Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 26/11/2015 Heure de l'analyse: 16:53:52 Fichier journal: malwarebyte.txt Administrateur: Oui Version: 2.2.0.1024 Base de données de programmes malveillants: v2015.11.26.04 Base de données de rootkits: v2015.11.23.01 Licence: Gratuit Protection contre les programmes malveillants: Activé Protection contre les sites Web malveillants: Activé Autoprotection: Désactivé Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: WaLid Type d'analyse: Analyse personnalisée Résultat: Terminé Objets analysés: 681097 Temps écoulé: 3 h, 18 min, 39 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Activé PUM: Activé Processus: 6 PUP.Optional.Linkury.ShrtCln, C:\ProgramData\ApplicationHosting\ApplicationHosting.exe, 1712, Supprimer au redémarrage, [6d2fdba7612a7cba7a9c792ef40dc43c] PUP.Optional.Linkury.ShrtCln, C:\ProgramData\caMyciloP\caMyciloP.exe, 1876, Supprimer au redémarrage, [4755552d315a96a0e23494130ff24fb1] PUP.Optional.Amonetize, C:\Program Files\NixController\hotnix.exe, 1408, Supprimer au redémarrage, [d4c810725c2f89ad97d925248d74c13f] Trojan.Agent.MSIL, C:\Users\WaLid\AppData\Local\Fase-ron.exe, 2988, Supprimer au redémarrage, [faa2d8aa73182214b45f84a0e1200000] PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Vaiafineco.exe, 920, Supprimer au redémarrage, [a6f6bfc3d5b66ccaa3736b3ca55cfd03] PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Vaiafineco.exe, 5368, Supprimer au redémarrage, [a6f6bfc3d5b66ccaa3736b3ca55cfd03] Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 47 PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hotnix32, En quarantaine, [d4c810725c2f89ad97d925248d74c13f], Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iosnloadpoodhct, En quarantaine, [faa2d8aa73182214b45f84a0e1200000], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ba32987d-db80-4ccb-a8bb-f812b5421c0f}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{23d34738-e43f-455b-b9fe-56968533500d}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF8EEB4-71A2-41DA-B91C-6E2904B188CA}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF8EEB4-71A2-41DA-B91C-6E2904B188CA}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAF8EEB4-71A2-41DA-B91C-6E2904B188CA}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{23d34738-e43f-455b-b9fe-56968533500d}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{23d34738-e43f-455b-b9fe-56968533500d}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BA32987D-DB80-4CCB-A8BB-F812B5421C0F}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BA32987D-DB80-4CCB-A8BB-F812B5421C0F}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BA32987D-DB80-4CCB-A8BB-F812B5421C0F}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BA32987D-DB80-4CCB-A8BB-F812B5421C0F}, En quarantaine, [5f3dc2c018736ccabec1ba96cc3623dd], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En quarantaine, [bddfa3df77145adc8d1c1b0258aa5ca4], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En quarantaine, [bddfa3df77145adc8d1c1b0258aa5ca4], PUP.Optional.ApplicationHosting, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ApplicationHosting, En quarantaine, [316b235fe0ab57df102509ae2fd4e020], PUP.Optional.HighDefAction, HKLM\SOFTWARE\HighDefAction, En quarantaine, [4854aed4dead2f0796954640c2417987], PUP.Optional.YorkNewCin, HKLM\SOFTWARE\YorkNewCin, En quarantaine, [e4b88002cac158de42a30ba29370966a], PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD, En quarantaine, [910b0c76b7d46bcbe1465e17aa59d32d], PUP.Optional.WikiSearchMe, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fcgnigmofekcllgbiejhmigggmgehkip, En quarantaine, [66367b07e2a974c2e766b40349ba48b8], PUP.Optional.Amonetize, HKLM\SOFTWARE\MICROSOFT\TRACING\hotnix_RASAPI32, En quarantaine, [3f5daad8563541f528a1c328ca398779], PUP.Optional.Amonetize, HKLM\SOFTWARE\MICROSOFT\TRACING\hotnix_RASMANCS, En quarantaine, [9a025a28ddae81b512b71fcc649f7c84], PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExd, Supprimer au redémarrage, [188430528a012d09a36572fca45f2fd1], PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExi, Supprimer au redémarrage, [8517f78b78133afc1cec55198f74748c], PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, En quarantaine, [66360082d5b6d75fc8d0ebca23e027d9], PUP.Optional.HighDefAction, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, En quarantaine, [3567afd30d7e251104274f3763a0ce32], PUP.Optional.YorkNewCin, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, En quarantaine, [c2dac6bce3a838fe24c1109d08fb19e7], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [900cfe84dab18fa7e0dccab18281ab55], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [5c40c7bbeba0ec4ab5d5f1c550b39a66], PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, En quarantaine, [debe572bf79482b41d0a5223748f09f7], PUP.Optional.WikiSearchMe, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fcgnigmofekcllgbiejhmigggmgehkip, En quarantaine, [5d3fbdc5f19a22140647fdbad42ff10f], PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, En quarantaine, [68349fe3becdb87e52b7bcacef14d729], PUP.Optional.ApplicationHosting, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ApplicationHosting_RASAPI32, En quarantaine, [7428c7bb25662e08999d4077b1528b75], PUP.Optional.ApplicationHosting, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ApplicationHosting_RASMANCS, En quarantaine, [1f7df38f97f41620bf775b5c748fb24e], PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, En quarantaine, [ff9d8200dcafa096692f3b7a2ad9db25], PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [019bea98256636009cfbdaa0ea19a45c], PUP.Optional.Cinema, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\CinemaP-1.9cV31.10-nv-ie, En quarantaine, [d6c6235ff89384b2c8cc80f48d76da26], PUP.Optional.HighDefAction, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\HighDefAction, En quarantaine, [afedb9c9dfacd066d2581f6703006e92], PUP.Optional.InstallCore, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\ICSW1.14, En quarantaine, [cdcf84fe5a31df57a58d6722bf44718f], PUP.Optional.YorkNewCin, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\YorkNewCin, En quarantaine, [3963433fc9c2a393875d5f4e2dd66a96], PUP.Optional.CrossRider, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [7923a9d993f844f29ff8eb8f50b3a957], PUP.Optional.CinemaPlus, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\ARENAHD, En quarantaine, [415b4f331378e84ea662b2c3c3409d63], PUP.Optional.GlobalUpdate, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, En quarantaine, [1983c8baa7e401352f13c9bb4bb81be5], PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, En quarantaine, [f9a3b5cd4843d066650bebae53af966a], PUP.Optional.ProductSetup, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\PRODUCTSETUP, En quarantaine, [66361e64aae13ef8012fdbbeef1407f9], PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\caMyciloP, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury.ShrtCln, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Vaiafineco, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], Valeurs du Registre: 15 PUP.Optional.CinemaPlus, HKLM\SOFTWARE\ARENAHD|value, 1, En quarantaine, [910b0c76b7d46bcbe1465e17aa59d32d] PUP.Optional.PCTuner, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, En quarantaine, [cbd1542e26652610d38fe5b118ebad53] PUP.Optional.CinemaPlus, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, En quarantaine, [debe572bf79482b41d0a5223748f09f7] PUP.Optional.PCTuner, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, En quarantaine, [e2bac3bf1b70dc5aacb68214dd26629e] PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, En quarantaine, [68349fe3becdb87e52b7bcacef14d729] PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1vT-T6b6EW1p89s_jgBEX7JVGQKkDcVG_RK83ZxoHmees_pi16wXwURNi6pHtm91IGIClluC0L1eOgdEpakP_Gth_e7Q4tXRM7L1lvHPCVzHBD42ghqEXBjYr6s45T4RskY-yv_dUiws-YjcKuYX0bMPUvSSg,,&q={searchTerms}, En quarantaine, [f3a9d6acd6b561d539d18fd9788b8977] PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1vT-T6b6EW1p89s_jgBEX7JVGQKkDcVG_RK83ZxoHmees_pi16wXwURNi6pHtm91IGIClluC0L1eOgdEpakP_Gth_e7Q4tXRM7L1lvHPCVzHBD42ghqEXBjYr6s45T4RskY-yv_dUiws-YjcKuYX0bMPUvSSg,,&q={searchTerms}, En quarantaine, [54483d458704a690df2cd0989172fc04] PUP.Optional.Linkury, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRest&co=MA&userid=a44e0757-17ae-766d-24bc-9f0604ebf2ca&searchtype=sc&installDate=31/10/2015&barcodeid=50066888&channelid=888, En quarantaine, [7725e0a2ddaee15571684d3e917247b9] PUP.Optional.CinemaPlus, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\ARENAHD|value, 1, En quarantaine, [415b4f331378e84ea662b2c3c3409d63] PUP.Optional.GlobalUpdate, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, En quarantaine, [1983c8baa7e401352f13c9bb4bb81be5] PUP.Optional.PCTuner, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\HIGHDEFACTION|value, 1, En quarantaine, [e3b90a78bad1b77ff16d306605fef10f] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, En quarantaine, [f9a3b5cd4843d066650bebae53af966a] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1vT-T6b6EW1p89s_jgBEX7JVGQKkDcVG_RK83ZxoHmees_pi16wXwURNi6pHtm91IGIClluC0L1eOgdEpakP_Gth_e7Q4tXRM7L1lvHPCVzHBD42ghqEXBjYr6s45T4RskY-yv_dUiws-YjcKuYX0bMPUvSSg,,&q={searchTerms}, En quarantaine, [2b71433fabe08da90502afb91fe4f808] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1vT-T6b6EW1p89s_jgBEX7JVGQKkDcVG_RK83ZxoHmees_pi16wXwURNi6pHtm91IGIClluC0L1eOgdEpakP_Gth_e7Q4tXRM7L1lvHPCVzHBD42ghqEXBjYr6s45T4RskY-yv_dUiws-YjcKuYX0bMPUvSSg,,&q={searchTerms}, En quarantaine, [9606ec96ff8c9d99e52371f7b152d32d] PUP.Optional.ProductSetup, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\PRODUCTSETUP|tb, En quarantaine, [66361e64aae13ef8012fdbbeef1407f9], Données du Registre: 8 PUP.Optional.Bundler, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\caMyciloP\Quoit.dll, Bon : (), Mauvais : (C:\ProgramData\caMyciloP\Quoit.dll),Remplacé,[425a156d028974c256c90e51d1335ba5] PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[ebb12b57dbb0e84e173a580fee161de3] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_uGfW3rC_9bqvB1rpysL7hBVy4P0PkV68_zI4RTWrt0yf06QSTsurbEqLWqQVwteKdaTjLtjz3qnukS&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_uGfW3rC_9bqvB1rpysL7hBVy4P0PkV68_zI4RTWrt0yf06QSTsurbEqLWqQVwteKdaTjLtjz3qnukS&q={searchTerms}),Remplacé,[e8b4cab8880396a0a5a6fc6b20e49967] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_dthgLroTnjXO9TeAVU9oC3HrUw0g3WN_GVybZPQbP4B4IDA905xo6QzKJ8E1KUIOc7D-RBQIv_lTbm, Bon : (www.google.com), Mauvais : (http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_dthgLroTnjXO9TeAVU9oC3HrUw0g3WN_GVybZPQbP4B4IDA905xo6QzKJ8E1KUIOc7D-RBQIv_lTbm),Remplacé,[95078cf6800ba59182cad29591737c84] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_uGfW3rC_9bqvB1rpysL7hBVy4P0PkV68_zI4RTWrt0yf06QSTsurbEqLWqQVwteKdaTjLtjz3qnukS&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_uGfW3rC_9bqvB1rpysL7hBVy4P0PkV68_zI4RTWrt0yf06QSTsurbEqLWqQVwteKdaTjLtjz3qnukS&q={searchTerms}),Remplacé,[5f3db5cd1873af87e764afb826dea15f] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_uGfW3rC_9bqvB1rpysL7hBVy4P0PkV68_zI4RTWrt0yf06QSTsurbEqLWqQVwteKdaTjLtjz3qnukS&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNZ4IeknwsEdyUfRVcv0-DyPtISfFKZCEw0lffl38zqAB-WTx9qv4m3XzF9VEoBBtVWpg_ptLLkH5tI_uGfW3rC_9bqvB1rpysL7hBVy4P0PkV68_zI4RTWrt0yf06QSTsurbEqLWqQVwteKdaTjLtjz3qnukS&q={searchTerms}),Remplacé,[217b2062f59616204efdb8afc341c13f] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1vT-T6b6EW1p89s_jgBEX7JVGQKkDcVG_RK83ZxoHmees_pi16wXwURNi6pHtm91IGIClluC0L1eOgdEpakP_Gth_e7Q4tXRM7L1lvHPCVzHBD42ghqEXBjYr6s45T4RskY-yv_dUiws-YjcKuYX0bMPUvSSg,,&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1vT-T6b6EW1p89s_jgBEX7JVGQKkDcVG_RK83ZxoHmees_pi16wXwURNi6pHtm91IGIClluC0L1eOgdEpakP_Gth_e7Q4tXRM7L1lvHPCVzHBD42ghqEXBjYr6s45T4RskY-yv_dUiws-YjcKuYX0bMPUvSSg,,&q={searchTerms}),Remplacé,[5e3ee1a1ff8cf83eb39a6bfcd4308878] PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-3934002350-1961280763-1499159059-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[019b1f63206b6bcb7ed081e6a163bf41] Dossiers: 14 PUP.Optional.ApplicationHosting, C:\ProgramData\ApplicationHosting, Supprimer au redémarrage, [316b235fe0ab57df102509ae2fd4e020], PUP.Optional.Amonetize, C:\Program Files\NixController, Supprimer au redémarrage, [900c1969bbd038fedfe8e60513f036ca], PUP.Optional.Amonetize, C:\Program Files\NixController\bin, En quarantaine, [900c1969bbd038fedfe8e60513f036ca], PUP.Optional.Amonetize, C:\Program Files\NixController\bin\9a145438-343d-46da-9697-aa950b9beece, En quarantaine, [900c1969bbd038fedfe8e60513f036ca], PUP.Optional.Amonetize, C:\Program Files\NixController\bin\f3308e1f-c983-4afd-b654-f074ea227885, En quarantaine, [900c1969bbd038fedfe8e60513f036ca], PUP.Optional.Linkury, C:\ProgramData\caMyciloP, Supprimer au redémarrage, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\ondemand, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\temp, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloPs, En quarantaine, [d2cac8ba83089b9b0023b8c40af8e51b], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco, Supprimer au redémarrage, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\ondemand, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\temp, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafinecos, En quarantaine, [b6e6235fa8e3ea4ce7c0a0f10002b749], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights, En quarantaine, [9dfff09297f4f145ec69434f5ea4946c], Fichiers: 71 PUP.Optional.Linkury.ShrtCln, C:\ProgramData\ApplicationHosting\ApplicationHosting.exe, Supprimer au redémarrage, [6d2fdba7612a7cba7a9c792ef40dc43c], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\caMyciloP\caMyciloP.exe, Supprimer au redémarrage, [4755552d315a96a0e23494130ff24fb1], PUP.Optional.Amonetize, C:\Program Files\NixController\hotnix.exe, Supprimer au redémarrage, [d4c810725c2f89ad97d925248d74c13f], Trojan.Agent.MSIL, C:\Users\WaLid\AppData\Local\Fase-ron.exe, Supprimer au redémarrage, [faa2d8aa73182214b45f84a0e1200000], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Vaiafineco.exe, Supprimer au redémarrage, [a6f6bfc3d5b66ccaa3736b3ca55cfd03], PUP.Optional.Bundler, C:\ProgramData\caMyciloP\Quoit.dll, Supprimer au redémarrage, [425a156d028974c256c90e51d1335ba5], PUP.Optional.APNToolBar, D:\D\W@liiiiiD\PROGRAME\pal_install_fr_r109882_a729_p153.exe, En quarantaine, [bae2c9b9f19a1d19f192959211f018e8], HackTool.Agent, D:\D\W@liiiiiD\PROGRAME\WINDOWS\WINDOWS LOADER\Activation 7 OMAR-L.rar, En quarantaine, [0498cfb3810a999d2f488d8f05fcb34d], HackTool.Agent, D:\D\W@liiiiiD\PROGRAME\WINDOWS\WINDOWS LOADER\Activation 7\Windows Loader.exe, En quarantaine, [415bbac8dab192a4641383999d648f71], PUP.Optional.Linkury.ShrtCln, C:\Program Files\Common Files\bjssqtwg.exe, En quarantaine, [7824d5ada3e86bcb34e2aff8b849956b], PUP.Optional.Bundler, C:\ProgramData\caMyciloP\Redredity.exe, En quarantaine, [4b512b575338ae88913834e820e259a7], PUP.Optional.Bundler, C:\ProgramData\Vaiafineco\DuoDax.exe, En quarantaine, [83197210ff8c55e129a0ee2ea55d54ac], PUP.Optional.Bundler, C:\ProgramData\Vaiafineco\QuoJoyeco.dll, En quarantaine, [c8d4582a810aa195e836a1be10f455ab], PUP.Optional.Bundler, C:\ProgramData\Vaiafineco\Solois.dll, Supprimer au redémarrage, [b2eaf092a4e794a2100f0b54bc48ed13], PUP.Optional.Linkury, C:\Windows\Temp\tmpC95C.tmp, En quarantaine, [2a72730f1c6f4cea92e3dd466e93dc24], Trojan.PasswordStealer.Generic, C:\Windows\Temp\zllqt2mt.nmp.exe, En quarantaine, [85178cf6f695270f71b04b116b962cd4], PUP.Optional.SafeFinder, C:\Users\WaLid\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage, Supprimer au redémarrage, [2577cdb509821c1a86b10e87ae5445bb], PUP.Optional.SafeFinder, C:\Users\WaLid\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal, Supprimer au redémarrage, [ddbf11710784ce6847f0a8edc73ba65a], PUP.Optional.Linkury.Gen, C:\Windows\SysWOW64\findit.xml, En quarantaine, [2a72c3bfcac1082e1feca9e30bf845bb], PUP.Optional.ApplicationHosting, C:\ProgramData\ApplicationHosting\Config.xml, En quarantaine, [316b235fe0ab57df102509ae2fd4e020], PUP.Optional.ApplicationHosting, C:\ProgramData\ApplicationHosting\ApplicationHosting.dat, Supprimer au redémarrage, [316b235fe0ab57df102509ae2fd4e020], PUP.Optional.Amonetize, C:\Program Files\NixController\config.conf, En quarantaine, [900c1969bbd038fedfe8e60513f036ca], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Lamhold.dat, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Bio-Ex.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\caMyciloP.dat, Supprimer au redémarrage, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Coflex.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\conf.config, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Config.xml, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\confpro.config, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Damit.dat, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Itlex.exe, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Itlex.exe.config, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\MathDex.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\md.xml, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\PrxCfg.xml, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Redredity.exe.config, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Ronfix.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Sailqvoin.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Singlax.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Softron.bin, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\Truesancom.dat, Supprimer au redémarrage, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloP\uninstall.dat, En quarantaine, [dbc1bec46d1e47efc65ca6d6c83adb25], PUP.Optional.Linkury, C:\ProgramData\caMyciloPs\ff.HP, En quarantaine, [d2cac8ba83089b9b0023b8c40af8e51b], PUP.Optional.Linkury, C:\ProgramData\caMyciloPs\ff.NT, En quarantaine, [d2cac8ba83089b9b0023b8c40af8e51b], PUP.Optional.Linkury, C:\ProgramData\caMyciloPs\snp.sc, En quarantaine, [d2cac8ba83089b9b0023b8c40af8e51b], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Subhotbam.dat, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\conf.config, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Config.xml, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\confpro.config, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Don-Dox.dat, Supprimer au redémarrage, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Doubleis.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\DuoDax.exe.config, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Hotstring.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\md.xml, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\PrxCfg.xml, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Ranktip.dat, Supprimer au redémarrage, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\SailZentone.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\SilTip.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Trueit.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\U-hold.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\uninstall.dat, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Vaiafineco.dat, Supprimer au redémarrage, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Year-Tough.exe, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Year-Tough.exe.config, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafineco\Zoomdax.bin, En quarantaine, [118bd1b10388a6902a7c573a33cf32ce], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafinecos\ff.HP, En quarantaine, [b6e6235fa8e3ea4ce7c0a0f10002b749], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafinecos\ff.NT, En quarantaine, [b6e6235fa8e3ea4ce7c0a0f10002b749], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Vaiafinecos\snp.sc, En quarantaine, [b6e6235fa8e3ea4ce7c0a0f10002b749], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights\ff.HP, En quarantaine, [9dfff09297f4f145ec69434f5ea4946c], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights\ff.NT, En quarantaine, [9dfff09297f4f145ec69434f5ea4946c], PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights\snp.sc, En quarantaine, [9dfff09297f4f145ec69434f5ea4946c], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)