0 file_tracker;Acronis File Tracker Driver;c:\windows\system32\DRIVERS\file_tracker.sys;c:\windows\SYSNATIVE\DRIVERS\file_tracker.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\drivers\aswHdsKe.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x]
S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CleanupPSvc;Avast Cleanup Premium;c:\program files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe;c:\program files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 file_protector;Acronis File Protector Driver;c:\windows\system32\DRIVERS\file_protector.sys;c:\windows\SYSNATIVE\DRIVERS\file_protector.sys [x]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
S2 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S2 virtual_file;Acronis Virtual File Driver;c:\windows\system32\DRIVERS\virtual_file.sys;c:\windows\SYSNATIVE\DRIVERS\virtual_file.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisDrive]
@="{5D74FD4B-4EFB-4586-8022-8637BBE40970}"
[HKEY_CLASSES_ROOT\CLSID\{5D74FD4B-4EFB-4586-8022-8637BBE40970}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2018-10-24 23:49 1847000 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2017-08-13 07:49 885560 ----a-w- c:\program files (x86)\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2018-10-24 242392]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Classic Start Menu"="c:\program files (x86)\ClassicStartMenu.exe" [2017-08-13 163640]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2017-01-18 588136]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\tgfntfr5.default\
FF - prefs.js: browser.search.selectedEngine - Bing Search Engine
FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
.
- - - - ORPHELINS SUPPRIMES - - - -
.
SafeBoot-MBAMService
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2018-11-07 17:00:49
ComboFix-quarantined-files.txt 2018-11-07 16:00
ComboFix2.txt 2018-11-05 18:21
.
Avant-CF: 74 074 177 536 octets libres
Après-CF: 73 945 362 432 octets libres
.
- - End Of File - - C1C57E74760A915236608CA07CC2E3AC
A36C5E4F47E84449FF07ED3517B43A31