cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/08/2015
Scan Time: 12:09 Õ
Logfile: prot.txt
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.09.03
Rootkit Database: v2015.08.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mohameed&Nuha

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 395049
Time Elapsed: 46 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 6
PUP.Optional.TVTime.A, C:\ProgramData\bajNMgF\xsMZMv.exe, 3260, Delete-on-Reboot, [5a6d7096bdcede58a84779bb4db4827e]
Trojan.MSIL.Dropper, C:\Program Files (x86)\SpaceSondPro_v53.1354\SpaceSondPro_Service.exe, 4064, Delete-on-Reboot, [61668e785b3066d0497d5969e61b8f71]
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1\xlagseih.exe, 4588, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a]
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1\xlagseih.exe, 6044, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a]
PUP.Optional.SpaceSoundPro.A, C:\Program Files (x86)\SpaceSondPro_v53.1354\SpaceSondPro_Service.exe, 4064, Delete-on-Reboot, [ac1bd630cfbc76c0bdee43671aead729]
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Qeeoozeou.exe, 1924, Delete-on-Reboot, [ae1918ee9eed6dc9158d4f5c2fd57d83]

Modules: 1
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1\sqlite3.dll, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a],

Registry Keys: 52
PUP.Optional.TVTime.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xsMZMv, Quarantined, [5a6d7096bdcede58a84779bb4db4827e],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [27a0d1356b20bb7bdc5e4f81c24033cd],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [27a0d1356b20bb7bdc5e4f81c24033cd],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [27a0d1356b20bb7bdc5e4f81c24033cd],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [27a0d1356b20bb7bdc5e4f81c24033cd],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [27a0d1356b20bb7bdc5e4f81c24033cd],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [27a0d1356b20bb7bdc5e4f81c24033cd],
PUP.Optional.PullUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TVTime, Quarantined, [09beaa5c6a2138fe777d463a867ff10f],
PUP.Optional.Multiplug, HKU\S-1-5-21-999841188-863879926-2479686721-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Quarantined, [83449d6995f6d660c476aa230cf527d9],
PUP.Optional.Multiplug, HKU\S-1-5-21-999841188-863879926-2479686721-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Quarantined, [83449d6995f6d660c476aa230cf527d9],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\shopperz04082015, Quarantined, [51766e98018a4cea8b578428dd27d729],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\CLASSES\CRSBRWSHTML, Quarantined, [7453f90d54372b0b5e1a50cc1de6758b],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Glopbbiq, Delete-on-Reboot, [0fb8947203881224d64e977c45be5ca4],
PUP.Optional.OptScan.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optscan, Delete-on-Reboot, [19aead5991fa13231280997afd06bf41],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarantined, [a5229b6b7516d2643c26e0c4cc3850b0],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\shopperz04082015, Quarantined, [e1e6a4627c0f61d5d9c8416a9f659769],
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CRSBRWSHTML, Quarantined, [8e398b7b47440333d99fb06cf01305fb],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{c31ed948}, Quarantined, [2c9b877f6a2148eedbed3969768e60a0],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Quarantined, [8f38996d1d6ed660c1a1ffa59b693ec2],
PUP.Optional.Shopperz.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHOPPERZ04082015 UPDATER, Quarantined, [ae1918ee9eed6dc9158d4f5c2fd57d83],
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WSASVC_1.10.0.19, Quarantined, [5c6b976fa0eb0f275291efb116ee639d],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BUXENYQU, Quarantined, [bc0b42c48a012511abe4c3d7ab597987],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\COMYNINU, Quarantined, [05c2fc0a5932e452b4db900a2fd5817f],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HYVERUMU, Quarantined, [8e396e983b50e0564d428d0da262956b],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [586fb65093f86acc271d980ecd378080],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, Quarantined, [d9eefd093b5085b1a12bc0dba85cfc04],
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{599BDCE5-E3A1-4B2A-83A7-DDAFA1C42D9C}, Quarantined, [0cbb14f20487fc3a37643675778d7987],
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{599BDCE5-E3A1-4B2A-83A7-DDAFA1C42D9C}, Quarantined, [9532a660cdbead895a419d0ee91ba65a],
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{599BDCE5-E3A1-4B2A-83A7-DDAFA1C42D9C}, Quarantined, [6e593dc9bccfc76ff9a2cbe0e024da26],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-999841188-863879926-2479686721-1000\SOFTWARE\{599BDCE5-E3A1-4B2A-83A7-DDAFA1C42D9C}, Quarantined, [d1f6de281f6c3cfaa4f7c8e318ecd42c],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\Extension.Siput.1, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\Extension.Siput, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.Siput, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.Siput, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0A0E29F6-0AB0-44E1-A98E-BD050EE692EC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0A0E29F6-0AB0-44E1-A98E-BD050EE692EC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.Siput.1, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.Siput.1, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\CLSID\{0A0E29F6-0AB0-44E1-A98E-BD050EE692EC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\CLSID\{0A0E29F6-0AB0-44E1-A98E-BD050EE692EC}\INPROCSERVER32, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0A0E29F6-0AB0-44E1-A98E-BD050EE692EC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{64347791-2F86-43F7-ABF7-9328A5CB50EE}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2A0C4F9-FF24-4E23-8E89-430370C07ABC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C4872FF9-BB89-4757-A4E8-935BE9E13DAA}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C2A0C4F9-FF24-4E23-8E89-430370C07ABC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C4872FF9-BB89-4757-A4E8-935BE9E13DAA}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C2A0C4F9-FF24-4E23-8E89-430370C07ABC}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C4872FF9-BB89-4757-A4E8-935BE9E13DAA}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{64347791-2F86-43F7-ABF7-9328A5CB50EE}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{64347791-2F86-43F7-ABF7-9328A5CB50EE}, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}_is1, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],

Registry Values: 16
Trojan.MSIL.Dropper, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|SpaceSondPro_v53.1354, C:\Program Files (x86)\SpaceSondPro_v53.1354\SpaceSondPro_Service.exe ro, Quarantined, [61668e785b3066d0497d5969e61b8f71]
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}, C:\Program Files\shopperz04082015\Firefox, Quarantined, [ae19be48a3e8bd79bee03774cd379f61]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [a5229b6b7516d2643c26e0c4cc3850b0]
PUP.Optional.SpaceSoundPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|SpaceSondPro_v53.1354, C:\Program Files (x86)\SpaceSondPro_v53.1354\SpaceSondPro_Service.exe ro, Quarantined, [ac1bd630cfbc76c0bdee43671aead729]
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}, C:\Program Files\shopperz04082015\Firefox, Quarantined, [b90efd094546ac8a2c725a5135cfaa56]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [8f38996d1d6ed660c1a1ffa59b693ec2]
PUP.Optional.Shopperz.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\shopperz04082015 Updater|ImagePath, C:\Program Files\shopperz04082015\Qeeoozeou.exe, Quarantined, [ae1918ee9eed6dc9158d4f5c2fd57d83]
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsasvc_1.10.0.19|ImagePath, "C:\Program Files (x86)\WordSurfer_1.10.0.19\Service\wsasvc.exe", Quarantined, [5c6b976fa0eb0f275291efb116ee639d]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\buxenyqu|ImagePath, C:\Program Files (x86)\32444335-1439110204-5632-3250-A0B3CC7B25D4\knss5CA9.tmpfs, Quarantined, [bc0b42c48a012511abe4c3d7ab597987]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu|ImagePath, C:\Program Files (x86)\32444335-1439110204-5632-3250-A0B3CC7B25D4\hnss9AD9.tmp, Quarantined, [05c2fc0a5932e452b4db900a2fd5817f]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hyverumu|ImagePath, C:\Program Files (x86)\32444335-1439110204-5632-3250-A0B3CC7B25D4\jnsc7E23.tmp, Quarantined, [8e396e983b50e0564d428d0da262956b]
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{599bdce5-e3a1-4b2a-83a7-ddafa1c42d9c}|Name, C:\Program Files\shopperz04082015\Sfval.exe, Quarantined, [0cbb14f20487fc3a37643675778d7987]
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{599bdce5-e3a1-4b2a-83a7-ddafa1c42d9c}|Name, C:\Program Files\shopperz04082015\Sfval.exe, Quarantined, [9532a660cdbead895a419d0ee91ba65a]
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{599bdce5-e3a1-4b2a-83a7-ddafa1c42d9c}|Name, C:\Program Files\shopperz04082015\Sfval.exe, Quarantined, [6e593dc9bccfc76ff9a2cbe0e024da26]
PUP.Optional.CrossBrowse.C, HKU\S-1-5-21-999841188-863879926-2479686721-1000\SOFTWARE\CLIENTS\STARTMENUINTERNET, Crossbrowse, Quarantined, [923536d05e2d261044e9dfc00301ec14]
PUP.Optional.Shopperz.A, HKU\S-1-5-21-999841188-863879926-2479686721-1000\SOFTWARE\{599bdce5-e3a1-4b2a-83a7-ddafa1c42d9c}|Name, C:\Program Files\shopperz04082015\Sfval.exe, Quarantined, [d1f6de281f6c3cfaa4f7c8e318ecd42c]

Registry Data: 7
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://www.mystartsearch.com/web/?type=ds&ts=1439114892&z=bffef354e208acaeef8bbd1g0zecct9g9g8z2tfgeq&from=cmi&uid=HitachiXHTS547575A9E384_J2540059CW5S8ECW5S8EX&q={searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1439114892&z=bffef354e208acaeef8bbd1g0zecct9g9g8z2tfgeq&from=cmi&uid=HitachiXHTS547575A9E384_J2540059CW5S8ECW5S8EX&q={searchTerms}),Replaced,[4f7864a22269c373d78a76cbce379967]
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://www.mystartsearch.com/web/?type=ds&ts=1439114892&z=bffef354e208acaeef8bbd1g0zecct9g9g8z2tfgeq&from=cmi&uid=HitachiXHTS547575A9E384_J2540059CW5S8ECW5S8EX&q={searchTerms}, Good: (www.google.com), Bad: (http://www.mystartsearch.com/web/?type=ds&ts=1439114892&z=bffef354e208acaeef8bbd1g0zecct9g9g8z2tfgeq&from=cmi&uid=HitachiXHTS547575A9E384_J2540059CW5S8ECW5S8EX&q={searchTerms}),Replaced,[b611fc0a14776fc7f46de55cc93c946c]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{15BA878A-902F-4E22-BBFD-52414F6A98B2}|NameServer, 52.17.204.69,8.8.8.8, Good: (), Bad: (52.17.204.69,8.8.8.8),Replaced,[4e795da9bbd044f2c2a55bf463a20ef2]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5729FF12-07FF-4BAF-981D-5035DB54A6FE}|NameServer, 52.17.204.69,8.8.8.8, Good: (), Bad: (52.17.204.69,8.8.8.8),Replaced,[e2e571958704f5417fe8e56ad4316898]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}|NameServer, 52.17.204.69,8.8.8.8, Good: (), Bad: (52.17.204.69,8.8.8.8),Replaced,[85420cfa94f71c1ae681b09fd62fbd43]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{A2A8F526-49E0-4176-9488-FBC5A3E299CC}|NameServer, 52.17.204.69,8.8.8.8, Good: (), Bad: (52.17.204.69,8.8.8.8),Replaced,[3592c046197268ce2641f758cf3656aa]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{AC8811E9-9F8F-4E66-A6C5-F89EC00FBAE3}|NameServer, 52.17.204.69,8.8.8.8, Good: (), Bad: (52.17.204.69,8.8.8.8),Replaced,[3f88ce383d4e1e1857100b44a56005fb]

Folders: 26
PUP.Optional.TVTime.A, C:\ProgramData\TVTime, Quarantined, [7f485aac49420d29b51e4ef2f11206fa],
PUP.Optional.TVTime.A, C:\Users\Mohameed&Nuha\AppData\Local\TVTime, Quarantined, [8b3c93731b70181e22b25ce4dc270af6],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.OptimizerPro.A, C:\Users\Mohameed&Nuha\Documents\Optimizer Pro, Quarantined, [893eec1ae6a52c0a9c77e6beac582cd4],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a],
PUP.Optional.SpaceSoundPro.A, C:\Program Files (x86)\SpaceSondPro_v53.1354, Delete-on-Reboot, [497e43c3137865d16af04dc437cc0bf5],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015, Delete-on-Reboot, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content\libraries, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content\resources, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\locale, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\locale\en-US, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\skin, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\defaults, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\defaults\preferences, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\libraries, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\resources, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\4WinManPro4, Quarantined, [20a7e224f299db5ba7fbb260d33039c7],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\DWinManProD, Quarantined, [8344d135c9c2b77f148e050d8f741de3],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\DWinManProD\update, Quarantined, [8344d135c9c2b77f148e050d8f741de3],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\nWinManPron, Quarantined, [d0f7cb3b2c5fb185b0f2ca48887bda26],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF\dat, Delete-on-Reboot, [5572c44278139c9aa2b3ff84897cf010],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF, Delete-on-Reboot, [5572c44278139c9aa2b3ff84897cf010],

Files: 105
Rootkit.Agent.A, C:\WINDOWS\SYSTEM32\drivers\bsdriver.sys, Delete-on-Reboot, [124a3c1a8cd3fe752971d86afb80558f],
PUP.Optional.Cherimoya.A, C:\WINDOWS\SYSTEM32\drivers\cherimoya.sys, Delete-on-Reboot, [0da3fbc2ece10bf259f3f4f2fe08fe86],
PUP.Optional.TVTime.A, C:\ProgramData\bajNMgF\xsMZMv.exe, Delete-on-Reboot, [5a6d7096bdcede58a84779bb4db4827e],
Trojan.MSIL.Dropper, C:\Program Files (x86)\SpaceSondPro_v53.1354\SpaceSondPro_Service.exe, Delete-on-Reboot, [61668e785b3066d0497d5969e61b8f71],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\bajNMgF\dat\lFylouTmY.dll, Delete-on-Reboot, [71569a6c93f80135f8eec86052b30000],
PUP.Optional.TVTime.A, C:\ProgramData\bajNMgF\dat\PJxzyx.exe, Delete-on-Reboot, [c0077c8aabe054e2ae4166ceb0512fd1],
PUP.Optional.TVTime.A, C:\ProgramData\bajNMgF\dat\RzALqK.exe, Delete-on-Reboot, [f8cf4bbb94f7a19531bebe7681803dc3],
PUP.Optional.PullUpdate.A, c:\programdata\bajnmgf\dat\wdlftocxvzi.dll, Delete-on-Reboot, [c9fef2141e6d7cba649099e7778e44bc],
PUP.Optional.WProtectManager.A, C:\ProgramData\DWinManProD\ProtectWindowsManager.exe, Quarantined, [893eac5a3457c47222482859778e2ad6],
PUP.Optional.PullUpdate.A, C:\ProgramData\TVTime\Uninstall.exe, Quarantined, [09beaa5c6a2138fe777d463a867ff10f],
PUP.Optional.WProtectManager.A, C:\ProgramData\nWinManPron\ProtectWindowsManager.exe, Quarantined, [edda3ec894f7e551a2c8423ff31212ee],
PUP.Optional.CrossBrowse, C:\Users\Mohameed&Nuha\AppData\Local\Temp\1024.exe, Quarantined, [9f28fd0903887eb8f1fed6c534cd7c84],
PUP.Optional.CrossBrowse, C:\Users\Mohameed&Nuha\AppData\Local\Temp\424.exe, Quarantined, [5770c6403c4fc86e797645568f72cb35],
PUP.Optional.Bundle, C:\Users\Mohameed&Nuha\AppData\Local\Temp\setup_644.exe, Quarantined, [864185816f1c0531f6d94a0902fe28d8],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nsaD4EE.tmp, Quarantined, [22a5b5518efd3df984107c027e8722de],
Trojan.MSIL.Dropper, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nsm1007.tmp, Quarantined, [438460a6751694a2477f8c3641c057a9],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nsmEBF8.tmp, Quarantined, [61665fa7d9b202340d87186606ff07f9],
Trojan.Agent, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nsnBFEE.tmp, Quarantined, [4780cb3b484391a5e20894a70ff6fc04],
PUP.Optional.BundleInstaller.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\awh5C49.tmp, Quarantined, [d8ef21e5008b12240ce2bbc59d682fd1],
PUP.Optional.CoupSeek.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\awh5CE7.tmp, Quarantined, [7e492adcbfcc0c2a40c6730c0ff648b8],
Adware.EoRezo, c:\users\mohameed&nuha\appdata\local\temp\awh5f3a.tmp, Quarantined, [2d9aaf579af1181e6ab4981b9f6237c9],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nst4B07.tmp, Quarantined, [1bacb05692f9ae889bf9bcc23fc6e21e],
PUP.Optional.TVTime.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nsy4145.tmp, Quarantined, [15b29a6ccfbcea4c131e370713ed718f],
PUP.optional.OptimizerPro.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\optprosetup.exe, Quarantined, [b80fff07573459ddfd3fecd1b34eda26],
PUP.Optional.OurSeaching.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\awh59E4.tmp, Quarantined, [487f9a6ccebd1c1a516b0678ef16946c],
PUP.Optional.Multiplug, C:\Users\Mohameed&Nuha\AppData\Local\Temp\nspCA91.tmp.exe, Quarantined, [61666e98c0cb4fe70d2d5b72db262fd1],
PUP.Optional.ValcanLabs.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\is-A0HKU.tmp\480.exe, Quarantined, [a81f9571c8c3bf77e5d7d6aa15f01ce4],
PUP.Optional.Multiplug, C:\Users\Mohameed&Nuha\AppData\Local\Temp\A260\temp\nspCA91.tmp.exe, Quarantined, [83449d6995f6d660c476aa230cf527d9],
PUP.Optional.Shopperz.A, C:\Windows\System32\Tasks\Glopbbiq, Quarantined, [c007da2cf7942313be64ad66df248977],
PUP.Optional.TVTime.A, C:\ProgramData\TVTime\app.dat, Quarantined, [7f485aac49420d29b51e4ef2f11206fa],
PUP.Optional.TVTime.A, C:\ProgramData\TVTime\data.dat, Quarantined, [7f485aac49420d29b51e4ef2f11206fa],
PUP.Optional.TVTime.A, C:\ProgramData\TVTime\TVTime.ico, Quarantined, [7f485aac49420d29b51e4ef2f11206fa],
PUP.Optional.TVTime.A, C:\Users\Mohameed&Nuha\AppData\Local\TVTime\data2.dat, Quarantined, [8b3c93731b70181e22b25ce4dc270af6],
Trojan.Agent, C:\Users\Mohameed&Nuha\AppData\Local\Temp\oprun4549.exe, Quarantined, [c5022cda90fbb0869c32ae0aa45f4fb1],
PUP.Optional.Vitruvian.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001, Quarantined, [cef922e413781a1c89a9a6efd43042be],
PUP.Optional.Vitruvian.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\vitruvian-installer-install-v0003, Quarantined, [537433d3ed9e62d474be484d44c016ea],
PUP.Optional.Vitruvian.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\vitruvian-installer-processes-v0002, Quarantined, [8d3af0162962112559d91184d0348977],
PUP.Optional.Vitruvian.A, C:\Users\Mohameed&Nuha\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, Quarantined, [685f16f0becd77bf0e24494c48bcba46],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\debug.log, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\17AF54B9, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\4DEDA591, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\6C8E155, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\7F24D2EF, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\9721B0CB, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\99E1F920, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\AA012CZ, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\C78F0747, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.BundleInstaller.A, C:\ProgramData\abc\se6dsd6, Quarantined, [edda9e68bfccff371972dbc87f8532ce],
PUP.Optional.OptimizerPro.A, C:\Users\Mohameed&Nuha\Documents\Optimizer Pro\CookiesException.txt, Quarantined, [893eec1ae6a52c0a9c77e6beac582cd4],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1\xlagseih.exe.config, Quarantined, [4b7cb1553b50c2744dd7b5f4699bc63a],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1\sqlite3.dll, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\1.0.4.1\xlagseih.exe, Delete-on-Reboot, [4b7cb1553b50c2744dd7b5f4699bc63a],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Ihneurneuhn\dat.dat, Quarantined, [4b7cb1553b50c2744dd7b5f4699bc63a],
PUP.Optional.OptScan.A, C:\Windows\System32\Tasks\Optscan, Quarantined, [b90e3cca3b506dc9170ca10b877d05fb],
PUP.Optional.OptScan.A, C:\Windows\Tasks\Optscan.job, Quarantined, [fbcc30d62467ce68dc48bbf149bb39c7],
PUP.Optional.SpaceSoundPro.A, C:\Program Files (x86)\SpaceSondPro_v53.1354\SpaceSondPro_Service.exe, Delete-on-Reboot, [ac1bd630cfbc76c0bdee43671aead729],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Qeeoozeou.exe, Delete-on-Reboot, [ae1918ee9eed6dc9158d4f5c2fd57d83],
PUP.Optional.SpaceSoundPro.A, C:\Program Files (x86)\SpaceSondPro_v53.1354\upd.db, Quarantined, [497e43c3137865d16af04dc437cc0bf5],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Heyep.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Ahfroc.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Ahfroc64.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\BCWebLibrary.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Bhimvow.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Bhimvow64.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\brwbl.bin, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\csrcc.exe, Delete-on-Reboot, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Dmxkbb.exe, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Dpvtakek.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\dr_inst.exe, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Eexenyt.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Eexenyt64.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\gcpum.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Hcehp.dll, Delete-on-Reboot, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Hcehp64.dll, Delete-on-Reboot, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Heyep64.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\InnoCallback.dll, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\nfregdrv64.exe, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\prc.exe, Delete-on-Reboot, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\prdt.bin, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Qhgvel.bat, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Sfval.exe, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Sfval64.exe, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\tree.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\unins000.dat, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\unins000.exe, Delete-on-Reboot, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\wrapper.exe, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome.manifest, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\icon.png, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\install.rdf, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}.xpi, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content\main.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content\main.xul, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content\libraries\DataExchangeScript.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\content\resources\LocalScript.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\locale\en-US\overlay.dtd, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\chrome\skin\overlay.css, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\Firefox\defaults\preferences\defaults.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\libraries\DataExchangeScript.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz04082015\resources\LocalScript.js, Quarantined, [ac1bbe483358db5b7f40ea272cd749b7],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\DWinManProD\updateconf, Quarantined, [8344d135c9c2b77f148e050d8f741de3],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF\dat\PJxzyx.exe.config, Delete-on-Reboot, [5572c44278139c9aa2b3ff84897cf010],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF\dat\RzALqK.exe.config, Delete-on-Reboot, [5572c44278139c9aa2b3ff84897cf010],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF\info.dat, Delete-on-Reboot, [5572c44278139c9aa2b3ff84897cf010],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF\xsMZMv.dat, Delete-on-Reboot, [5572c44278139c9aa2b3ff84897cf010],
PUP.Optional.PullUpdate.A, C:\ProgramData\bajNMgF\xsMZMv.exe.config, Quarantined, [5572c44278139c9aa2b3ff84897cf010],

Physical Sectors: 0
(No malicious items detected)


(end)

Publicité


Signaler le contenu de ce document

Publicité