ComboFix 18-08-08.01 - DANIEL 07/11/2018 16:56:15.1.4 - x64 Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3984.2451 [GMT 1:00] Lancé depuis: d:\temp\a telecharger temporaire\ComboFix.exe AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\MB3Install c:\programdata\MB3Install\MBAMIService.exe . . ((((((((((((((((((((((((((((( Fichiers créés du 2018-10-07 au 2018-11-07 )))))))))))))))))))))))))))))))))))) . . 2018-11-07 15:59 . 2018-11-07 15:59 -------- d-----w- c:\users\Default\AppData\Local\temp 2018-11-05 00:01 . 2018-11-05 00:01 -------- d-----w- c:\program files (x86)\Skins 2018-11-04 17:06 . 2018-11-06 10:55 112864 ----a-w- c:\windows\system32\drivers\farflt.sys 2018-11-04 17:06 . 2018-11-06 10:55 94328 ----a-w- c:\windows\system32\drivers\mwac.sys 2018-11-04 17:06 . 2018-04-26 04:36 152184 ----a-w- c:\windows\system32\drivers\mbae64.sys 2018-11-04 17:06 . 2018-11-06 10:45 -------- d-----w- c:\programdata\Malwarebytes 2018-11-04 14:13 . 2018-11-04 16:43 -------- d-----w- C:\FRST 2018-11-04 02:05 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe 2018-11-04 02:05 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll 2018-11-04 02:05 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll 2018-11-04 02:05 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll 2018-11-04 02:05 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll 2018-11-04 02:05 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll 2018-11-04 02:05 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll 2018-11-03 18:29 . 2018-11-03 18:29 -------- d-----w- c:\program files (x86)\JeffProd 2018-11-03 18:29 . 2001-03-13 13:53 326656 ----a-w- c:\windows\SysWow64\temp.005 2018-11-03 18:29 . 2001-03-13 13:49 140288 ----a-w- c:\windows\SysWow64\COMDLG32.OCX 2018-11-03 18:29 . 2001-03-13 13:47 17920 ----a-w- c:\windows\SysWow64\temp.003 2018-11-03 18:29 . 2001-03-13 13:47 164112 ----a-w- c:\windows\SysWow64\temp.001 2018-11-03 18:29 . 2001-03-13 13:47 598288 ----a-w- c:\windows\SysWow64\temp.000 2018-11-03 18:29 . 2001-03-13 13:45 147728 ----a-w- c:\windows\SysWow64\temp.002 2018-11-03 18:29 . 2000-08-20 20:00 1388544 ----a-w- c:\windows\SysWow64\temp.004 2018-11-03 18:29 . 1998-05-18 01:06 368912 ----a-w- c:\windows\SysWow64\vbar332.dll 2018-11-03 02:07 . 2016-03-23 22:40 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2018-11-03 02:07 . 2016-03-23 22:40 3181568 ----a-w- c:\windows\system32\rdpcorets.dll 2018-11-03 02:07 . 2017-03-07 14:05 243200 ----a-w- c:\windows\system32\rdpudd.dll 2018-11-03 02:06 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe 2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\programdata\HP 2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\program files\HP 2018-11-02 17:14 . 2018-11-02 17:14 -------- d-----w- c:\program files (x86)\HP 2018-11-02 16:54 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui 2018-11-02 16:54 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll 2018-11-02 16:54 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2018-11-02 16:54 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2018-11-02 16:54 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2018-11-02 16:54 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll 2018-11-02 16:54 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll 2018-11-02 16:54 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll 2018-11-02 16:54 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll 2018-11-02 16:54 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe 2018-11-02 16:54 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe 2018-11-02 16:53 . 2018-11-02 16:53 -------- d-----w- c:\program files (x86)\Intel 2018-11-02 16:53 . 2018-11-02 16:53 -------- d-----w- C:\Intel 2018-11-02 16:52 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2018-11-02 16:52 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys 2018-11-02 16:52 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll 2018-11-02 16:52 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll 2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll 2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL 2018-11-02 16:44 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL 2018-11-02 16:44 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll 2018-11-02 16:44 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL 2018-11-02 12:41 . 2018-11-02 12:41 -------- d-----w- c:\program files\CCleaner 2018-11-02 10:20 . 2018-11-02 10:20 -------- d-----w- c:\program files\VS Revo Group 2018-10-31 23:18 . 2018-10-31 23:22 -------- d-----w- c:\programdata\RogueKiller 2018-10-31 23:18 . 2018-10-31 23:18 -------- d-----w- c:\program files\RogueKiller 2018-10-31 18:49 . 2018-10-31 18:49 136745976 -c--a-w- c:\windows\system32\MRT.exe 2018-10-31 17:32 . 2018-10-31 17:35 -------- d-----w- C:\AdwCleaner 2018-10-31 17:09 . 2018-10-31 17:09 899184 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2018-10-31 17:08 . 2018-10-31 17:08 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2018-10-31 17:08 . 2018-10-31 17:08 639312 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2018-10-31 12:56 . 2018-10-31 12:56 399360 ----a-w- c:\windows\RegBootClean64.exe 2018-10-31 12:44 . 2018-10-31 12:44 -------- d-----w- c:\program files (x86)\AVAST Software 2018-10-31 02:20 . 2012-07-26 05:04 2560 ----a-w- c:\windows\system32\drivers\fr-FR\wdf01000.sys.mui 2018-10-31 02:08 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2018-10-31 02:08 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2018-10-31 02:08 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2018-10-31 02:08 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2018-10-31 02:08 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2018-10-31 02:08 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2018-10-31 02:08 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2018-10-30 21:49 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll 2018-10-30 21:49 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll 2018-10-30 21:49 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll 2018-10-30 21:49 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll 2018-10-30 21:49 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll 2018-10-30 21:49 . 2016-03-16 18:28 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll 2018-10-30 21:49 . 2016-03-16 18:28 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll 2018-10-30 21:49 . 2016-03-16 18:27 286720 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll 2018-10-30 21:47 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll 2018-10-30 21:47 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll 2018-10-30 21:47 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll 2018-10-30 21:47 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll 2018-10-30 21:47 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll 2018-10-30 21:47 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll 2018-10-30 21:47 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2018-10-30 21:47 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll 2018-10-30 21:47 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll 2018-10-30 21:47 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll 2018-10-30 21:47 . 2016-01-21 00:51 73664 ----a-w- c:\windows\system32\drivers\disk.sys 2018-10-30 21:45 . 2013-12-04 02:27 485888 ----a-w- c:\windows\system32\secproc_isv.dll 2018-10-30 21:44 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2018-10-30 21:44 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll 2018-10-30 21:44 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll 2018-10-30 21:44 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe 2018-10-30 21:44 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll 2018-10-30 21:44 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe 2018-10-30 21:44 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll 2018-10-30 21:44 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll 2018-10-30 21:44 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe 2018-10-30 21:37 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys 2018-10-30 21:37 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys 2018-10-30 21:37 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2018-10-30 21:37 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll 2018-10-30 21:37 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll 2018-10-30 21:37 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe 2018-10-30 21:37 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe 2018-10-30 21:37 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe 2018-10-30 21:37 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe 2018-10-30 21:37 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2018-10-30 21:37 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll 2018-10-30 21:37 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll 2018-10-29 23:19 . 2018-11-02 16:38 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird 2018-10-29 12:08 . 2018-10-29 12:08 -------- d-----w- c:\program files (x86)\Microsoft.NET 2018-10-29 12:06 . 2018-10-29 12:06 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2018-10-28 19:37 . 2018-10-28 19:37 -------- d-----r- C:\acroldr 2018-10-28 17:42 . 2018-10-28 17:42 -------- d-----w- c:\windows\Vbox 2018-10-28 17:41 . 2018-10-28 17:41 -------- d-----w- c:\windows\SysWow64\Spool 2018-10-28 17:41 . 2018-10-28 17:41 -------- d-----w- c:\program files (x86)\Micrografx 2018-10-28 17:40 . 2018-10-28 17:40 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2018-10-28 15:50 . 2018-10-28 15:50 -------- d-----w- c:\program files (x86)\Elaborate Bytes 2018-10-28 14:55 . 2018-10-28 14:55 447328 ----a-w- c:\windows\system32\drivers\file_protector.sys 2018-10-28 14:55 . 2018-10-28 14:55 -------- d-----w- c:\programdata\Acronis Mobile Backup Data 2018-10-28 14:55 . 2018-10-28 14:55 375136 ----a-w- c:\windows\system32\drivers\file_tracker.sys 2018-10-28 14:55 . 2018-10-28 14:55 688864 ----a-w- c:\windows\system32\drivers\tnd.sys . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2018-09-09 00:42 . 2018-11-02 01:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2017-08-13 07:49 . 2017-08-13 07:49 551736 ----a-w- c:\program files (x86)\ClassicIEDLL_64.dll 2017-08-13 07:49 . 2017-08-13 07:49 3664184 ----a-w- c:\program files (x86)\ClassicStartMenuDLL.dll 2017-08-13 07:49 . 2017-08-13 07:49 163640 ----a-w- c:\program files (x86)\ClassicStartMenu.exe 2017-08-13 07:49 . 2017-08-13 07:49 103736 ----a-w- c:\program files (x86)\ClassicIE_64.exe 2017-08-13 07:49 . 2017-08-13 07:49 98616 ----a-w- c:\program files (x86)\ClassicExplorerSettings.exe 2017-08-13 07:49 . 2017-08-13 07:49 885560 ----a-w- c:\program files (x86)\ClassicExplorer64.dll 2017-08-13 07:49 . 2017-08-13 07:49 760632 ----a-w- c:\program files (x86)\ClassicExplorer32.dll 2017-08-13 07:49 . 2017-08-13 07:49 507192 ----a-w- c:\program files (x86)\ClassicIEDLL_32.dll 2017-08-13 07:49 . 2017-08-13 07:49 402744 ----a-w- c:\program files (x86)\ClassicShellUpdate.exe 2017-08-13 07:49 . 2017-08-13 07:49 104248 ----a-w- c:\program files (x86)\ClassicIE_32.exe . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay] @="{594D4122-1F87-41E2-96C7-825FB4796516}" [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}] 2017-08-13 07:49 760632 ----a-w- c:\program files (x86)\ClassicExplorer32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCleaner Smart Cleaning"="c:\program files\CCleaner\CCleaner64.exe" [2018-10-23 19467544] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmntdrv] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv] @="" . R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x] R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MBAMFarflt;MBAMFarflt;c:\windows\system32\DRIVERS\farflt.sys;c:\windows\SYSNATIVE\DRIVERS\farflt.sys [x] R3 MBAMProtection;MBAMProtection;c:\windows\system32\DRIVERS\mbam.sys;c:\windows\SYSNATIVE\DRIVERS\mbam.sys [x] R3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\DRIVERS\mwac.sys;c:\windows\SYSNATIVE\DRIVERS\mwac.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x] R3 tnd;Acronis Try&Decide filter;c:\windows\system32\DRIVERS\tnd.sys;c:\windows\SYSNATIVE\DRIVERS\tnd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 AcronisActiveProtectionService;Acronis Active Protection (TM) Service;c:\program files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe;c:\program files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [x] R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x] R4 EaseUS Agent;Service Agent EaseUS;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe;c:\program files (x86)\EaseUS\Todo Backup\bin\Agent.exe [x] R4 mmsminisrv;Acronis Managed Machine Service Mini;c:\program files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe;c:\program files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [x] R4 mobile_backup_server;Serveur de sauvegarde mobile Acronis;c:\program files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe;c:\program files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [x] R4 mobile_backup_status_server;Serveur de statut de sauvegarde mobile Acronis;c:\program files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe;c:\program files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [x] R4 RealtekWlanU;RealtekWlanU;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [x] R4 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [x] R4 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x] S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x] S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x] S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x] S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x] S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x] S0 EPMVolFlt;EPMVolFlt;c:\windows\\SystemRoot\System32\drivers\EPMVolFlt.sys;c:\windows\\SystemRoot\System32\drivers\EPMVolFlt.sys [x] S0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys;c:\windows\SYSNATIVE\drivers\eubakup.sys [x] S0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys;c:\windows\SYSNATIVE\drivers\EUBKMON.sys [x] S0 file_tracker;Acronis File Tracker Driver;c:\windows\system32\DRIVERS\file_tracker.sys;c:\windows\SYSNATIVE\DRIVERS\file_tracker.sys [x] S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x] S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x] S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x] S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x] S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\drivers\aswHdsKe.sys [x] S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x] S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x] S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x] S1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys;c:\windows\SYSNATIVE\drivers\eudskacs.sys [x] S1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys;c:\windows\SYSNATIVE\drivers\EuFdDisk.sys [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x] S2 CleanupPSvc;Avast Cleanup Premium;c:\program files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe;c:\program files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [x] S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 file_protector;Acronis File Protector Driver;c:\windows\system32\DRIVERS\file_protector.sys;c:\windows\SYSNATIVE\DRIVERS\file_protector.sys [x] S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x] S2 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x] S2 virtual_file;Acronis Virtual File Driver;c:\windows\system32\DRIVERS\virtual_file.sys;c:\windows\SYSNATIVE\DRIVERS\virtual_file.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisDrive] @="{5D74FD4B-4EFB-4586-8022-8637BBE40970}" [HKEY_CLASSES_ROOT\CLSID\{5D74FD4B-4EFB-4586-8022-8637BBE40970}] 2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncError] @="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}" [HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}] 2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncInProgress] @="{00F848DC-B1D4-4892-9C25-CAADC86A215D}" [HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}] 2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AcronisSyncOk] @="{71573297-552E-46fc-BE3D-3DFAF88D47B7}" [HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}] 2017-01-12 13:07 5654128 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2018-10-24 23:49 1847000 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay] @="{594D4122-1F87-41E2-96C7-825FB4796516}" [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}] 2017-08-13 07:49 885560 ----a-w- c:\program files (x86)\ClassicExplorer64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2018-10-24 242392] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056] "Classic Start Menu"="c:\program files (x86)\ClassicStartMenu.exe" [2017-08-13 163640] "Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2017-01-18 588136] . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: localhost TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\DANIEL\AppData\Roaming\Mozilla\Firefox\Profiles\tgfntfr5.default\ FF - prefs.js: browser.search.selectedEngine - Bing Search Engine FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/ . - - - - ORPHELINS SUPPRIMES - - - - . SafeBoot-MBAMService . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2018-11-07 17:00:49 ComboFix-quarantined-files.txt 2018-11-07 16:00 ComboFix2.txt 2018-11-05 18:21 . Avant-CF: 74 074 177 536 octets libres Après-CF: 73 945 362 432 octets libres . - - End Of File - - C1C57E74760A915236608CA07CC2E3AC A36C5E4F47E84449FF07ED3517B43A31