Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 17/06/2015
Heure de l'examen: 18:40:45
Fichier journal: rapport anti malware.txt
Administrateur: Oui
Version: 2.01.6.1022
Base de données Malveillants: v2015.06.17.04
Base de données Rootkits: v2015.06.15.01
Licence: Gratuit
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Ange&Chris
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 351651
Temps écoulé: 21 min, 4 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux détecté)
Modules: 0
(Aucun élément malicieux détecté)
Clés du Registre: 30
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Mis en quarantaine, [596faa11f59593a3934d5516af54f010],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Mis en quarantaine, [596faa11f59593a3934d5516af54f010],
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Mis en quarantaine, [596faa11f59593a3934d5516af54f010],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , Mis en quarantaine, [f2d65c5fdeacae88b977dbb48b7a28d8],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Mis en quarantaine, [f6d2dfdcd3b7c86ed984acce3bcab44c],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Mis en quarantaine, [ac1c28931773df575c00433740c58977],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [0dbb4972e2a8270f864d5b33b5505ea2],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [2f99c4f7a5e5c571063eba3a50b39c64],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{53a1c4d9}, Mis en quarantaine, [b01854678a0043f389a2078634d160a0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{caa89563}, Mis en quarantaine, [dcec0bb0b5d5d95d63c85c314eb7cf31],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [dcec34872b5fb383488bd8b69372d927],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV01.06-nv-ie, Mis en quarantaine, [f4d4d0eb1d6db284653e7c8e8183be42],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Mis en quarantaine, [22a6437897f35cda04d4d2be19ec40c0],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, Mis en quarantaine, [12b692290d7dcd696fb8d9ad9e67ee12],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Mis en quarantaine, [d2f6f9c25b2f45f1c3d43c4d54b1ef11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110D8323-9304-4E7B-861C-4448CF409FFC}, Mis en quarantaine, [ab1d8e2df79393a3bf34622949bc7f81],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1672262E-23CF-4E4A-B0DA-CAC13E1EA420}, Mis en quarantaine, [e9dfa01b32587fb7cc268506ef167888],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C924B11-43AE-42E7-8145-C389B94C999E}, Mis en quarantaine, [d7f19f1cd4b6b6802ec4513a9f66c838],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2675CF2E-5762-4965-8F4F-5CBD49AE7739}, Mis en quarantaine, [02c60dae94f6d85ec0335c2fe322bc44],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42BBD815-99C5-4016-8F3E-9CB6B659FEF0}, Mis en quarantaine, [ac1c3586602a072f787aa0eb3acb926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{54A4CDDE-BF43-4CBC-9CAB-A856BE9C9D6E}, Mis en quarantaine, [f2d64477a2e80333698a46457e875ba5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{652C510D-599C-456D-8878-DE32135A8C24}, Mis en quarantaine, [36927e3d0d7d5dd96e85d2b9a4611ae6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77F58CE0-6FD8-4BDC-8ABA-258651F6D437}, Mis en quarantaine, [5771ead15436a195a44e0b806c998878],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78AB36A3-A6E4-4169-98FD-B99EA1A98C92}, Mis en quarantaine, [5573ceede2a8e452a54d7d0e798c51af],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F9178A2-B841-4AEE-889C-8549607A98F1}, Mis en quarantaine, [4583d6e5f5950d2979796526887d08f8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B041614C-B593-4E88-9EF4-AC966D1A7123}, Mis en quarantaine, [3593fdbe6e1cbd79955d36556f9645bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFD8B106-19E5-4EF1-9F80-3B746D5E5059}, Mis en quarantaine, [b90fc8f3048669cd6192b4d7cc39ef11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E9FD0514-DC85-4B05-ACA4-698C3BDB25E6}, Mis en quarantaine, [6860219af49654e249aa0388fc0907f9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61CAE8C-72A8-47A1-B7E7-D5CFB1B1C4D0}, Mis en quarantaine, [47818a315f2b45f1a94a22694bba4ab6],
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\PRODUCTSETUP, Mis en quarantaine, [5276f7c4e0aa4ee80f7ee1af828329d7],
Valeurs du Registre: 25
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [a622714a206a122440efc1ceae57e818]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [d6f2b6053a50d95d53dc4b44ac59da26]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [cafef3c82d5dd0662807b8d7c045c13f]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [1cacb407a7e3181e7cb3efa007fe34cc]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [c7018338f298b680df508609749149b7]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [8c3cd2e968222c0a42edcdc20cf9db25]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [f2d65c5fdeacae88b977dbb48b7a28d8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [0dbb4972e2a8270f864d5b33b5505ea2]
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Run_Dregol\\, Mis en quarantaine, [b5133388078393a35fd8688c1ae9dc24]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [dcec34872b5fb383488bd8b69372d927]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110D8323-9304-4E7B-861C-4448CF409FFC}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [ab1d8e2df79393a3bf34622949bc7f81]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1672262E-23CF-4E4A-B0DA-CAC13E1EA420}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [e9dfa01b32587fb7cc268506ef167888]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C924B11-43AE-42E7-8145-C389B94C999E}|AppName, ff1506ff-6c3d-419c-913e-97b2fc5c4dc5-2.exe-buttonutil.exe, Mis en quarantaine, [d7f19f1cd4b6b6802ec4513a9f66c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2675CF2E-5762-4965-8F4F-5CBD49AE7739}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [02c60dae94f6d85ec0335c2fe322bc44]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42BBD815-99C5-4016-8F3E-9CB6B659FEF0}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [ac1c3586602a072f787aa0eb3acb926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{54A4CDDE-BF43-4CBC-9CAB-A856BE9C9D6E}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [f2d64477a2e80333698a46457e875ba5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{652C510D-599C-456D-8878-DE32135A8C24}|AppName, 1b14f3d3-2c00-4d76-8e7d-a987bb815119-2.exe-codedownloader.exe, Mis en quarantaine, [36927e3d0d7d5dd96e85d2b9a4611ae6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77F58CE0-6FD8-4BDC-8ABA-258651F6D437}|AppName, 15efdd47-5e63-46e6-8335-447255bcd6d6-2.exe-buttonutil.exe, Mis en quarantaine, [5771ead15436a195a44e0b806c998878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78AB36A3-A6E4-4169-98FD-B99EA1A98C92}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [5573ceede2a8e452a54d7d0e798c51af]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F9178A2-B841-4AEE-889C-8549607A98F1}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [4583d6e5f5950d2979796526887d08f8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B041614C-B593-4E88-9EF4-AC966D1A7123}|AppName, ff1506ff-6c3d-419c-913e-97b2fc5c4dc5-2.exe-buttonutil.exe, Mis en quarantaine, [3593fdbe6e1cbd79955d36556f9645bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFD8B106-19E5-4EF1-9F80-3B746D5E5059}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [b90fc8f3048669cd6192b4d7cc39ef11]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E9FD0514-DC85-4B05-ACA4-698C3BDB25E6}|AppName, 363e2063-2ea8-4e26-9337-5ede10264dbf-2.exe-codedownloader.exe, Mis en quarantaine, [6860219af49654e249aa0388fc0907f9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61CAE8C-72A8-47A1-B7E7-D5CFB1B1C4D0}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [47818a315f2b45f1a94a22694bba4ab6]
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\PRODUCTSETUP|tb, 0V1D1S1R1D0V1O, Mis en quarantaine, [5276f7c4e0aa4ee80f7ee1af828329d7]
Données du Registre: 1
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~3\{b1bf5~1\1172~1.1\soni.dll, Bon: (), Mauvais: (c:\progra~3\{b1bf5~1\1172~1.1\soni.dll),Remplacé,[1fa9c6f5602ada5c669490fddf2630d0]
Dossiers: 7
PUP.Optional.MindSpark.A, C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\tv0mqy34.default-1416915785634\FromDocToPDF_65, Mis en quarantaine, [deea14a73753f93da1d8d61db152a45c],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Mis en quarantaine, [5c6cdae11f6b4beb7ffd3bba0003c838],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.GlobalUpdate.A, C:\Users\Christophe\AppData\Local\Temp\comh.238739, Mis en quarantaine, [5474dddec7c35cdaed425e7541c203fd],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\dat, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
Fichiers: 54
Keylogger.Logixoft, C:\Users\Christophe\Downloads\rkfree_setup [1].exe, Aucune action, choix de l'utilisateur, [0abe5467d1b96cca65b65ef2d333d927],
PUP.Keylogger, C:\Users\Christophe\Downloads\kg-setup.zip, Aucune action, choix de l'utilisateur, [6e5abefd8109b086476e500abd495ea2],
PUP.Optional.PullUpdate.SID.C, C:\ProgramData\oCTBpA\dat\rxMDFpioY.dll, Mis en quarantaine, [6365c3f8a5e56bcb2cd6730f5fa7629e],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\npglobalupdateUpdate4.dll, Mis en quarantaine, [7e4aa615b3d733031cdee16c2ad8ba46],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdate.exe, Mis en quarantaine, [c206c3f8533756e0bb3fdb72ab575da3],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdateBroker.exe, Mis en quarantaine, [c008ae0d4a403afc5c9e63ea9270728e],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdateCrashHandler.exe, Mis en quarantaine, [5d6b8e2dc9c166d0e515480539c9cd33],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdateOnDemand.exe, Mis en quarantaine, [e4e442798efce94d8476ee5f24de14ec],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\goopdate.dll, Mis en quarantaine, [9f297942acde8aac07f378d5aa58738d],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, Mis en quarantaine, [dfe9902bc4c6f64017e3ff4e03ffb749],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\psmachine.dll, Mis en quarantaine, [4781e6d5365496a0c337fe4fb25016ea],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\psuser.dll, Mis en quarantaine, [ebdd02b9d9b1cc6ad5259bb22dd5fb05],
PUP.Optional.InstallCore.SID.C, C:\$RECYCLE.BIN\S-1-5-21-200227725-3474806247-2416335215-1001\$R0RV8OW.exe, Mis en quarantaine, [32961aa10b7fe5516de3b4cec54126da],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsk75FF.tmp, Mis en quarantaine, [a02864573c4e2d09e19785e7f909de22],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nslD3C6.tmp, Mis en quarantaine, [c107a912b2d88caaf4841953e71b5ea2],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsp48D2.tmp, Mis en quarantaine, [9d2bf9c20d7d48ee1266d09c798927d9],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsuC99F.tmp, Mis en quarantaine, [c1073982abdf78be80f81359b34f02fe],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsyD0D1.tmp, Mis en quarantaine, [4781fdbe4446b3839adeed7fd72b04fc],
PUP.Optional.IStartSurf.A, C:\Users\Christophe\AppData\Local\Temp\nsyCCA8.tmp, Mis en quarantaine, [5d6bb7047d0ddc5a1557ed93f610936d],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsyD0D1.tmp, Mis en quarantaine, [17b11e9ddcae8da91068521a9e6419e7],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsfF6A4.tmp, Mis en quarantaine, [26a2cbf07911cd694434046809f9f60a],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsk75FF.tmp, Mis en quarantaine, [992f5f5c9febc175fd7b97d5da2827d9],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nslD3C6.tmp, Mis en quarantaine, [daee9b207e0cac8a0474f07c05fd59a7],
PUP.Optional.CheckOffer, C:\Users\Christophe\AppData\Local\Temp\nsoAC0D.tmp, Mis en quarantaine, [6c5c06b52268c76f81259fc510f27f81],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsp48D2.tmp, Mis en quarantaine, [f8d0f9c298f2320495e34a224bb7d32d],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsuC99F.tmp, Mis en quarantaine, [daeee3d8e1a9a492da9eb7b54db5a957],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsfF6A4.tmp, Mis en quarantaine, [61674d6ebad01f17fc7c036942c009f7],
PUP.Optional.WebBar.A, C:\Users\Christophe\AppData\Local\Temp\is-S29DJ.tmp\package_airwebbar_installer_multilang.exe, Mis en quarantaine, [b810d5e685053204d485216023e3936d],
PUP.Optional.CheckOffer, C:\Users\Christophe\AppData\Local\Temp\nsbF2B0.tmp\nsCBHTML5.dll, Mis en quarantaine, [64641f9c49413105990d580cf60c8080],
PUP.Optional.OptimizerPro.A, C:\Users\Christophe\AppData\Local\Temp\nsbF2B0.tmp\OptimizerPro.exe, Mis en quarantaine, [cbfd8e2d8901142253a5afb626dce41c],
PUP.Optional.CrossRider.A, C:\Users\Christophe\AppData\Local\Temp\nsbF2B0.tmp\setup.exe, Mis en quarantaine, [cff98635a0eaa3938a94ef8af80ed32d],
PUP.Optional.OfferInstaller.C, C:\Users\Christophe\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, Mis en quarantaine, [1eaa18a35f2b5adc7abb49f82dd557a9],
PUP.Optional.Solimba, C:\Users\Christophe\Downloads\Microsoft%20Office%202010.exe, Mis en quarantaine, [eadee2d90981092d10b63009ef13817f],
PUP.Optional.InstallCore.A, C:\Users\Christophe\Downloads\rkfree_setup.exe, Mis en quarantaine, [d5f3f1ca9feb4aec1789b4be1ee42ed2],
PUP.Optional.Bundle, C:\Users\Christophe\Downloads\adwcleaner.exe, Mis en quarantaine, [eedac3f838520e28e0c1056819e96b95],
PUP.Optional.InstallCore.SID.C, C:\Users\Christophe\Downloads\instekm.exe, Mis en quarantaine, [3b8d2b902d5d64d290c0dda5e71f3ac6],
PUP.Optional.SndVol.A, C:\Windows\SysWOW64\config\systemprofile\sndvol.exe, Mis en quarantaine, [5f69dae10f7b3cfa357c539f44bfcb35],
PUP.Optional.MindSpark.A, C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\tv0mqy34.default-1416915785634\FromDocToPDF_65\9CF28EF6-204B-4D54-8C63-C4B3BDAC03A4.sqlite, Mis en quarantaine, [deea14a73753f93da1d8d61db152a45c],
PUP.Optional.Dregol.C, C:\Users\Christophe\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Mis en quarantaine, [398fb80365253ff79895975d4db6bc44],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Mis en quarantaine, [5c6cdae11f6b4beb7ffd3bba0003c838],
PUP.Optional.WebInstr.A, C:\Windows\System32\drivers\Msft_Kernel_webinstr_01009.Wdf, Mis en quarantaine, [3a8e8f2c0a807abc53835aa916eeef11],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\Sqlite3.dll, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\dExtent, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\extent, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\fiber.js, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\hdat1, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\hdat2, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\soni.dll, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.GlobalUpdate.A, C:\Users\Christophe\AppData\Local\Temp\comh.238739\globalupdateHelper.msi, Mis en quarantaine, [5474dddec7c35cdaed425e7541c203fd],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\dat\SWurryFTupW.exe.config, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\dat\ZJfievypu.exe.config, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\aMtDvXbcwn.dat, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\aMtDvXbcwn.exe.config, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\info.dat, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
Secteurs physiques: 0
(Aucun élément malicieux détecté)
(end)
www.malwarebytes.org
Date de l'examen: 17/06/2015
Heure de l'examen: 18:40:45
Fichier journal: rapport anti malware.txt
Administrateur: Oui
Version: 2.01.6.1022
Base de données Malveillants: v2015.06.17.04
Base de données Rootkits: v2015.06.15.01
Licence: Gratuit
Protection contre les malveillants: Désactivé(e)
Protection contre les sites Web malveillants: Désactivé(e)
Auto-protection: Désactivé(e)
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Ange&Chris
Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 351651
Temps écoulé: 21 min, 4 sec
Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)
Processus: 0
(Aucun élément malicieux détecté)
Modules: 0
(Aucun élément malicieux détecté)
Clés du Registre: 30
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Mis en quarantaine, [596faa11f59593a3934d5516af54f010],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Mis en quarantaine, [596faa11f59593a3934d5516af54f010],
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, Mis en quarantaine, [596faa11f59593a3934d5516af54f010],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , Mis en quarantaine, [f2d65c5fdeacae88b977dbb48b7a28d8],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Mis en quarantaine, [f6d2dfdcd3b7c86ed984acce3bcab44c],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Mis en quarantaine, [ac1c28931773df575c00433740c58977],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [0dbb4972e2a8270f864d5b33b5505ea2],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [2f99c4f7a5e5c571063eba3a50b39c64],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{53a1c4d9}, Mis en quarantaine, [b01854678a0043f389a2078634d160a0],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{caa89563}, Mis en quarantaine, [dcec0bb0b5d5d95d63c85c314eb7cf31],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [dcec34872b5fb383488bd8b69372d927],
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV01.06-nv-ie, Mis en quarantaine, [f4d4d0eb1d6db284653e7c8e8183be42],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Mis en quarantaine, [22a6437897f35cda04d4d2be19ec40c0],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, Mis en quarantaine, [12b692290d7dcd696fb8d9ad9e67ee12],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Mis en quarantaine, [d2f6f9c25b2f45f1c3d43c4d54b1ef11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110D8323-9304-4E7B-861C-4448CF409FFC}, Mis en quarantaine, [ab1d8e2df79393a3bf34622949bc7f81],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1672262E-23CF-4E4A-B0DA-CAC13E1EA420}, Mis en quarantaine, [e9dfa01b32587fb7cc268506ef167888],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C924B11-43AE-42E7-8145-C389B94C999E}, Mis en quarantaine, [d7f19f1cd4b6b6802ec4513a9f66c838],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2675CF2E-5762-4965-8F4F-5CBD49AE7739}, Mis en quarantaine, [02c60dae94f6d85ec0335c2fe322bc44],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42BBD815-99C5-4016-8F3E-9CB6B659FEF0}, Mis en quarantaine, [ac1c3586602a072f787aa0eb3acb926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{54A4CDDE-BF43-4CBC-9CAB-A856BE9C9D6E}, Mis en quarantaine, [f2d64477a2e80333698a46457e875ba5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{652C510D-599C-456D-8878-DE32135A8C24}, Mis en quarantaine, [36927e3d0d7d5dd96e85d2b9a4611ae6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77F58CE0-6FD8-4BDC-8ABA-258651F6D437}, Mis en quarantaine, [5771ead15436a195a44e0b806c998878],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78AB36A3-A6E4-4169-98FD-B99EA1A98C92}, Mis en quarantaine, [5573ceede2a8e452a54d7d0e798c51af],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F9178A2-B841-4AEE-889C-8549607A98F1}, Mis en quarantaine, [4583d6e5f5950d2979796526887d08f8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B041614C-B593-4E88-9EF4-AC966D1A7123}, Mis en quarantaine, [3593fdbe6e1cbd79955d36556f9645bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFD8B106-19E5-4EF1-9F80-3B746D5E5059}, Mis en quarantaine, [b90fc8f3048669cd6192b4d7cc39ef11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E9FD0514-DC85-4B05-ACA4-698C3BDB25E6}, Mis en quarantaine, [6860219af49654e249aa0388fc0907f9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61CAE8C-72A8-47A1-B7E7-D5CFB1B1C4D0}, Mis en quarantaine, [47818a315f2b45f1a94a22694bba4ab6],
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\PRODUCTSETUP, Mis en quarantaine, [5276f7c4e0aa4ee80f7ee1af828329d7],
Valeurs du Registre: 25
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [a622714a206a122440efc1ceae57e818]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [d6f2b6053a50d95d53dc4b44ac59da26]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [cafef3c82d5dd0662807b8d7c045c13f]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [1cacb407a7e3181e7cb3efa007fe34cc]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [c7018338f298b680df508609749149b7]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [8c3cd2e968222c0a42edcdc20cf9db25]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130645910495470127, Mis en quarantaine, [f2d65c5fdeacae88b977dbb48b7a28d8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [0dbb4972e2a8270f864d5b33b5505ea2]
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Run_Dregol\\, Mis en quarantaine, [b5133388078393a35fd8688c1ae9dc24]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [dcec34872b5fb383488bd8b69372d927]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110D8323-9304-4E7B-861C-4448CF409FFC}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [ab1d8e2df79393a3bf34622949bc7f81]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1672262E-23CF-4E4A-B0DA-CAC13E1EA420}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [e9dfa01b32587fb7cc268506ef167888]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C924B11-43AE-42E7-8145-C389B94C999E}|AppName, ff1506ff-6c3d-419c-913e-97b2fc5c4dc5-2.exe-buttonutil.exe, Mis en quarantaine, [d7f19f1cd4b6b6802ec4513a9f66c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2675CF2E-5762-4965-8F4F-5CBD49AE7739}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [02c60dae94f6d85ec0335c2fe322bc44]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42BBD815-99C5-4016-8F3E-9CB6B659FEF0}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [ac1c3586602a072f787aa0eb3acb926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{54A4CDDE-BF43-4CBC-9CAB-A856BE9C9D6E}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [f2d64477a2e80333698a46457e875ba5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{652C510D-599C-456D-8878-DE32135A8C24}|AppName, 1b14f3d3-2c00-4d76-8e7d-a987bb815119-2.exe-codedownloader.exe, Mis en quarantaine, [36927e3d0d7d5dd96e85d2b9a4611ae6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77F58CE0-6FD8-4BDC-8ABA-258651F6D437}|AppName, 15efdd47-5e63-46e6-8335-447255bcd6d6-2.exe-buttonutil.exe, Mis en quarantaine, [5771ead15436a195a44e0b806c998878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78AB36A3-A6E4-4169-98FD-B99EA1A98C92}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [5573ceede2a8e452a54d7d0e798c51af]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F9178A2-B841-4AEE-889C-8549607A98F1}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-buttonutil.exe, Mis en quarantaine, [4583d6e5f5950d2979796526887d08f8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B041614C-B593-4E88-9EF4-AC966D1A7123}|AppName, ff1506ff-6c3d-419c-913e-97b2fc5c4dc5-2.exe-buttonutil.exe, Mis en quarantaine, [3593fdbe6e1cbd79955d36556f9645bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFD8B106-19E5-4EF1-9F80-3B746D5E5059}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [b90fc8f3048669cd6192b4d7cc39ef11]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E9FD0514-DC85-4B05-ACA4-698C3BDB25E6}|AppName, 363e2063-2ea8-4e26-9337-5ede10264dbf-2.exe-codedownloader.exe, Mis en quarantaine, [6860219af49654e249aa0388fc0907f9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61CAE8C-72A8-47A1-B7E7-D5CFB1B1C4D0}|AppName, 52b294ea-65b2-4cda-9add-b77b482957ca-2.exe-codedownloader.exe, Mis en quarantaine, [47818a315f2b45f1a94a22694bba4ab6]
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-200227725-3474806247-2416335215-1001\SOFTWARE\PRODUCTSETUP|tb, 0V1D1S1R1D0V1O, Mis en quarantaine, [5276f7c4e0aa4ee80f7ee1af828329d7]
Données du Registre: 1
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~3\{b1bf5~1\1172~1.1\soni.dll, Bon: (), Mauvais: (c:\progra~3\{b1bf5~1\1172~1.1\soni.dll),Remplacé,[1fa9c6f5602ada5c669490fddf2630d0]
Dossiers: 7
PUP.Optional.MindSpark.A, C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\tv0mqy34.default-1416915785634\FromDocToPDF_65, Mis en quarantaine, [deea14a73753f93da1d8d61db152a45c],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Mis en quarantaine, [5c6cdae11f6b4beb7ffd3bba0003c838],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.GlobalUpdate.A, C:\Users\Christophe\AppData\Local\Temp\comh.238739, Mis en quarantaine, [5474dddec7c35cdaed425e7541c203fd],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\dat, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
Fichiers: 54
Keylogger.Logixoft, C:\Users\Christophe\Downloads\rkfree_setup [1].exe, Aucune action, choix de l'utilisateur, [0abe5467d1b96cca65b65ef2d333d927],
PUP.Keylogger, C:\Users\Christophe\Downloads\kg-setup.zip, Aucune action, choix de l'utilisateur, [6e5abefd8109b086476e500abd495ea2],
PUP.Optional.PullUpdate.SID.C, C:\ProgramData\oCTBpA\dat\rxMDFpioY.dll, Mis en quarantaine, [6365c3f8a5e56bcb2cd6730f5fa7629e],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\npglobalupdateUpdate4.dll, Mis en quarantaine, [7e4aa615b3d733031cdee16c2ad8ba46],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdate.exe, Mis en quarantaine, [c206c3f8533756e0bb3fdb72ab575da3],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdateBroker.exe, Mis en quarantaine, [c008ae0d4a403afc5c9e63ea9270728e],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdateCrashHandler.exe, Mis en quarantaine, [5d6b8e2dc9c166d0e515480539c9cd33],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\globalupdateOnDemand.exe, Mis en quarantaine, [e4e442798efce94d8476ee5f24de14ec],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\goopdate.dll, Mis en quarantaine, [9f297942acde8aac07f378d5aa58738d],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, Mis en quarantaine, [dfe9902bc4c6f64017e3ff4e03ffb749],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\psmachine.dll, Mis en quarantaine, [4781e6d5365496a0c337fe4fb25016ea],
PUP.Optional.ModGoog, C:\Users\Christophe\AppData\Roaming\ZHP\Quarantine\psuser.dll, Mis en quarantaine, [ebdd02b9d9b1cc6ad5259bb22dd5fb05],
PUP.Optional.InstallCore.SID.C, C:\$RECYCLE.BIN\S-1-5-21-200227725-3474806247-2416335215-1001\$R0RV8OW.exe, Mis en quarantaine, [32961aa10b7fe5516de3b4cec54126da],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsk75FF.tmp, Mis en quarantaine, [a02864573c4e2d09e19785e7f909de22],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nslD3C6.tmp, Mis en quarantaine, [c107a912b2d88caaf4841953e71b5ea2],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsp48D2.tmp, Mis en quarantaine, [9d2bf9c20d7d48ee1266d09c798927d9],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsuC99F.tmp, Mis en quarantaine, [c1073982abdf78be80f81359b34f02fe],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsyD0D1.tmp, Mis en quarantaine, [4781fdbe4446b3839adeed7fd72b04fc],
PUP.Optional.IStartSurf.A, C:\Users\Christophe\AppData\Local\Temp\nsyCCA8.tmp, Mis en quarantaine, [5d6bb7047d0ddc5a1557ed93f610936d],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsyD0D1.tmp, Mis en quarantaine, [17b11e9ddcae8da91068521a9e6419e7],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsfF6A4.tmp, Mis en quarantaine, [26a2cbf07911cd694434046809f9f60a],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsk75FF.tmp, Mis en quarantaine, [992f5f5c9febc175fd7b97d5da2827d9],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nslD3C6.tmp, Mis en quarantaine, [daee9b207e0cac8a0474f07c05fd59a7],
PUP.Optional.CheckOffer, C:\Users\Christophe\AppData\Local\Temp\nsoAC0D.tmp, Mis en quarantaine, [6c5c06b52268c76f81259fc510f27f81],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsp48D2.tmp, Mis en quarantaine, [f8d0f9c298f2320495e34a224bb7d32d],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\nsuC99F.tmp, Mis en quarantaine, [daeee3d8e1a9a492da9eb7b54db5a957],
PUP.Optional.InstallCore.A, C:\Users\Christophe\AppData\Local\Temp\ICReinstall_nsfF6A4.tmp, Mis en quarantaine, [61674d6ebad01f17fc7c036942c009f7],
PUP.Optional.WebBar.A, C:\Users\Christophe\AppData\Local\Temp\is-S29DJ.tmp\package_airwebbar_installer_multilang.exe, Mis en quarantaine, [b810d5e685053204d485216023e3936d],
PUP.Optional.CheckOffer, C:\Users\Christophe\AppData\Local\Temp\nsbF2B0.tmp\nsCBHTML5.dll, Mis en quarantaine, [64641f9c49413105990d580cf60c8080],
PUP.Optional.OptimizerPro.A, C:\Users\Christophe\AppData\Local\Temp\nsbF2B0.tmp\OptimizerPro.exe, Mis en quarantaine, [cbfd8e2d8901142253a5afb626dce41c],
PUP.Optional.CrossRider.A, C:\Users\Christophe\AppData\Local\Temp\nsbF2B0.tmp\setup.exe, Mis en quarantaine, [cff98635a0eaa3938a94ef8af80ed32d],
PUP.Optional.OfferInstaller.C, C:\Users\Christophe\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, Mis en quarantaine, [1eaa18a35f2b5adc7abb49f82dd557a9],
PUP.Optional.Solimba, C:\Users\Christophe\Downloads\Microsoft%20Office%202010.exe, Mis en quarantaine, [eadee2d90981092d10b63009ef13817f],
PUP.Optional.InstallCore.A, C:\Users\Christophe\Downloads\rkfree_setup.exe, Mis en quarantaine, [d5f3f1ca9feb4aec1789b4be1ee42ed2],
PUP.Optional.Bundle, C:\Users\Christophe\Downloads\adwcleaner.exe, Mis en quarantaine, [eedac3f838520e28e0c1056819e96b95],
PUP.Optional.InstallCore.SID.C, C:\Users\Christophe\Downloads\instekm.exe, Mis en quarantaine, [3b8d2b902d5d64d290c0dda5e71f3ac6],
PUP.Optional.SndVol.A, C:\Windows\SysWOW64\config\systemprofile\sndvol.exe, Mis en quarantaine, [5f69dae10f7b3cfa357c539f44bfcb35],
PUP.Optional.MindSpark.A, C:\Users\Christophe\AppData\Roaming\Mozilla\Firefox\Profiles\tv0mqy34.default-1416915785634\FromDocToPDF_65\9CF28EF6-204B-4D54-8C63-C4B3BDAC03A4.sqlite, Mis en quarantaine, [deea14a73753f93da1d8d61db152a45c],
PUP.Optional.Dregol.C, C:\Users\Christophe\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Mis en quarantaine, [398fb80365253ff79895975d4db6bc44],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Mis en quarantaine, [5c6cdae11f6b4beb7ffd3bba0003c838],
PUP.Optional.WebInstr.A, C:\Windows\System32\drivers\Msft_Kernel_webinstr_01009.Wdf, Mis en quarantaine, [3a8e8f2c0a807abc53835aa916eeef11],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\Sqlite3.dll, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\dExtent, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\extent, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\fiber.js, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\hdat1, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\hdat2, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.Amonetize.A, C:\ProgramData\{B1BF597C-E13D-88FA-50BB-F87880392BF6}\1.17.2.1\soni.dll, Mis en quarantaine, [1fa9c6f5602ada5c669490fddf2630d0],
PUP.Optional.GlobalUpdate.A, C:\Users\Christophe\AppData\Local\Temp\comh.238739\globalupdateHelper.msi, Mis en quarantaine, [5474dddec7c35cdaed425e7541c203fd],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\dat\SWurryFTupW.exe.config, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\dat\ZJfievypu.exe.config, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\aMtDvXbcwn.dat, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\aMtDvXbcwn.exe.config, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
PUP.Optional.PullUpdate.A, C:\ProgramData\oCTBpA\info.dat, Mis en quarantaine, [68604477b3d787afe76eccb8a95df20e],
Secteurs physiques: 0
(Aucun élément malicieux détecté)
(end)