Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 10/05/2017
Heure de l'analyse: 22:41
Fichier journal: resume MBAM.txt
Administrateur: Oui
-Informations du logiciel-
Version: 3.0.6.1469
Version de composants: 1.0.103
Version de pack de mise à jour: 1.0.1913
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: SHINLINK-PC\shinlink
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 507552
Temps écoulé: 39 min, 16 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
-Détails de l'analyse-
Processus: 1
Adware.Agent, C:\USERS\SHINLINK\APPDATA\LOCAL\XMARIN\XMARIN.EXE, En quarantaine, [246], [390384],1.0.1913
Module: 2
PUP.Optional.HDWallPaper, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, En quarantaine, [130], [392467],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\LOCAL\XMARIN\XMARIN.EXE, En quarantaine, [246], [390384],1.0.1913
Clé du registre: 11
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En quarantaine, [51], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, En quarantaine, [51], [-1],0.0.0
Adware.NetUtils, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, En quarantaine, [1100], [385134],1.0.1913
Backdoor.XTRat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [575], [224521],1.0.1913
Backdoor.XTRat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [575], [224521],1.0.1913
PUP.Optional.RussAd, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\wupdate, En quarantaine, [12], [378183],1.0.1913
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{aecb2ace}, En quarantaine, [28], [260250],1.0.1913
PUP.Optional.HQVPro, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\HQ-VPro-1.9, En quarantaine, [5175], [239229],1.0.1913
PUP.Optional.RussAd, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DACFCADC-D6AB-4065-8A7F-58290B30B43B}, En quarantaine, [12], [378181],1.0.1913
PUP.Optional.CrossRider, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCF66FD-3ACF-4C5E-BECF-61245263E428}, En quarantaine, [237], [237487],1.0.1913
Adware.RuKometa, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\NETBOX\KometaInstaller, En quarantaine, [171], [387292],1.0.1913
Valeur du registre: 7
Trojan.Agent.Generic, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|&qxAO-2gfe.exe, En quarantaine, [453], [369948],1.0.1913
Trojan.Agent.Generic, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|0uBYNi3WVb.exe, En quarantaine, [453], [369948],1.0.1913
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{aecb2ace}|1, En quarantaine, [28], [260250],1.0.1913
PUP.Optional.StartPage.Generic, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AVVPCQRLPK, En quarantaine, [591], [182786],1.0.1913
PUP.Optional.RussAd, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DACFCADC-D6AB-4065-8A7F-58290B30B43B}|PATH, En quarantaine, [12], [378181],1.0.1913
PUP.Optional.CrossRider, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCF66FD-3ACF-4C5E-BECF-61245263E428}|APPNAME, En quarantaine, [237], [237487],1.0.1913
PUP.Optional.AppTrailers, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|13, En quarantaine, [838], [393166],1.0.1913
Données du registre: 11
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{315D1E01-F2FC-4A92-A77C-8BBF642E8441}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{531b3e66-31d6-456f-a350-cbc712d255cd}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{531b3e66-31d6-456f-a350-cbc712d255cd}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7300c0e1-8f30-4ad0-96d5-6b1760674fcf}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7300c0e1-8f30-4ad0-96d5-6b1760674fcf}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{a472971b-8435-4511-aead-907167eb2c85}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{e47de8a0-d920-4a12-adaf-797813cdcc78}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{e47de8a0-d920-4a12-adaf-797813cdcc78}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{EC54F67F-053E-4849-BCE9-DEFF8402ABF0}|NameServer, Remplacé, [28], [-1],0.0.0
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 2
Adware.Agent.Generic, C:\PROGRAMDATA\{13E04946-A44B-FEED-0DFA-874F25B55AC0}, En quarantaine, [1402], [331038],1.0.1913
PUP.Optional.RussAd, C:\USERS\SHINLINK\APPDATA\LOCAL\WUPDATE, En quarantaine, [12], [378182],1.0.1913
Fichier: 48
PUP.Optional.HDWallPaper, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, En quarantaine, [130], [392467],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\LOCAL\XMARIN\XMARIN.EXE, En quarantaine, [246], [390384],1.0.1913
Trojan.Agent.Generic, C:\PROGRAM FILES\INTEL SECURITY\RX57TWSI5OCNH\&QXAO-2GFE.EXE, En quarantaine, [453], [369948],1.0.1913
Trojan.Agent.Generic, C:\PROGRAM FILES\SYNAPTICS\ZAE7K5871MTWL9WGXDWC7V6MRIQDSXHX\0UBYNI3WVB.EXE, En quarantaine, [453], [369948],1.0.1913
Adware.FileTour, C:\PROGRAMDATA\{13E04946-A44B-FEED-0DFA-874F25B55AC0}\16ECF221-A147-458A-1DCF-0838B1D08FCA.EXE, En quarantaine, [240], [396749],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\MICROSOFT\MSI.EXE, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Amonetize, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\2FUUAI9LNSTS.EXE, En quarantaine, [6], [387785],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\93179389.T.EXE, En quarantaine, [240], [396749],1.0.1913
Adware.Elex, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\LOCAL64SPL.DLL, En quarantaine, [2], [389178],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\0ISS7K67ZEUV.EXE, En quarantaine, [246], [372569],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\0MM7RZEKD1VX.EXE, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Amonetize, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\6OSIJ8GT0N8U.EXE, En quarantaine, [6], [387785],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\68728373.T.EXE, En quarantaine, [240], [396749],1.0.1913
Trojan.Downloader, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\A86A.TMP.EXE, En quarantaine, [66], [389301],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\GUN2XWKIS9G7.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\70271701.T.EXE, En quarantaine, [240], [396749],1.0.1913
PUP.Optional.WhatsYourName, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\KRYPTQZPPJWV.EXE, En quarantaine, [8139], [388274],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\HBOFPX6JL5FQ.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\PUINN9PGKCNF.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\KRYVRS5LHZFN.EXE, En quarantaine, [246], [372569],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\TEMPO.SYS, En quarantaine, [57], [397119],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\VGURKSRNTVSJ.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\0DRODXK8QFHM.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\493189.T.EXE, En quarantaine, [240], [396749],1.0.1913
Trojan.Downloader, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\EEEE.TMP.EXE, En quarantaine, [66], [389301],1.0.1913
PUP.Optional.InstallCore, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\YEADESKTOP.EXE, En quarantaine, [3], [356458],1.0.1913
PUP.Optional.BundleInstaller, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\INSTALL_CCLEANER.EXE, En quarantaine, [25], [396910],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\FIVEIUDE5PAH.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.RuKometa, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\LMZAOYMSAMZU.EXE, En quarantaine, [171], [379406],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\P4ZTW4PH10EQ.EXE, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Sputnik, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\YESVMTB5REWG.EXE, En quarantaine, [3150], [352247],1.0.1913
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.6\STANDALONEPHASE1.DAT, En quarantaine, [559], [393793],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\LOCAL\TEMP\TEMPO.SYS, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Yontoo, C:\USERS\SHINLINK\DOWNLOADS\83RBNXYZ9BJH2EO5BATV02B6IIZTEP_OPG.RAR (1).EXE, En quarantaine, [51], [96485],1.0.1913
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Échec de la suppression, [51], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, En quarantaine, [51], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En quarantaine, [51], [-1],0.0.0
PUP.Optional.OpenCandy, C:\USERS\SHINLINK\DOWNLOADS\CHEATENGINE66.EXE, En quarantaine, [509], [101648],1.0.1913
PUP.Optional.OneClickDownloader, C:\USERS\SHINLINK\DOWNLOADS\DEAD_OR_ALIVE_DIMENSIONS_EUR_3DS_LGC.EXE, En quarantaine, [7372], [77013],1.0.1913
PUP.Optional.TweakBit, C:\USERS\SHINLINK\DOWNLOADS\DRIVER-UPDATER-SETUP.EXE, En quarantaine, [1133], [340093],1.0.1913
PUP.Optional.InstallCore, C:\USERS\SHINLINK\DOWNLOADS\K-LITE_CODEC_PACK_1090_FULL.EXE, En quarantaine, [3], [301105],1.0.1913
PUP.Optional.SecurityCleanerLLC, C:\USERS\SHINLINK\DOWNLOADS\INSTALL_CCLEANER-WIN32.EXE, En quarantaine, [8210], [379150],1.0.1913
PUP.Optional.AnyProtect, C:\USERS\SHINLINK\APPDATA\LOCAL\NSK794F.TMP, En quarantaine, [9998], [299036],1.0.1913
Adware.RuKometa, C:\USERS\SHINLINK\APPDATA\LOCAL\WUPDATE\WUPDATE.EXE, En quarantaine, [171], [379406],1.0.1913
Adware.NetUtils, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, En quarantaine, [1100], [385134],1.0.1913
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En quarantaine, [542], [391431],1.0.1913
Backdoor.XTRat, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, En quarantaine, [575], [224521],1.0.1913
PUP.Optional.RussAd, C:\WINDOWS\SYSTEM32\TASKS\WUPDATE, En quarantaine, [12], [378184],1.0.1913
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 10/05/2017
Heure de l'analyse: 22:41
Fichier journal: resume MBAM.txt
Administrateur: Oui
-Informations du logiciel-
Version: 3.0.6.1469
Version de composants: 1.0.103
Version de pack de mise à jour: 1.0.1913
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: SHINLINK-PC\shinlink
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 507552
Temps écoulé: 39 min, 16 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
-Détails de l'analyse-
Processus: 1
Adware.Agent, C:\USERS\SHINLINK\APPDATA\LOCAL\XMARIN\XMARIN.EXE, En quarantaine, [246], [390384],1.0.1913
Module: 2
PUP.Optional.HDWallPaper, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, En quarantaine, [130], [392467],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\LOCAL\XMARIN\XMARIN.EXE, En quarantaine, [246], [390384],1.0.1913
Clé du registre: 11
PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En quarantaine, [51], [-1],0.0.0
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, En quarantaine, [51], [-1],0.0.0
Adware.NetUtils, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, En quarantaine, [1100], [385134],1.0.1913
Backdoor.XTRat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [575], [224521],1.0.1913
Backdoor.XTRat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [575], [224521],1.0.1913
PUP.Optional.RussAd, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\wupdate, En quarantaine, [12], [378183],1.0.1913
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{aecb2ace}, En quarantaine, [28], [260250],1.0.1913
PUP.Optional.HQVPro, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\HQ-VPro-1.9, En quarantaine, [5175], [239229],1.0.1913
PUP.Optional.RussAd, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DACFCADC-D6AB-4065-8A7F-58290B30B43B}, En quarantaine, [12], [378181],1.0.1913
PUP.Optional.CrossRider, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCF66FD-3ACF-4C5E-BECF-61245263E428}, En quarantaine, [237], [237487],1.0.1913
Adware.RuKometa, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\NETBOX\KometaInstaller, En quarantaine, [171], [387292],1.0.1913
Valeur du registre: 7
Trojan.Agent.Generic, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|&qxAO-2gfe.exe, En quarantaine, [453], [369948],1.0.1913
Trojan.Agent.Generic, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|0uBYNi3WVb.exe, En quarantaine, [453], [369948],1.0.1913
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{aecb2ace}|1, En quarantaine, [28], [260250],1.0.1913
PUP.Optional.StartPage.Generic, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AVVPCQRLPK, En quarantaine, [591], [182786],1.0.1913
PUP.Optional.RussAd, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DACFCADC-D6AB-4065-8A7F-58290B30B43B}|PATH, En quarantaine, [12], [378181],1.0.1913
PUP.Optional.CrossRider, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCF66FD-3ACF-4C5E-BECF-61245263E428}|APPNAME, En quarantaine, [237], [237487],1.0.1913
PUP.Optional.AppTrailers, HKU\S-1-5-21-2902642550-1982242853-366730200-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|13, En quarantaine, [838], [393166],1.0.1913
Données du registre: 11
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{315D1E01-F2FC-4A92-A77C-8BBF642E8441}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{531b3e66-31d6-456f-a350-cbc712d255cd}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{531b3e66-31d6-456f-a350-cbc712d255cd}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7300c0e1-8f30-4ad0-96d5-6b1760674fcf}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7300c0e1-8f30-4ad0-96d5-6b1760674fcf}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{a472971b-8435-4511-aead-907167eb2c85}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{e47de8a0-d920-4a12-adaf-797813cdcc78}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{e47de8a0-d920-4a12-adaf-797813cdcc78}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{EC54F67F-053E-4849-BCE9-DEFF8402ABF0}|NameServer, Remplacé, [28], [-1],0.0.0
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 2
Adware.Agent.Generic, C:\PROGRAMDATA\{13E04946-A44B-FEED-0DFA-874F25B55AC0}, En quarantaine, [1402], [331038],1.0.1913
PUP.Optional.RussAd, C:\USERS\SHINLINK\APPDATA\LOCAL\WUPDATE, En quarantaine, [12], [378182],1.0.1913
Fichier: 48
PUP.Optional.HDWallPaper, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, En quarantaine, [130], [392467],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\LOCAL\XMARIN\XMARIN.EXE, En quarantaine, [246], [390384],1.0.1913
Trojan.Agent.Generic, C:\PROGRAM FILES\INTEL SECURITY\RX57TWSI5OCNH\&QXAO-2GFE.EXE, En quarantaine, [453], [369948],1.0.1913
Trojan.Agent.Generic, C:\PROGRAM FILES\SYNAPTICS\ZAE7K5871MTWL9WGXDWC7V6MRIQDSXHX\0UBYNI3WVB.EXE, En quarantaine, [453], [369948],1.0.1913
Adware.FileTour, C:\PROGRAMDATA\{13E04946-A44B-FEED-0DFA-874F25B55AC0}\16ECF221-A147-458A-1DCF-0838B1D08FCA.EXE, En quarantaine, [240], [396749],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\MICROSOFT\MSI.EXE, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Amonetize, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\2FUUAI9LNSTS.EXE, En quarantaine, [6], [387785],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\93179389.T.EXE, En quarantaine, [240], [396749],1.0.1913
Adware.Elex, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\LOCAL64SPL.DLL, En quarantaine, [2], [389178],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\0ISS7K67ZEUV.EXE, En quarantaine, [246], [372569],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\0MM7RZEKD1VX.EXE, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Amonetize, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\6OSIJ8GT0N8U.EXE, En quarantaine, [6], [387785],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\68728373.T.EXE, En quarantaine, [240], [396749],1.0.1913
Trojan.Downloader, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\A86A.TMP.EXE, En quarantaine, [66], [389301],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\GUN2XWKIS9G7.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\70271701.T.EXE, En quarantaine, [240], [396749],1.0.1913
PUP.Optional.WhatsYourName, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\KRYPTQZPPJWV.EXE, En quarantaine, [8139], [388274],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\HBOFPX6JL5FQ.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\PUINN9PGKCNF.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.Agent, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\KRYVRS5LHZFN.EXE, En quarantaine, [246], [372569],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\TEMPO.SYS, En quarantaine, [57], [397119],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\VGURKSRNTVSJ.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\0DRODXK8QFHM.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.FileTour, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\493189.T.EXE, En quarantaine, [240], [396749],1.0.1913
Trojan.Downloader, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\EEEE.TMP.EXE, En quarantaine, [66], [389301],1.0.1913
PUP.Optional.InstallCore, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\YEADESKTOP.EXE, En quarantaine, [3], [356458],1.0.1913
PUP.Optional.BundleInstaller, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\INSTALL_CCLEANER.EXE, En quarantaine, [25], [396910],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\FIVEIUDE5PAH.EXE, En quarantaine, [57], [397119],1.0.1913
Adware.RuKometa, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\LMZAOYMSAMZU.EXE, En quarantaine, [171], [379406],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\P4ZTW4PH10EQ.EXE, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Sputnik, C:\USERS\SHINLINK\APPDATA\ROAMING\ZHP\QUARANTINE\YESVMTB5REWG.EXE, En quarantaine, [3150], [352247],1.0.1913
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.6\STANDALONEPHASE1.DAT, En quarantaine, [559], [393793],1.0.1913
Adware.LoadMoney, C:\USERS\SHINLINK\APPDATA\LOCAL\TEMP\TEMPO.SYS, En quarantaine, [57], [397119],1.0.1913
PUP.Optional.Yontoo, C:\USERS\SHINLINK\DOWNLOADS\83RBNXYZ9BJH2EO5BATV02B6IIZTEP_OPG.RAR (1).EXE, En quarantaine, [51], [96485],1.0.1913
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, Échec de la suppression, [51], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, En quarantaine, [51], [-1],0.0.0
PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En quarantaine, [51], [-1],0.0.0
PUP.Optional.OpenCandy, C:\USERS\SHINLINK\DOWNLOADS\CHEATENGINE66.EXE, En quarantaine, [509], [101648],1.0.1913
PUP.Optional.OneClickDownloader, C:\USERS\SHINLINK\DOWNLOADS\DEAD_OR_ALIVE_DIMENSIONS_EUR_3DS_LGC.EXE, En quarantaine, [7372], [77013],1.0.1913
PUP.Optional.TweakBit, C:\USERS\SHINLINK\DOWNLOADS\DRIVER-UPDATER-SETUP.EXE, En quarantaine, [1133], [340093],1.0.1913
PUP.Optional.InstallCore, C:\USERS\SHINLINK\DOWNLOADS\K-LITE_CODEC_PACK_1090_FULL.EXE, En quarantaine, [3], [301105],1.0.1913
PUP.Optional.SecurityCleanerLLC, C:\USERS\SHINLINK\DOWNLOADS\INSTALL_CCLEANER-WIN32.EXE, En quarantaine, [8210], [379150],1.0.1913
PUP.Optional.AnyProtect, C:\USERS\SHINLINK\APPDATA\LOCAL\NSK794F.TMP, En quarantaine, [9998], [299036],1.0.1913
Adware.RuKometa, C:\USERS\SHINLINK\APPDATA\LOCAL\WUPDATE\WUPDATE.EXE, En quarantaine, [171], [379406],1.0.1913
Adware.NetUtils, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, En quarantaine, [1100], [385134],1.0.1913
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, En quarantaine, [542], [391431],1.0.1913
Backdoor.XTRat, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, En quarantaine, [575], [224521],1.0.1913
PUP.Optional.RussAd, C:\WINDOWS\SYSTEM32\TASKS\WUPDATE, En quarantaine, [12], [378184],1.0.1913
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)