cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 24/02/2016
Heure de l'analyse: 19:50
Fichier journal: journal d'analyse malwarebytes nouveau.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.02.24.07
Base de données de rootkits: v2016.02.17.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Marie

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 336595
Temps écoulé: 3 min, 25 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 5
PUP.Optional.HealthAlert, C:\ProgramData\QQXuWtX\EwgYmekNV.exe, 1032, Supprimer au redémarrage, [2760f173dabf3006335eaa9135cc16ea]
Adware.PullUpdate, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe, 2836, Supprimer au redémarrage, [94f36301f4a5d75f3c94c372669b4eb2]
Adware.PullUpdate, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe, 5596, Supprimer au redémarrage, [94f36301f4a5d75f3c94c372669b4eb2]
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe, 2836, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5]
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe, 5596, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5]

Modules: 1
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1\sqlite3.dll, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5],

Clés du Registre: 60
PUP.Optional.HealthAlert, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EwgYmekNV, En quarantaine, [2760f173dabf3006335eaa9135cc16ea],
PUP.Optional.BrowseFox, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{41113b98-97af-43e5-a55f-61be657e4882}Gw64, En quarantaine, [6d1ad78d0099ba7c63f31106cb3a44bc],
PUP.Optional.CloudScout, HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b, En quarantaine, [e5a21a4a81186bcb64887ca741c38c74],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, En quarantaine, [36510460dbbe290d70cddc7aba4a23dd],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataContainer, En quarantaine, [ff882e369ffa78be1bcbcb9ec53f8f71],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataContainer.1, En quarantaine, [bacd80e4554462d4df07c1a85aaa0df3],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataController, En quarantaine, [0285f96b821733039a4c38310202837d],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataController.1, En quarantaine, [f691471d1b7e0e2841a5de8b8e763dc3],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTable, En quarantaine, [097e2a3a3762aa8ce20492d7c63e21df],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTable.1, En quarantaine, [a6e12b3936635dd9c71fa2c72ed6ca36],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableFields, En quarantaine, [f592da8acfcab680a3433f2a3dc7de22],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableFields.1, En quarantaine, [3e4970f43f5a290deef86ffa21e34bb5],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableHolder, En quarantaine, [b0d74024376269cde5011b4e699b7b85],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.DataTableHolder.1, En quarantaine, [087f323285146bcbc91dbeabd72d728e],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.LSPLogic, En quarantaine, [1176ec78930633033caa1554d62e05fb],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.LSPLogic.1, En quarantaine, [8007ca9a1e7b01355b8b90d97f85d62a],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.ReadOnlyManager, En quarantaine, [325501630198e94d4c9a264351b325db],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.ReadOnlyManager.1, En quarantaine, [f59266fe1089fb3b668071f8669e8977],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.WFPController, En quarantaine, [afd8e18332675adc3ea8e08934d045bb],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\zdengineLib.WFPController.1, En quarantaine, [fa8d055f54452b0b26c05a0fab59d927],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE, En quarantaine, [85028dd788110333b82d1f4a50b43ec2],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\zdengine.EXE, En quarantaine, [cfb81e465841b18522c3036606fe2dd3],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\WOW6432NODE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, En quarantaine, [0f785e060b8e989e24192036a262b24e],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataContainer, En quarantaine, [573068fce7b2a88e529465049e660ff1],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataContainer.1, En quarantaine, [2265b7ad15846cca26c08bde15ef659b],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataController, En quarantaine, [8403194beaafdc5a08de9bce53b130d0],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataController.1, En quarantaine, [c7c004609bfe00366b7be58431d344bc],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTable, En quarantaine, [9fe8273dcecbfc3abb2bde8be1230ef2],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTable.1, En quarantaine, [b5d2362e7d1cc076a244a4c57391728e],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableFields, En quarantaine, [ef988bd971282b0b5c8a4c1db94b31cf],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableFields.1, En quarantaine, [285f6004a6f365d16680f475996b16ea],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableHolder, En quarantaine, [315652126a2f4fe7e8feb0b9867e24dc],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.DataTableHolder.1, En quarantaine, [771033312f6afb3b984e6cfd7b8947b9],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.LSPLogic, En quarantaine, [0780b3b1801954e2658106636e9659a7],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.LSPLogic.1, En quarantaine, [4542174d92071521a83ed594f2128a76],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.ReadOnlyManager, En quarantaine, [d6b1ee766435af87e8fe70f9cd3731cf],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.ReadOnlyManager.1, En quarantaine, [434475ef33660a2c92541950f311748c],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.WFPController, En quarantaine, [8502392b3366fd39d1154a1f8b79db25],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zdengineLib.WFPController.1, En quarantaine, [0e795e06485140f66a7c670256ae6b95],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\zdengine.EXE, En quarantaine, [dea96ff531681620cd18e28720e4ec14],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\.DEFAULT\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-18\SOFTWARE\shopperz230220161843, En quarantaine, [3552f86c831696a09dbb1d4126defa06],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\.DEFAULT\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-18\SOFTWARE\shopperz240220160031, En quarantaine, [92f56cf85f3a261098c03c227391fd03],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\.DEFAULT\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-18\SOFTWARE\shopperz240220161813, En quarantaine, [1f6899cbbadf70c63c1c421cff0524dc],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}, En quarantaine, [fe892c383366a0967abd0acfdf24de22],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}, En quarantaine, [adda6afaecada88e191e9940e61dd927],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{E4435940-0A33-49C0-A0DA-50DFAE0C9690}, En quarantaine, [9aedd98bb7e2f046e4538f4aa95a0000],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}, En quarantaine, [c7c084e0bbdec4722f08b32663a0ba46],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}, En quarantaine, [73148ed66633da5ca1969b3e07fce719],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{E4435940-0A33-49C0-A0DA-50DFAE0C9690}, En quarantaine, [6126e97b2a6ffc3ab483e5f49c6747b9],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}, En quarantaine, [93f4a2c2c9d066d0eb4c8257f40f649c],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}, En quarantaine, [7c0b184c74254fe787b0dffaeb18ba46],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{E4435940-0A33-49C0-A0DA-50DFAE0C9690}, En quarantaine, [e4a31a4a3267cb6bbc7b835645be05fb],
PUP.Optional.Komodia, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\INSTALLPATH\STATUS, En quarantaine, [dea96cf8bedb201607bb1d42a1632dd3],
PUP.Optional.Tuto4PC, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\MICROSOFT\IDSC, En quarantaine, [f39485dfb4e572c4204bcc987b899f61],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}, En quarantaine, [177076eef6a36bcb6bccca0fe91ac739],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}, En quarantaine, [9bec7be98811b0860136d306bc476d93],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\{E4435940-0A33-49C0-A0DA-50DFAE0C9690}, En quarantaine, [67204d172e6b64d2ed4a04d553b033cd],
PUP.Optional.VBates, HKU\S-1-5-21-171434741-542584656-2207485122-1000_Classes\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}, En quarantaine, [681f273df4a51224cd7c88e44aba6799],
PUP.Optional.VBates, HKU\S-1-5-21-171434741-542584656-2207485122-1000_Classes\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}, En quarantaine, [daad0f5573260135b297402c768e12ee],
PUP.Optional.VBates, HKU\S-1-5-21-171434741-542584656-2207485122-1000_Classes\SOFTWARE\{E4435940-0A33-49C0-A0DA-50DFAE0C9690}, En quarantaine, [fd8aabb96534dc5a86c3a8c4e61e26da],

Valeurs du Registre: 22
PUP.Optional.DeskTopPlay, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|dply_en_015020247, En quarantaine, [5b2c4f15a1f883b35d08d845bf45b947],
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_en_037050246, En quarantaine, [5d2acc980396d165e3573dbe986bb34d],
PUP.Optional.GamesDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_fr_005010247, En quarantaine, [038434306930d0661d1f3ab728db9868],
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|oasi_en_066020248, "C:\Program Files (x86)\oasi_en_066020248\oasi_en_066020248.exe", En quarantaine, [2760cf95d5c4c76f54d582c6a2622fd1]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}|Name, C:\Program Files\shopperz240220161813\Jekhe.exe, En quarantaine, [fe892c383366a0967abd0acfdf24de22]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}|Name, C:\Program Files\shopperz240220160031\Lokbobl.exe, En quarantaine, [adda6afaecada88e191e9940e61dd927]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{E4435940-0A33-49C0-a0DA-50DFAE0C9690}|Name, C:\Program Files\shopperz230220161843\Acymdu.exe, En quarantaine, [9aedd98bb7e2f046e4538f4aa95a0000]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}|Name, C:\Program Files\shopperz240220161813\Jekhe.exe, En quarantaine, [c7c084e0bbdec4722f08b32663a0ba46]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}|Name, C:\Program Files\shopperz240220160031\Lokbobl.exe, En quarantaine, [73148ed66633da5ca1969b3e07fce719]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{E4435940-0A33-49C0-a0DA-50DFAE0C9690}|Name, C:\Program Files\shopperz230220161843\Acymdu.exe, En quarantaine, [6126e97b2a6ffc3ab483e5f49c6747b9]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}|Name, C:\Program Files\shopperz240220161813\Jekhe.exe, En quarantaine, [93f4a2c2c9d066d0eb4c8257f40f649c]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}|Name, C:\Program Files\shopperz240220160031\Lokbobl.exe, En quarantaine, [7c0b184c74254fe787b0dffaeb18ba46]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{E4435940-0A33-49C0-a0DA-50DFAE0C9690}|Name, C:\Program Files\shopperz230220161843\Acymdu.exe, En quarantaine, [e4a31a4a3267cb6bbc7b835645be05fb]
PUP.Optional.Komodia, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, Y, En quarantaine, [dea96cf8bedb201607bb1d42a1632dd3]
PUP.Optional.Tuto4PC, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\MICROSOFT\IDSC|partner, tuto, En quarantaine, [f39485dfb4e572c4204bcc987b899f61]
PUP.Optional.DeskBar, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DeskBar.exe, 8888, En quarantaine, [4641d88caaefb28472ba0459c53f738d]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}|Name, C:\Program Files\shopperz240220161813\Jekhe.exe, En quarantaine, [177076eef6a36bcb6bccca0fe91ac739]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}|Name, C:\Program Files\shopperz240220160031\Lokbobl.exe, En quarantaine, [9bec7be98811b0860136d306bc476d93]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-171434741-542584656-2207485122-1000\SOFTWARE\{E4435940-0A33-49C0-a0DA-50DFAE0C9690}|Name, C:\Program Files\shopperz230220161843\Acymdu.exe, En quarantaine, [67204d172e6b64d2ed4a04d553b033cd]
PUP.Optional.VBates, HKU\S-1-5-21-171434741-542584656-2207485122-1000_Classes\SOFTWARE\{79000755-BE24-4206-8F8A-20F4A0C6B50B}|Name, C:\Program Files\shopperz240220161813\Jekhe.exe, En quarantaine, [681f273df4a51224cd7c88e44aba6799]
PUP.Optional.VBates, HKU\S-1-5-21-171434741-542584656-2207485122-1000_Classes\SOFTWARE\{E2311311-10BA-4A89-9173-78FA80A3FB61}|Name, C:\Program Files\shopperz240220160031\Lokbobl.exe, En quarantaine, [daad0f5573260135b297402c768e12ee]
PUP.Optional.VBates, HKU\S-1-5-21-171434741-542584656-2207485122-1000_Classes\SOFTWARE\{E4435940-0A33-49C0-a0DA-50DFAE0C9690}|Name, C:\Program Files\shopperz230220161843\Acymdu.exe, En quarantaine, [fd8aabb96534dc5a86c3a8c4e61e26da]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 8
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5],
PUP.Optional.HealthAlert, C:\Users\Marie\AppData\Local\HealthAlert, En quarantaine, [f4931351dcbdd5611bd1c82bd72c966a],
PUP.Optional.VBates, C:\Users\Marie\AppData\LocalLow\Company\Product\1.0, En quarantaine, [bdca65ff485147efbcdb4cda21e39d63],
PUP.Optional.VBates, C:\Users\Marie\AppData\LocalLow\Company\Product, En quarantaine, [bdca65ff485147efbcdb4cda21e39d63],
PUP.Optional.Komodia, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\zdengine, En quarantaine, [424533319cfda492ce8a59a328da4bb5],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\dat, Supprimer au redémarrage, [97f01e464158c47297f42bf58d784cb4],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX, Supprimer au redémarrage, [97f01e464158c47297f42bf58d784cb4],

Fichiers: 85
PUP.Optional.HealthAlert, C:\ProgramData\QQXuWtX\EwgYmekNV.exe, Supprimer au redémarrage, [2760f173dabf3006335eaa9135cc16ea],
Adware.PullUpdate, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe, Supprimer au redémarrage, [94f36301f4a5d75f3c94c372669b4eb2],
PUP.Optional.BrowseFox, C:\Windows\System32\drivers\{41113b98-97af-43e5-a55f-61be657e4882}Gw64.sys, En quarantaine, [6d1ad78d0099ba7c63f31106cb3a44bc],
PUP.Optional.ZombieNews, C:\ProgramData\MLoMSdelo\dat\lZtjRql.exe, En quarantaine, [4146cb99b6e32c0aef4ee55b36cb05fb],
PUP.Optional.ZombieInvasion, C:\ProgramData\MLoMSdelo\dat\uULsHoZezjd.dll, En quarantaine, [1f68f66ec1d86ec8bfb4902626dee719],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\dat\qBgRhmnYbL.dll, Supprimer au redémarrage, [563198cccacfd066943a6102768b728e],
PUP.Optional.HealthAlert, C:\ProgramData\QQXuWtX\dat\rHJWbXku.exe, Supprimer au redémarrage, [9ee9bda721788aaca1f063d806fb41bf],
PUP.Optional.ZombieInvasion, C:\ProgramData\QQXuWtX\dat\TNblMLtgCs.dll, Supprimer au redémarrage, [1a6db2b27a1f0531363d8c2aaa5a27d9],
PUP.Optional.HealthAlert, C:\ProgramData\QQXuWtX\dat\zNjvPMKuC.exe, Supprimer au redémarrage, [dfa85c08495082b41f72112a26db30d0],
Adware.PennyBee, C:\Users\Marie\AppData\Roaming\EhakCedam\Fegekhet.exe, En quarantaine, [f3945f05584156e0b5ea7582b74a23dd],
Adware.PennyBee, C:\Users\Marie\AppData\Roaming\FasaemAdaoeal\Rodziig.exe, En quarantaine, [e99e89db9504f73fbae547b06a971be5],
PUP.Optional.Cherimoya, C:\Windows\System32\drivers\cherimoya.sys, En quarantaine, [8cfb9aca2a6fa096eb17f92185801be5],
PUP.Optional.CSDI, C:\Users\Marie\AppData\Local\Temp\5MCZFYRBBR.exe, En quarantaine, [c4c34a1a3c5d7cbaf1858398de270ff1],
PUP.Optional.SoundPlus, C:\Users\Marie\AppData\Local\Temp\AcBEu6iBNz.exe, En quarantaine, [37505b09a3f6251179af64873ac7f010],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Users\Marie\AppData\Local\Temp\K8fH8zApTs.exe, En quarantaine, [47401c482f6a57df626072c4e9187b85],
Adware.EoRezo.Gen, C:\Users\Marie\AppData\Local\Temp\fi_d0249E.exe, En quarantaine, [cbbcb1b3eeab01353b6108d3cb36847c],
PUP.Optional.SoundPlus, C:\Users\Marie\AppData\Local\Temp\fi_d060DA.exe, En quarantaine, [ed9ada8a3663fe389e8ac823e21f629e],
Adware.EoRezo.Gen, C:\Users\Marie\AppData\Local\Temp\fi_d06A90.exe, En quarantaine, [582f6df71881d95d7a226a71847d4ab6],
Adware.EoRezo.Gen, C:\Users\Marie\AppData\Local\Temp\fi_d07D4F.exe, En quarantaine, [4443c0a40099dc5a54488556748dbc44],
PUP.Optional.ConvertAd, C:\Users\Marie\AppData\Local\Temp\nsb699C.tmp, En quarantaine, [85022e3644552f0739c86d6c9d6415eb],
PUP.Optional.CheckOffer, C:\Users\Marie\AppData\Local\Temp\nsn643C.tmp, En quarantaine, [2c5b164e6039ae888221b262976ac33d],
PUP.Optional.ConvertAd, C:\Users\Marie\AppData\Local\Temp\nsqE7A5.tmp, En quarantaine, [ddaac79d10899e986357086e05fd21df],
PUP.Optional.CouponMarvel, C:\Users\Marie\AppData\Local\Temp\nsw644F.tmp, En quarantaine, [06819ec65b3e81b52964cdcc54adb749],
PUP.Optional.Amonetize, C:\Users\Marie\AppData\Local\Temp\nsw65D5.tmp, En quarantaine, [0c7b2b398a0fbf77f249b7a802fea25e],
PUP.Optional.Amonetize, C:\Users\Marie\AppData\Local\Temp\amisetup2223__18454.exe, En quarantaine, [9fe80a5a0198bd79cdccbc3c06fbcb35],
PUP.Optional.YourSearching.ShrtCln, C:\Users\Marie\AppData\Local\Temp\T1rpr2ogva.exe, En quarantaine, [7116481cc2d7270f746972a609fcd52b],
Adware.EoRezo, C:\Users\Marie\AppData\Local\Temp\VA2pUYryyp.exe, En quarantaine, [e0a720449efb999dd957be1425dc629e],
PUP.Optional.CSDI, C:\Users\Marie\AppData\Local\Temp\ZO9FDWQ93J.exe, En quarantaine, [d9aee57fc0d95cdaef8753c815f09070],
PUP.Optional.Yontoo, C:\Users\Marie\AppData\Local\Temp\ea7vCXoCSI.exe, En quarantaine, [eb9cb1b3c8d17eb837af8bd3728f867a],
PUP.Optional.Yontoo, C:\Users\Marie\AppData\Local\Temp\{230E1D7C-F035-4666-8686-0CEF3B8F9317}.dll, En quarantaine, [6c1b89dbd2c79f9775711549bc45c23e],
PUP.Optional.Bundler, C:\Users\Marie\AppData\Local\Temp\fsd6C0B.exe, En quarantaine, [3c4b283ce1b850e6e431d957fe02ab55],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\hj8onRxtjB.exe, En quarantaine, [a6e1d78dbedb59ddf87c1601947139c7],
PUP.Optional.SpaceSoundPro, C:\Users\Marie\AppData\Local\Temp\6P7DHSLT18\testversion.exe, En quarantaine, [06815d07d5c4b38317e818d8b05138c8],
PUP.Optional.Clara, C:\Users\Marie\AppData\Local\Temp\is-HTTBP.tmp\437.exe, En quarantaine, [582f9bc9a9f024129679c5758a77649c],
PUP.Optional.ZombieNews, C:\Users\Marie\AppData\Local\Temp\KK19DFDXV\KK19DFDXV.exe, En quarantaine, [167102622e6b2a0cffa84de17a86a858],
PUP.Optional.SilentInstaller, C:\Users\Marie\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, En quarantaine, [85020c582a6f66d0eb089fa630d06997],
PUP.Optional.PennyBee, C:\Users\Marie\AppData\Local\Temp\01DFBERC8\01DFBERC8.exe, En quarantaine, [860169fb8316ce68a99c43846e93a25e],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\2322016190504\WindApp Uninstall.exe, En quarantaine, [6c1bb4b0cfca60d6bdb73cdb21e4d62a],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\2322016190716\Bubble Dock Uninstall.exe, En quarantaine, [87008ada732657df5123f324b74eee12],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\2322016191018\WindApp Uninstall.exe, En quarantaine, [3552ee760792d95d0d67a1766e97a060],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\2322016192034\Selection Tools Uninstall.exe, En quarantaine, [4b3cc4a04653b3831e5682950afb9769],
PUP.Optional.CheckOffer, C:\Users\Marie\AppData\Local\Temp\nsb6CA8.tmp\nsCBHTML5.dll, En quarantaine, [ef98a6bea7f25fd701a2997b7c85c040],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\nspE547.tmp\62793.WindApp.MON001.no.exe, En quarantaine, [dcab89db603947ef4d27a671d4317e82],
PUP.Optional.BubbleDock, C:\Users\Marie\AppData\Local\Temp\nspE547.tmp\63100.Bubble_Dock.BBD023.no.exe, En quarantaine, [7b0ce3815247b383bc207dc47e8305fb],
PUP.Optional.Nosibay, C:\Users\Marie\AppData\Local\Temp\nspE547.tmp\64762.Selection_Tools.ALT001.no.exe, En quarantaine, [05825d074f4ae650492be4330500c63a],
PUP.Optional.PennyBee, C:\Users\Marie\AppData\Local\Temp\BANZ040RX\BANZ040RX.exe, En quarantaine, [8601402418812f07370e1daa59a8f20e],
PUP.Optional.Amonetize, C:\Users\Marie\AppData\Local\Temp\VFFX8E9KB\VFFX8E9KB.exe, En quarantaine, [0384283cc0d91b1bf249213e7a867a86],
PUP.Optional.SpaceSoundPro, C:\Users\Marie\AppData\Local\Temp\WZC390DEOR\testversion.exe, En quarantaine, [1077f56f0198181e53ace709a061d927],
PUP.Optional.Tuto4PC, C:\Users\Marie\AppData\Local\Temp\WZC390DEOR\win.exe, En quarantaine, [f0976bf95742a4926d7e3b23fe020ff1],
Adware.EoRezo.Gen, C:\Users\Marie\AppData\Local\Temp\OSOQDNKIV\OSOQDNKIV.exe, En quarantaine, [6621c2a2abeeb185a3c6795e5ea38e72],
PUP.Optional.PennyBee, C:\Users\Marie\AppData\Local\Temp\~nsu.tmp\Au_.exe, En quarantaine, [7b0c9bc955447abcd174e3e4b54ca759],
PUP.Optional.ConvertAd, C:\Windows\Temp\74B5.tmp, En quarantaine, [daad30340d8ceb4b2ed48158a65bb64a],
Rootkit.Agent.A, C:\Windows\System32\drivers\cherimoya.sys, En quarantaine, [305794d0504945f156b735d7d330d030],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe.config, En quarantaine, [4a3de87c5c3d4ee8c95f9243bb483bc5],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1\sqlite3.dll, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\1.0.7.1\ugnaovhi.exe, Supprimer au redémarrage, [4a3de87c5c3d4ee8c95f9243bb483bc5],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Uiusmlimom\dat.dat, En quarantaine, [4a3de87c5c3d4ee8c95f9243bb483bc5],
PUP.Optional.BubbleDock, C:\Users\Marie\AppData\Local\Temp\Bubble Dock.txt, En quarantaine, [0780adb7d4c57abc473ce8f9e41f758b],
PUP.Optional.BubbleDock, C:\Users\Marie\AppData\Local\Temp\LBubble Dock.txt, En quarantaine, [65225d07b6e3c86ea5e02cb54fb456aa],
PUP.Optional.HealthAlert, C:\Users\Marie\AppData\Local\HealthAlert\data2.dat, En quarantaine, [f4931351dcbdd5611bd1c82bd72c966a],
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_iexplore.exe.cache, En quarantaine, [fe895e060297191d97d11eed7f8523dd],
PUP.Optional.FakeIELaunch, C:\Users\Marie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk, En quarantaine, [aaddd094a0f9d561161a0e1633d1f50b],
PUP.Optional.PastaLeads, C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [32552143afea3ef8d99e0124eb195fa1],
PUP.Optional.PastaLeads, C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [048302620f8a49ede49381a4fb0930d0],
PUP.Optional.VBates, C:\Users\Marie\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, En quarantaine, [bdca65ff485147efbcdb4cda21e39d63],
PUP.Optional.VBates, C:\Users\Marie\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, En quarantaine, [bdca65ff485147efbcdb4cda21e39d63],
PUP.Optional.Boxore.WnskRST, C:\Users\Marie\AppData\Local\Temp\BoxoreServicer.log, En quarantaine, [d3b48cd87029cc6a4e73173d9173bf41],
PUP.Optional.Boxore.WnskRST, C:\Windows\Temp\BoxoreService.log, En quarantaine, [c8bfc0a4d6c3b87e6859e17350b4e51b],
PUP.Optional.Boxore.WnskRST, C:\Windows\Temp\BoxoreServicer.log, En quarantaine, [1c6b6ff581181c1af3ce1b39e321e818],
Trojan.FakeAlert, C:\Users\Marie\AppData\Local\Temp\6P7DHSLT18\testversion.exe, En quarantaine, [6f18570d78219f97cb95cc9839cb01ff],
Trojan.FakeAlert, C:\Users\Marie\AppData\Local\Temp\WZC390DEOR\testversion.exe, En quarantaine, [2f5880e455445ed8a4bc560ed72d916f],
PUP.Optional.CrossRider, C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [cdba3d27c2d74de95db2a7bec63e03fd],
PUP.Optional.CrossRider, C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [55322a3abbde95a1957a125358ac47b9],
PUP.Optional.CrossRider, C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_q2u3z6t7.ssl.hwcdn.net_0.localstorage, En quarantaine, [e5a297cdaaeff046769ac89df0142bd5],
PUP.Optional.CrossRider, C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_q2u3z6t7.ssl.hwcdn.net_0.localstorage-journal, En quarantaine, [3c4b5c08257438fe24ec86df8d77f10f],
PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, En quarantaine, [7e099ec66831cb6b6c7094d57d87e51b],
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, En quarantaine, [0e795d071a7ffd39a439de8bfa0a2ad6],
PUP.Optional.Komodia, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\zdengine\zdengine.ini, En quarantaine, [424533319cfda492ce8a59a328da4bb5],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\dat\rHJWbXku.exe.config, Supprimer au redémarrage, [97f01e464158c47297f42bf58d784cb4],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\dat\zNjvPMKuC.exe.config, Supprimer au redémarrage, [97f01e464158c47297f42bf58d784cb4],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\EwgYmekNV.dat, Supprimer au redémarrage, [97f01e464158c47297f42bf58d784cb4],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\EwgYmekNV.exe.config, En quarantaine, [97f01e464158c47297f42bf58d784cb4],
PUP.Optional.PullUpdate, C:\ProgramData\QQXuWtX\info.dat, Supprimer au redémarrage, [97f01e464158c47297f42bf58d784cb4],
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\garg\eaai\yab.dat, En quarantaine, [4e39d98bb0e93600193de539f3127f81],
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\upu\acyo\eiwe.dat, En quarantaine, [7413d094e0b9c76f193f0b1313f2ad53],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité