Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 11/12/2017
Heure de l'analyse: 10:19
Fichier journal: 6f73047a-de54-11e7-9c3e-402cf4cbb067.json
Administrateur: Oui
-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.3464
Licence: Essai
-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: C3PO\C-3PO
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 231109
Menaces détectées: 77
Menaces mises en quarantaine: 77
Temps écoulé: 2 min, 12 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 14
PUP.Optional.SpeeDownloader, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\WOW6432NODE\Speedownloader0099, En quarantaine, [7647], [453126],1.0.3464
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Palikan, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9E23A6F2-D9EE-469A-BC2B-E96697777436}, En quarantaine, [1589], [241488],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, En quarantaine, [5053], [425124],1.0.3464
PUP.Optional.SearchModule, HKLM\SOFTWARE\WOW6432NODE\SEARCHMODULE\SMUpd, En quarantaine, [611], [242742],1.0.3464
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINMON, En quarantaine, [202], [431630],1.0.3464
Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\PrAmNP, En quarantaine, [355], [451258],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\TASKENG.EXE, En quarantaine, [5053], [425125],1.0.3464
PUP.Optional.SearchModule, HKLM\SOFTWARE\WOW6432NODE\SearchModule, En quarantaine, [611], [388629],1.0.3464
PUP.Optional.SpeeDownloader, HKLM\SOFTWARE\WOW6432NODE\Speedownloader0099, En quarantaine, [7647], [384272],1.0.3464
Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, En quarantaine, [4368], [424837],1.0.3464
Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Lace514, En quarantaine, [2523], [365194],1.0.3464
Adware.NeoBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}, En quarantaine, [434], [420739],1.0.3464
Adware.NeoBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}, En quarantaine, [434], [420739],1.0.3464
Valeur du registre: 19
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, En quarantaine, [5053], [425126],1.0.3464
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [205], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [205], [-1],0.0.0
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}|OSDFILEURL, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}|FAVICONURL, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}|URL, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Palikan, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9E23A6F2-D9EE-469A-BC2B-E96697777436}|, En quarantaine, [1589], [241488],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, En quarantaine, [205], [259518],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_UPDATES.JOB, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_UPDATES.JOB.FP, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_DEFAULT.JOB, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_DEFAULT.JOB.FP, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, En quarantaine, [5053], [425124],1.0.3464
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINMON|IMAGEPATH, En quarantaine, [202], [431630],1.0.3464
PUP.Optional.Goobzo, HKLM\SOFTWARE\WOW6432NODE\SEARCHMODULE\SMUPD|SCF, En quarantaine, [312], [238822],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En quarantaine, [205], [259988],1.0.3464
PUP.Optional.CloudNet, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B078CC0B-4227-439C-89EC-905E5AD88ACF}, En quarantaine, [6544], [446028],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\TASKENG.EXE|WINDOWPOSITION, En quarantaine, [5053], [425125],1.0.3464
PUP.Optional.NetSurvey, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NETCTL, En quarantaine, [1009], [325152],1.0.3464
Données du registre: 3
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Remplacé, [205], [293485],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Remplacé, [205], [293485],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Remplacé, [205], [293486],1.0.3464
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 4
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\jVddbi7Omy, En quarantaine, [2387], [371199],1.0.3464
Adware.NeoBar, C:\USERS\C-3PO\APPDATA\LOCALLOW\HGQLVNXRXKVST, En quarantaine, [434], [431478],1.0.3464
Fichier: 37
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\jVddbi7Omy\SSL\OtherSearch Inc CA 2.cer, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\certutil.exe, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\mozcrt19.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\nspr4.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\nss3.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\plc4.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\plds4.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\smime3.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\softokn3.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\cert.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\x.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\xtls.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\xv.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\data.dt, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\dlog.txt, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\kl.ecf, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\s.xml, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\slite.exe, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\uninstall.exe, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\upd.dt, En quarantaine, [2387], [371199],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, En quarantaine, [1777], [404862],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\NOAH.DAT, En quarantaine, [1777], [404865],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\MD.XML, En quarantaine, [1777], [404866],1.0.3464
PUP.Optional.Palikan, C:\USERS\C-3PO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En quarantaine, [1589], [255721],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\Treetamplus.tst, En quarantaine, [1777], [404871],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\AGENT.DAT, En quarantaine, [1777], [404872],1.0.3464
Adware.SearchAwesome.TskLnk, C:\WINDOWS\2f125f0fbe8a9d4d50ade39a0d76fa2c.ps1, En quarantaine, [2180], [428239],1.0.3464
Adware.Agent, C:\WINDOWS\SYSTEM32\DRIVERS\WINMON.SYS, En quarantaine, [202], [431630],1.0.3464
Adware.NeoBar, C:\Users\C-3PO\AppData\LocalLow\HGQlVNXRXkVsT\Storage.db, En quarantaine, [434], [431478],1.0.3464
MachineLearning/Anomalous.100%, C:\WINDOWS\BE4B560747EB4B0A9B3D54CD83392736.EXE, En quarantaine, [0], [392687],1.0.3464
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En quarantaine, [3664], [444922],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\CONFIG.XML, En quarantaine, [1777], [404859],1.0.3464
Trojan.Wdfload.TskLnk, C:\PROGRAM FILES\EDITRYIDE\EDITRYIDE.DLL, En quarantaine, [4017], [424430],1.0.3464
Trojan.Wdfload.TskLnk, C:\PROGRAM FILES\ADS DVD BURNER\ADS DVD BURNER.DLL, En quarantaine, [4017], [424430],1.0.3464
Adware.Agent, C:\PROGRAM FILES (X86)\RKD7DJTUBV\UNINSTALL.EXE, En quarantaine, [202], [431426],1.0.3464
Adware.Agent, C:\PROGRAM FILES (X86)\AC0MAZJNGZ\UNINSTALL.EXE, En quarantaine, [202], [431426],1.0.3464
RiskWare.NetFilter, C:\WINDOWS\SYSTEM32\DRIVERS\909B4248C3C2E7133DFFD85026E5623B.SYS, En quarantaine, [7525], [432063],1.0.3464
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 11/12/2017
Heure de l'analyse: 10:19
Fichier journal: 6f73047a-de54-11e7-9c3e-402cf4cbb067.json
Administrateur: Oui
-Informations du logiciel-
Version: 3.3.1.2183
Version de composants: 1.0.262
Version de pack de mise à jour: 1.0.3464
Licence: Essai
-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: C3PO\C-3PO
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 231109
Menaces détectées: 77
Menaces mises en quarantaine: 77
Temps écoulé: 2 min, 12 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 14
PUP.Optional.SpeeDownloader, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\WOW6432NODE\Speedownloader0099, En quarantaine, [7647], [453126],1.0.3464
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Palikan, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9E23A6F2-D9EE-469A-BC2B-E96697777436}, En quarantaine, [1589], [241488],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, En quarantaine, [5053], [425124],1.0.3464
PUP.Optional.SearchModule, HKLM\SOFTWARE\WOW6432NODE\SEARCHMODULE\SMUpd, En quarantaine, [611], [242742],1.0.3464
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINMON, En quarantaine, [202], [431630],1.0.3464
Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\PrAmNP, En quarantaine, [355], [451258],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\TASKENG.EXE, En quarantaine, [5053], [425125],1.0.3464
PUP.Optional.SearchModule, HKLM\SOFTWARE\WOW6432NODE\SearchModule, En quarantaine, [611], [388629],1.0.3464
PUP.Optional.SpeeDownloader, HKLM\SOFTWARE\WOW6432NODE\Speedownloader0099, En quarantaine, [7647], [384272],1.0.3464
Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, En quarantaine, [4368], [424837],1.0.3464
Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Lace514, En quarantaine, [2523], [365194],1.0.3464
Adware.NeoBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}, En quarantaine, [434], [420739],1.0.3464
Adware.NeoBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}, En quarantaine, [434], [420739],1.0.3464
Valeur du registre: 19
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, En quarantaine, [5053], [425126],1.0.3464
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [205], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [205], [-1],0.0.0
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}|OSDFILEURL, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}|FAVICONURL, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A3F5526-63D4-4AC2-B339-613AF2071D6C}|URL, En quarantaine, [8495], [256101],1.0.3464
PUP.Optional.Palikan, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9E23A6F2-D9EE-469A-BC2B-E96697777436}|, En quarantaine, [1589], [241488],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, En quarantaine, [205], [259518],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_UPDATES.JOB, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_UPDATES.JOB.FP, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_DEFAULT.JOB, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC CLEAN PLUS_DEFAULT.JOB.FP, En quarantaine, [194], [411378],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, En quarantaine, [5053], [425124],1.0.3464
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINMON|IMAGEPATH, En quarantaine, [202], [431630],1.0.3464
PUP.Optional.Goobzo, HKLM\SOFTWARE\WOW6432NODE\SEARCHMODULE\SMUPD|SCF, En quarantaine, [312], [238822],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En quarantaine, [205], [259988],1.0.3464
PUP.Optional.CloudNet, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B078CC0B-4227-439C-89EC-905E5AD88ACF}, En quarantaine, [6544], [446028],1.0.3464
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\CONSOLE\TASKENG.EXE|WINDOWPOSITION, En quarantaine, [5053], [425125],1.0.3464
PUP.Optional.NetSurvey, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NETCTL, En quarantaine, [1009], [325152],1.0.3464
Données du registre: 3
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Remplacé, [205], [293485],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Remplacé, [205], [293485],1.0.3464
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-1342067083-540354075-4242860494-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Remplacé, [205], [293486],1.0.3464
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 4
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\jVddbi7Omy, En quarantaine, [2387], [371199],1.0.3464
Adware.NeoBar, C:\USERS\C-3PO\APPDATA\LOCALLOW\HGQLVNXRXKVST, En quarantaine, [434], [431478],1.0.3464
Fichier: 37
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\jVddbi7Omy\SSL\OtherSearch Inc CA 2.cer, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\certutil.exe, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\mozcrt19.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\nspr4.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\nss3.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\plc4.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\plds4.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\smime3.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\nss\softokn3.dll, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\cert.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\x.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\xtls.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\SSL\xv.db, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\data.dt, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\dlog.txt, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\kl.ecf, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\s.xml, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\slite.exe, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\uninstall.exe, En quarantaine, [2387], [371199],1.0.3464
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\jVddbi7Omy\upd.dt, En quarantaine, [2387], [371199],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, En quarantaine, [1777], [404862],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\NOAH.DAT, En quarantaine, [1777], [404865],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\MD.XML, En quarantaine, [1777], [404866],1.0.3464
PUP.Optional.Palikan, C:\USERS\C-3PO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En quarantaine, [1589], [255721],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\Treetamplus.tst, En quarantaine, [1777], [404871],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\AGENT.DAT, En quarantaine, [1777], [404872],1.0.3464
Adware.SearchAwesome.TskLnk, C:\WINDOWS\2f125f0fbe8a9d4d50ade39a0d76fa2c.ps1, En quarantaine, [2180], [428239],1.0.3464
Adware.Agent, C:\WINDOWS\SYSTEM32\DRIVERS\WINMON.SYS, En quarantaine, [202], [431630],1.0.3464
Adware.NeoBar, C:\Users\C-3PO\AppData\LocalLow\HGQlVNXRXkVsT\Storage.db, En quarantaine, [434], [431478],1.0.3464
MachineLearning/Anomalous.100%, C:\WINDOWS\BE4B560747EB4B0A9B3D54CD83392736.EXE, En quarantaine, [0], [392687],1.0.3464
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En quarantaine, [3664], [444922],1.0.3464
Adware.Linkury.Generic, C:\USERS\C-3PO\APPDATA\LOCAL\CONFIG.XML, En quarantaine, [1777], [404859],1.0.3464
Trojan.Wdfload.TskLnk, C:\PROGRAM FILES\EDITRYIDE\EDITRYIDE.DLL, En quarantaine, [4017], [424430],1.0.3464
Trojan.Wdfload.TskLnk, C:\PROGRAM FILES\ADS DVD BURNER\ADS DVD BURNER.DLL, En quarantaine, [4017], [424430],1.0.3464
Adware.Agent, C:\PROGRAM FILES (X86)\RKD7DJTUBV\UNINSTALL.EXE, En quarantaine, [202], [431426],1.0.3464
Adware.Agent, C:\PROGRAM FILES (X86)\AC0MAZJNGZ\UNINSTALL.EXE, En quarantaine, [202], [431426],1.0.3464
RiskWare.NetFilter, C:\WINDOWS\SYSTEM32\DRIVERS\909B4248C3C2E7133DFFD85026E5623B.SYS, En quarantaine, [7525], [432063],1.0.3464
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)