Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 08/09/2014
Heure de l'examen: 21:25:51
Fichier journal: ICI.txt
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.09.08.06
Base de donn�es Rootkits: v2014.08.21.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 8
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: alex
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 358465
Temps �coul�: 14 min, 24 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 0
(No malicious items detected)
Modules: 6
Virus.Ramnit, C:\Program Files\WinRAR\RarExt.dll, Supprim�-au-red�marrage, [b1856f7c8dee53e308f86b1b3cc402fe],
Virus.Ramnit, C:\Program Files\Notepad++\NppShell_05.dll, Supprim�-au-red�marrage, [3cfa4aa194e75cda9070b8cea759bd43],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlLib.dll, Supprim�-au-red�marrage, [ed490dde89f2132300001e68758b649c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlIhvOid.dll, Supprim�-au-red�marrage, [7bbb25c67a015bdbaa56afd780808a76],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\IpLib.dll, Supprim�-au-red�marrage, [ea4cb833641791a5e31d91f5bf41c43c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\libeay32.dll, Supprim�-au-red�marrage, [989ea6453843c47270903551cb35a25e],
Cl�s du Registre: 7
Virus.Ramnit, HKLM\SOFTWARE\CLASSES\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}, Mis en quarantaine, [b1856f7c8dee53e308f86b1b3cc402fe],
Virus.Ramnit, HKLM\SOFTWARE\CLASSES\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}, Mis en quarantaine, [3cfa4aa194e75cda9070b8cea759bd43],
Trojan.Agent.FSA76, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\npggsvc, Mis en quarantaine, [be786883e39879bd6c1a94965da4fb05],
Virus.Ramnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AutoHotkey, Mis en quarantaine, [b3836e7d0e6de94daf522b5b827e2bd5],
Virus.Ramnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinRAR archiver, Mis en quarantaine, [2c0a6c7f2d4edd59748c60264bb547b9],
PUP.Optional.WhiteSmoke.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WhiteSmoke_US Toolbar, Mis en quarantaine, [72c434b7ec8faf87af567487e22018e8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2385275142-600627090-416882996-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [1e18ae3d16655bdb991d63f05ba925db],
Valeurs du Registre: 3
Virus.Ramnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{B41DB860-8EE4-11D2-9906-E49FADC173CA}, WinRAR shell extension, Mis en quarantaine, [b1856f7c8dee53e308f86b1b3cc402fe]
Virus.Ramnit, HKU\S-1-5-21-2385275142-600627090-416882996-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|KPeerNexonEU, C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe, Mis en quarantaine, [fd3957945e1d072f52aff096e61a2ad6]
Virus.Ramnit, HKU\S-1-5-21-2385275142-600627090-416882996-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Gadwin PrintScreen, C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash, Mis en quarantaine, [a09694570873a294dd24f492718fcb35]
Donn�es du Registre: 1
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe,c:\program files\realtek\11n usb wireless lan utility\rtwlansrv.exe, Bon: (userinit.exe), Mauvais: (c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe,c:\program files\realtek\11n usb wireless lan utility\rtwlansrv.exe),Remplac�,[3afcedfe5328989e09e2f4fcad570df3]
Dossiers: 4
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Managera.A, C:\Users\alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Mis en quarantaine, [7eb84ba0e992e94dd7458f54dd25867a],
PUP.Optional.Booster.A, C:\ProgramData\GreenApp\SW-Booster, Mis en quarantaine, [3ff7d2190c6f94a226367c75748e4eb2],
Fichiers: 78
Virus.Ramnit, C:\Program Files\WinRAR\RarExt.dll, Supprim�-au-red�marrage, [b1856f7c8dee53e308f86b1b3cc402fe],
Virus.Ramnit, C:\Program Files\Notepad++\NppShell_05.dll, Supprim�-au-red�marrage, [3cfa4aa194e75cda9070b8cea759bd43],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlLib.dll, Supprim�-au-red�marrage, [ed490dde89f2132300001e68758b649c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlIhvOid.dll, Supprim�-au-red�marrage, [7bbb25c67a015bdbaa56afd780808a76],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\IpLib.dll, Supprim�-au-red�marrage, [ea4cb833641791a5e31d91f5bf41c43c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\libeay32.dll, Supprim�-au-red�marrage, [989ea6453843c47270903551cb35a25e],
Virus.Ramnit, C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe, Mis en quarantaine, [fd3957945e1d072f52aff096e61a2ad6],
Virus.Ramnit, C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe, Mis en quarantaine, [a09694570873a294dd24f492718fcb35],
Trojan.Agent.FSA76, C:\Windows\System32\GameMon.des, Mis en quarantaine, [be786883e39879bd6c1a94965da4fb05],
Virus.Ramnit, C:\Program Files\AutoHotkey\AutoHotkey.exe, Mis en quarantaine, [b3836e7d0e6de94daf522b5b827e2bd5],
Virus.Ramnit, C:\Program Files\AutoHotkey\AutoHotkeyA32.exe, Mis en quarantaine, [d06628c35e1df73f28d97e08fe02f20e],
Virus.Ramnit, C:\Program Files\AutoHotkey\AutoHotkeyU32.exe, Mis en quarantaine, [55e1f0fbf18a1a1cda279fe7b34ddc24],
Virus.Ramnit, C:\Program Files\Steam\SDL2.dll, Mis en quarantaine, [af8715d6413a7db9768a5f2748b8916f],
Virus.Ramnit, C:\Program Files\TeamSpeak 3 Client\libeay32.dll, Mis en quarantaine, [112539b229521521be4231552fd142be],
Malware.Packer, C:\Program Files\Microsoft\DesktopLayer.exe, Supprim�-au-red�marrage, [fd3995568cef072f57c1312969970df3],
Virus.Ramnit, C:\Program Files\Notepad++\notepad++.exe, Mis en quarantaine, [f73fe00b106b191d02ffd5b1aa5607f9],
Virus.Ramnit, C:\Program Files\Notepad++\SciLexer.dll, Mis en quarantaine, [fb3becffb5c614221ce490f6d52bb54b],
Virus.Ramnit, C:\Program Files\OBS\OBS.exe, Mis en quarantaine, [5dd945a6027992a4f0106c1af20e2fd1],
Virus.Ramnit, C:\Program Files\I-Doser Free\SbaGen.dll, Mis en quarantaine, [02349754aad1989e9a66582ea45cdc24],
Virus.Ramnit, C:\Program Files\WinRAR\Rar.exe, Mis en quarantaine, [c4725e8dfc7f96a02ed28204fb05629e],
Virus.Ramnit, C:\Program Files\WinRAR\Uninstall.exe, Mis en quarantaine, [2c0a6c7f2d4edd59748c60264bb547b9],
Virus.Ramnit, C:\Program Files\WinRAR\UnRAR.exe, Mis en quarantaine, [1521eefd57242c0acd33d7af6a964bb5],
Virus.Ramnit, C:\Program Files\WinRAR\WinRAR.exe, Mis en quarantaine, [de581ccf007b3ff708f84a3ce11fbb45],
Virus.Ramnit, C:\Program Files\ZHPDiag\mbr.exe, Mis en quarantaine, [89adbd2e106be74fc2402462b848f30d],
Virus.Ramnit, C:\Program Files\ZHPDiag\mbrcheck.exe, Mis en quarantaine, [6bcb0ae15427cd69986a176fb64a8f71],
Virus.Ramnit, C:\Program Files\ZHPDiag\pv.exe, Mis en quarantaine, [181eac3fc2b9d561bf43dfa7bc440ef2],
Trojan.Agent.DE, C:\$Recycle.Bin\S-1-5-21-2385275142-600627090-416882996-1001\$RA61HTY.exe, Mis en quarantaine, [70c64f9ce6951a1cc8e75bed9f6129d7],
Virus.Ramnit, C:\RECYCLER\S-1-5-21-527237240-682003330-725345543-500\Dc5.exe, Mis en quarantaine, [db5bf5f6671481b5c0414046fd03629e],
PUP.Optional.MultiPlug, C:\Windows\System32\setup.exe, Mis en quarantaine, [43f3707b790282b41b52624d27da7d83],
Malware.Packer, C:\Windows\System32\taskmgrSrv.exe, Mis en quarantaine, [57dfd4173c3f9a9caa6ebc9e80808779],
Virus.Ramnit, C:\Users\alex\AppData\Local\Temp\NGMSetup.exe, Mis en quarantaine, [ca6ce7042655033355ac6521946c30d0],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsf926E.exe, Mis en quarantaine, [3afc6a81413a3df975979df4bf423fc1],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsk5C98.exe, Mis en quarantaine, [5bdb905b0972bb7b907c5938b849ae52],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\dlLogic.exe, Mis en quarantaine, [51e50dde611a65d1c3234df5a858d729],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\dltr.exe, Mis en quarantaine, [a096e8039fdc6bcb32b5241ecc34db25],
PUP.Optional.EZDownloader.A, C:\Users\alex\AppData\Local\Temp\down.2584.EzDownloader_setup.exe, Mis en quarantaine, [9e9830bb601bf83e2b900c135fa144bc],
Virus.Ramnit, C:\Users\alex\AppData\Local\Temp\USkinDLL.dll, Mis en quarantaine, [e65041aa6d0e181e7989add97789fa06],
PUP.Optional.InstallRex, C:\Users\alex\AppData\Local\Temp\sSetup-se.exe, Mis en quarantaine, [34022ac1c6b54de9909c03de6c9838c8],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\verifier.exe, Mis en quarantaine, [50e6806bff7cd3633aad6fd37f81c838],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsk8F8F.exe, Mis en quarantaine, [0f27965583f887af3fcdc7ca3fc28e72],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsk954C.exe, Mis en quarantaine, [ea4ce2097cff0e28709c8110ee137090],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nslFD59.exe, Mis en quarantaine, [013556955a2190a64dbf8908976ad030],
PUP.Optional.Somoto, C:\Users\alex\AppData\Local\Temp\nst7FCF.tmp, Mis en quarantaine, [e55132b9a0db44f226e3d59eed17e31d],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsu6031.exe, Mis en quarantaine, [74c23bb0d1aa49ed9d6f345de819a25e],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsz63AB.exe, Mis en quarantaine, [1e1829c2a6d5a492a567543d936e768a],
PUP.Optional.Somoto, C:\Users\alex\AppData\Local\Temp\bitool.dll, Mis en quarantaine, [3501a843097261d549cde66cef1324dc],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\GCVerifier.dll, Mis en quarantaine, [fc3af9f293e81d19d80d52f026daa858],
Virus.Ramnit, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\assistant_v3.exe, Mis en quarantaine, [fa3c18d3d0aba492817f087e728eab55],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\browsecoupon_setup.exe, Mis en quarantaine, [3303c22985f6c2745e06eb87d1331de3],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\extIE_setup.exe, Mis en quarantaine, [31055f8c27549a9c4d17a2d0d034ce32],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\ext_setup.exe, Mis en quarantaine, [d75f01ea0f6c3ff72b39b9b9ee165ba5],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\helper_setup.exe, Mis en quarantaine, [d363f1fa8bf07fb749559ba5f809738d],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\ytab_setup.exe, Mis en quarantaine, [75c1e4074833a29403618fe3887c47b9],
PUP.Optional.SearchProtect.A, C:\Users\alex\AppData\Local\Temp\nsu2429\SpSetup.exe, Mis en quarantaine, [f0462dbe354641f5e3500e8d7a873fc1],
PUP.Optional.Installrex, C:\Users\alex\Downloads\Mario_and_Luigi_Partners_in_Time__EU_.zip.exe, Mis en quarantaine, [63d3d219423971c5b39282fa857ce61a],
PUP.Optional.OpenCandy, C:\Users\alex\Downloads\DTLite4491-0356 [1].exe, Mis en quarantaine, [d85e34b7c1ba0f2747d8df3a41c4837d],
PUP.Optional.NextInterActive, C:\Users\alex\Downloads\DTLite4491-0356.exe, Mis en quarantaine, [a096b2397308e3537a8b9b3b49bb6b95],
Virus.Ramnit, C:\Users\alex\Downloads\cacaoweb.exe, Mis en quarantaine, [66d06f7c9cdf3df9b0518cfa0af6e020],
PUP.Optional.InstalleRex, C:\Users\alex\Downloads\Final_Fantasy_Tactics_Advance_Europe_En_Fr_De_Es_It.exe, Mis en quarantaine, [45f1b536d3a82214ece9bad146bbcc34],
PUP.Optional.InstalleRex, C:\Users\alex\Downloads\Setup (1).exe, Mis en quarantaine, [60d65596d4a774c2def8dd66af51e719],
PUP.Optional.OutBrowse, C:\Users\alex\Downloads\setup (2).exe, Mis en quarantaine, [86b09754ee8d2412d68bfc8d788950b0],
Adware.DomaIQ, C:\Users\alex\Downloads\Setup.exe, Mis en quarantaine, [a88e3ead1c5fa096254fed5522dec63a],
Trojan.Agent.DE, C:\Users\alex\Downloads\ZynoxCode v2.0.zip, Mis en quarantaine, [9d99d813d7a4082e6f40cb7dd22e1ce4],
Virus.Ramnit, C:\Users\alex\Downloads\Injector.exe, Mis en quarantaine, [ae8810db66159a9c837d7214fb05738d],
VirTool.Obfuscator, C:\Users\alex\Downloads\Crack Rayman Legends by CrackVideoGames.rar, Mis en quarantaine, [9d996b8085f60c2ae4f159d49e6308f8],
Malware.Packer, C:\Users\alex\Microsoft\DesktopLayer.exe, Mis en quarantaine, [69cda447a8d341f5b66267f38779ac54],
PUP.Optional.Webget.A, C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\g4h97iat.default\extensions\firefox@webwebget.com.xpi, Mis en quarantaine, [b6809655c3b846f0adb8f51edf24ee12],
Trojan.Agent, C:\Users\alex\AppData\Roaming\file.exe, Mis en quarantaine, [8fa700ebb9c270c615488b52e71cc43c],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000012.log, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\CURRENT, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOCK, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\MANIFEST-000010, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Managera.A, C:\Users\alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Mis en quarantaine, [7eb84ba0e992e94dd7458f54dd25867a],
PUP.Optional.Managera.A, C:\Users\alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Mis en quarantaine, [7eb84ba0e992e94dd7458f54dd25867a],
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 08/09/2014
Heure de l'examen: 21:25:51
Fichier journal: ICI.txt
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.09.08.06
Base de donn�es Rootkits: v2014.08.21.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 8
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: alex
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 358465
Temps �coul�: 14 min, 24 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 0
(No malicious items detected)
Modules: 6
Virus.Ramnit, C:\Program Files\WinRAR\RarExt.dll, Supprim�-au-red�marrage, [b1856f7c8dee53e308f86b1b3cc402fe],
Virus.Ramnit, C:\Program Files\Notepad++\NppShell_05.dll, Supprim�-au-red�marrage, [3cfa4aa194e75cda9070b8cea759bd43],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlLib.dll, Supprim�-au-red�marrage, [ed490dde89f2132300001e68758b649c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlIhvOid.dll, Supprim�-au-red�marrage, [7bbb25c67a015bdbaa56afd780808a76],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\IpLib.dll, Supprim�-au-red�marrage, [ea4cb833641791a5e31d91f5bf41c43c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\libeay32.dll, Supprim�-au-red�marrage, [989ea6453843c47270903551cb35a25e],
Cl�s du Registre: 7
Virus.Ramnit, HKLM\SOFTWARE\CLASSES\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}, Mis en quarantaine, [b1856f7c8dee53e308f86b1b3cc402fe],
Virus.Ramnit, HKLM\SOFTWARE\CLASSES\CLSID\{00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}, Mis en quarantaine, [3cfa4aa194e75cda9070b8cea759bd43],
Trojan.Agent.FSA76, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\npggsvc, Mis en quarantaine, [be786883e39879bd6c1a94965da4fb05],
Virus.Ramnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\AutoHotkey, Mis en quarantaine, [b3836e7d0e6de94daf522b5b827e2bd5],
Virus.Ramnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinRAR archiver, Mis en quarantaine, [2c0a6c7f2d4edd59748c60264bb547b9],
PUP.Optional.WhiteSmoke.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WhiteSmoke_US Toolbar, Mis en quarantaine, [72c434b7ec8faf87af567487e22018e8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2385275142-600627090-416882996-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [1e18ae3d16655bdb991d63f05ba925db],
Valeurs du Registre: 3
Virus.Ramnit, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{B41DB860-8EE4-11D2-9906-E49FADC173CA}, WinRAR shell extension, Mis en quarantaine, [b1856f7c8dee53e308f86b1b3cc402fe]
Virus.Ramnit, HKU\S-1-5-21-2385275142-600627090-416882996-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|KPeerNexonEU, C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe, Mis en quarantaine, [fd3957945e1d072f52aff096e61a2ad6]
Virus.Ramnit, HKU\S-1-5-21-2385275142-600627090-416882996-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Gadwin PrintScreen, C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash, Mis en quarantaine, [a09694570873a294dd24f492718fcb35]
Donn�es du Registre: 1
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe,c:\program files\realtek\11n usb wireless lan utility\rtwlansrv.exe, Bon: (userinit.exe), Mauvais: (c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe,c:\program files\realtek\11n usb wireless lan utility\rtwlansrv.exe),Remplac�,[3afcedfe5328989e09e2f4fcad570df3]
Dossiers: 4
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Managera.A, C:\Users\alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Mis en quarantaine, [7eb84ba0e992e94dd7458f54dd25867a],
PUP.Optional.Booster.A, C:\ProgramData\GreenApp\SW-Booster, Mis en quarantaine, [3ff7d2190c6f94a226367c75748e4eb2],
Fichiers: 78
Virus.Ramnit, C:\Program Files\WinRAR\RarExt.dll, Supprim�-au-red�marrage, [b1856f7c8dee53e308f86b1b3cc402fe],
Virus.Ramnit, C:\Program Files\Notepad++\NppShell_05.dll, Supprim�-au-red�marrage, [3cfa4aa194e75cda9070b8cea759bd43],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlLib.dll, Supprim�-au-red�marrage, [ed490dde89f2132300001e68758b649c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\RtlIhvOid.dll, Supprim�-au-red�marrage, [7bbb25c67a015bdbaa56afd780808a76],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\IpLib.dll, Supprim�-au-red�marrage, [ea4cb833641791a5e31d91f5bf41c43c],
Virus.Ramnit, C:\Program Files\Hercules\WiFi Station N\libeay32.dll, Supprim�-au-red�marrage, [989ea6453843c47270903551cb35a25e],
Virus.Ramnit, C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe, Mis en quarantaine, [fd3957945e1d072f52aff096e61a2ad6],
Virus.Ramnit, C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe, Mis en quarantaine, [a09694570873a294dd24f492718fcb35],
Trojan.Agent.FSA76, C:\Windows\System32\GameMon.des, Mis en quarantaine, [be786883e39879bd6c1a94965da4fb05],
Virus.Ramnit, C:\Program Files\AutoHotkey\AutoHotkey.exe, Mis en quarantaine, [b3836e7d0e6de94daf522b5b827e2bd5],
Virus.Ramnit, C:\Program Files\AutoHotkey\AutoHotkeyA32.exe, Mis en quarantaine, [d06628c35e1df73f28d97e08fe02f20e],
Virus.Ramnit, C:\Program Files\AutoHotkey\AutoHotkeyU32.exe, Mis en quarantaine, [55e1f0fbf18a1a1cda279fe7b34ddc24],
Virus.Ramnit, C:\Program Files\Steam\SDL2.dll, Mis en quarantaine, [af8715d6413a7db9768a5f2748b8916f],
Virus.Ramnit, C:\Program Files\TeamSpeak 3 Client\libeay32.dll, Mis en quarantaine, [112539b229521521be4231552fd142be],
Malware.Packer, C:\Program Files\Microsoft\DesktopLayer.exe, Supprim�-au-red�marrage, [fd3995568cef072f57c1312969970df3],
Virus.Ramnit, C:\Program Files\Notepad++\notepad++.exe, Mis en quarantaine, [f73fe00b106b191d02ffd5b1aa5607f9],
Virus.Ramnit, C:\Program Files\Notepad++\SciLexer.dll, Mis en quarantaine, [fb3becffb5c614221ce490f6d52bb54b],
Virus.Ramnit, C:\Program Files\OBS\OBS.exe, Mis en quarantaine, [5dd945a6027992a4f0106c1af20e2fd1],
Virus.Ramnit, C:\Program Files\I-Doser Free\SbaGen.dll, Mis en quarantaine, [02349754aad1989e9a66582ea45cdc24],
Virus.Ramnit, C:\Program Files\WinRAR\Rar.exe, Mis en quarantaine, [c4725e8dfc7f96a02ed28204fb05629e],
Virus.Ramnit, C:\Program Files\WinRAR\Uninstall.exe, Mis en quarantaine, [2c0a6c7f2d4edd59748c60264bb547b9],
Virus.Ramnit, C:\Program Files\WinRAR\UnRAR.exe, Mis en quarantaine, [1521eefd57242c0acd33d7af6a964bb5],
Virus.Ramnit, C:\Program Files\WinRAR\WinRAR.exe, Mis en quarantaine, [de581ccf007b3ff708f84a3ce11fbb45],
Virus.Ramnit, C:\Program Files\ZHPDiag\mbr.exe, Mis en quarantaine, [89adbd2e106be74fc2402462b848f30d],
Virus.Ramnit, C:\Program Files\ZHPDiag\mbrcheck.exe, Mis en quarantaine, [6bcb0ae15427cd69986a176fb64a8f71],
Virus.Ramnit, C:\Program Files\ZHPDiag\pv.exe, Mis en quarantaine, [181eac3fc2b9d561bf43dfa7bc440ef2],
Trojan.Agent.DE, C:\$Recycle.Bin\S-1-5-21-2385275142-600627090-416882996-1001\$RA61HTY.exe, Mis en quarantaine, [70c64f9ce6951a1cc8e75bed9f6129d7],
Virus.Ramnit, C:\RECYCLER\S-1-5-21-527237240-682003330-725345543-500\Dc5.exe, Mis en quarantaine, [db5bf5f6671481b5c0414046fd03629e],
PUP.Optional.MultiPlug, C:\Windows\System32\setup.exe, Mis en quarantaine, [43f3707b790282b41b52624d27da7d83],
Malware.Packer, C:\Windows\System32\taskmgrSrv.exe, Mis en quarantaine, [57dfd4173c3f9a9caa6ebc9e80808779],
Virus.Ramnit, C:\Users\alex\AppData\Local\Temp\NGMSetup.exe, Mis en quarantaine, [ca6ce7042655033355ac6521946c30d0],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsf926E.exe, Mis en quarantaine, [3afc6a81413a3df975979df4bf423fc1],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsk5C98.exe, Mis en quarantaine, [5bdb905b0972bb7b907c5938b849ae52],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\dlLogic.exe, Mis en quarantaine, [51e50dde611a65d1c3234df5a858d729],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\dltr.exe, Mis en quarantaine, [a096e8039fdc6bcb32b5241ecc34db25],
PUP.Optional.EZDownloader.A, C:\Users\alex\AppData\Local\Temp\down.2584.EzDownloader_setup.exe, Mis en quarantaine, [9e9830bb601bf83e2b900c135fa144bc],
Virus.Ramnit, C:\Users\alex\AppData\Local\Temp\USkinDLL.dll, Mis en quarantaine, [e65041aa6d0e181e7989add97789fa06],
PUP.Optional.InstallRex, C:\Users\alex\AppData\Local\Temp\sSetup-se.exe, Mis en quarantaine, [34022ac1c6b54de9909c03de6c9838c8],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\verifier.exe, Mis en quarantaine, [50e6806bff7cd3633aad6fd37f81c838],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsk8F8F.exe, Mis en quarantaine, [0f27965583f887af3fcdc7ca3fc28e72],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsk954C.exe, Mis en quarantaine, [ea4ce2097cff0e28709c8110ee137090],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nslFD59.exe, Mis en quarantaine, [013556955a2190a64dbf8908976ad030],
PUP.Optional.Somoto, C:\Users\alex\AppData\Local\Temp\nst7FCF.tmp, Mis en quarantaine, [e55132b9a0db44f226e3d59eed17e31d],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsu6031.exe, Mis en quarantaine, [74c23bb0d1aa49ed9d6f345de819a25e],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\nsz63AB.exe, Mis en quarantaine, [1e1829c2a6d5a492a567543d936e768a],
PUP.Optional.Somoto, C:\Users\alex\AppData\Local\Temp\bitool.dll, Mis en quarantaine, [3501a843097261d549cde66cef1324dc],
PUP.Optional.Conduit.A, C:\Users\alex\AppData\Local\Temp\GCVerifier.dll, Mis en quarantaine, [fc3af9f293e81d19d80d52f026daa858],
Virus.Ramnit, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\assistant_v3.exe, Mis en quarantaine, [fa3c18d3d0aba492817f087e728eab55],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\browsecoupon_setup.exe, Mis en quarantaine, [3303c22985f6c2745e06eb87d1331de3],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\extIE_setup.exe, Mis en quarantaine, [31055f8c27549a9c4d17a2d0d034ce32],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\ext_setup.exe, Mis en quarantaine, [d75f01ea0f6c3ff72b39b9b9ee165ba5],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\helper_setup.exe, Mis en quarantaine, [d363f1fa8bf07fb749559ba5f809738d],
PUP.Optional.MultiPlug.A, C:\Users\alex\AppData\Local\Temp\{EF92DFD6-5F5F-41AD-A346-177D3471FD20}\Addons\ytab_setup.exe, Mis en quarantaine, [75c1e4074833a29403618fe3887c47b9],
PUP.Optional.SearchProtect.A, C:\Users\alex\AppData\Local\Temp\nsu2429\SpSetup.exe, Mis en quarantaine, [f0462dbe354641f5e3500e8d7a873fc1],
PUP.Optional.Installrex, C:\Users\alex\Downloads\Mario_and_Luigi_Partners_in_Time__EU_.zip.exe, Mis en quarantaine, [63d3d219423971c5b39282fa857ce61a],
PUP.Optional.OpenCandy, C:\Users\alex\Downloads\DTLite4491-0356 [1].exe, Mis en quarantaine, [d85e34b7c1ba0f2747d8df3a41c4837d],
PUP.Optional.NextInterActive, C:\Users\alex\Downloads\DTLite4491-0356.exe, Mis en quarantaine, [a096b2397308e3537a8b9b3b49bb6b95],
Virus.Ramnit, C:\Users\alex\Downloads\cacaoweb.exe, Mis en quarantaine, [66d06f7c9cdf3df9b0518cfa0af6e020],
PUP.Optional.InstalleRex, C:\Users\alex\Downloads\Final_Fantasy_Tactics_Advance_Europe_En_Fr_De_Es_It.exe, Mis en quarantaine, [45f1b536d3a82214ece9bad146bbcc34],
PUP.Optional.InstalleRex, C:\Users\alex\Downloads\Setup (1).exe, Mis en quarantaine, [60d65596d4a774c2def8dd66af51e719],
PUP.Optional.OutBrowse, C:\Users\alex\Downloads\setup (2).exe, Mis en quarantaine, [86b09754ee8d2412d68bfc8d788950b0],
Adware.DomaIQ, C:\Users\alex\Downloads\Setup.exe, Mis en quarantaine, [a88e3ead1c5fa096254fed5522dec63a],
Trojan.Agent.DE, C:\Users\alex\Downloads\ZynoxCode v2.0.zip, Mis en quarantaine, [9d99d813d7a4082e6f40cb7dd22e1ce4],
Virus.Ramnit, C:\Users\alex\Downloads\Injector.exe, Mis en quarantaine, [ae8810db66159a9c837d7214fb05738d],
VirTool.Obfuscator, C:\Users\alex\Downloads\Crack Rayman Legends by CrackVideoGames.rar, Mis en quarantaine, [9d996b8085f60c2ae4f159d49e6308f8],
Malware.Packer, C:\Users\alex\Microsoft\DesktopLayer.exe, Mis en quarantaine, [69cda447a8d341f5b66267f38779ac54],
PUP.Optional.Webget.A, C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\g4h97iat.default\extensions\firefox@webwebget.com.xpi, Mis en quarantaine, [b6809655c3b846f0adb8f51edf24ee12],
Trojan.Agent, C:\Users\alex\AppData\Roaming\file.exe, Mis en quarantaine, [8fa700ebb9c270c615488b52e71cc43c],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\000012.log, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\CURRENT, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOCK, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\LOG, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.MySpeedDial.A, C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff\MANIFEST-000010, Mis en quarantaine, [a98d64876d0ecb6b4f783f9829d9817f],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Extutil.A, C:\Users\alex\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Mis en quarantaine, [c5714aa1f4877db925f6c41f5da5e020],
PUP.Optional.Managera.A, C:\Users\alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Mis en quarantaine, [7eb84ba0e992e94dd7458f54dd25867a],
PUP.Optional.Managera.A, C:\Users\alex\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Mis en quarantaine, [7eb84ba0e992e94dd7458f54dd25867a],
Secteurs physiques: 0
(No malicious items detected)
(end)