Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 31/01/2016
Heure de l'analyse: 22:57
Fichier journal: Journal d'analyse.txt
Administrateur: Oui
Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.31.04
Base de données de rootkits: v2016.01.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Papa chéri
Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 705641
Temps écoulé: 52 min, 0 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 15
PUP.Optional.SeeMoreResultsHub, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4d1e47a2-d7d2-4bb1-8fa8-2055f856c8ea}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, En quarantaine, [ad834bf5ecad2c0ac47acc9af70bc13f],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, En quarantaine, [ad834bf5ecad2c0ac47acc9af70bc13f],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, En quarantaine, [ad834bf5ecad2c0ac47acc9af70bc13f],
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\Naval Action.DynamicNS, En quarantaine, [6bc530106138152194174a4fd62c936d],
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Naval Action.DynamicNS, En quarantaine, [151bd86846536dc9ebc09405c33fa35d],
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Naval Action.DynamicNS, En quarantaine, [151bd86846536dc9ebc09405c33fa35d],
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER\VERSION 1, En quarantaine, [50e09aa6079263d3bf25ae932cd8a65a],
PUP.Optional.Gameo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\84F79A5_0, En quarantaine, [f53b033d1683cf676c9f1ac838ca847c],
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}, En quarantaine, [d55b7fc1e8b171c5a97e45c36c9847b9],
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, En quarantaine, [71bf8bb5eeab0432b3a73d0013f1b947],
Valeurs du Registre: 9
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER\Version 1|utm_source, installcore, En quarantaine, [50e09aa6079263d3bf25ae932cd8a65a]
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER\Version 1|utm_campaign, installcore, En quarantaine, [85ab350b4c4d8aac9b493d04d52f4ab6]
PUP.Optional.Gameo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\84f79a5_0, {2}.\\?\hdaudio#func_01&ven_10ec&dev_0668&subsys_1043129d&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Users\pascal\AppData\Roaming\Gameo\gameo.exe%b{00000000-0000-0000-0000-000000000000}, En quarantaine, [f53b033d1683cf676c9f1ac838ca847c]
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f[d55b7fc1e8b171c5a97e45c36c9847b9]D4%26b[d55b7fc1e8b171c5a97e45c36c9847b9]DIE%26cc[d55b7fc1e8b171c5a97e45c36c9847b9]Dfr%26pa[d55b7fc1e8b171c5a97e45c36c9847b9]DWincy%26cd[d55b7fc1e8b171c5a97e45c36c9847b9]D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr[d55b7fc1e8b171c5a97e45c36c9847b9]D1877264353%26a[d55b7fc1e8b171c5a97e45c36c9847b9]Dwncy_popjar_15_53_ssg04%26os_ver[d55b7fc1e8b171c5a97e45c36c9847b9]D6.3%26os[d55b7fc1e8b171c5a97e45c36c9847b9]DWindowsEn quarantaineB8.1&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f[9a9648f8405987af7bacc1473cc8fa06]D4%26b[9a9648f8405987af7bacc1473cc8fa06]DIE%26cc[9a9648f8405987af7bacc1473cc8fa06]Dfr%26pa[9a9648f8405987af7bacc1473cc8fa06]DWincy%26cd[9a9648f8405987af7bacc1473cc8fa06]D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr[9a9648f8405987af7bacc1473cc8fa06]D1877264353%26a[9a9648f8405987af7bacc1473cc8fa06]Dwncy_popjar_15_53_ssg04%26os_ver[9a9648f8405987af7bacc1473cc8fa06]D6.3%26os[9a9648f8405987af7bacc1473cc8fa06]DWindowsEn quarantaineB8.1&p={searchTerms}, %4, %5
PUP.Optional.Sputnik, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{5A2BF78A-8DE6-4B43-8D7B-AD23782B0E74}MACHINE\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSuggestURL, http://smartsputnik.ru/?ri=1&uid=9afe50c11a9cbad63a6201749b07157e&q={searchTerms}&t=suggest, En quarantaine, [52de350b1f7ae650784f13215da7e917]
PUP.Optional.Sputnik, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{5A2BF78A-8DE6-4B43-8D7B-AD23782B0E74}MACHINE\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderInstantURL, http://smartsputnik.ru/?ri=1&uid=9afe50c11a9cbad63a6201749b07157e&q={searchTerms}&t=instant, En quarantaine, [0c24a29e6c2d45f1e9de0c282fd53ec2]
PUP.Optional.Sputnik, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{5A2BF78A-8DE6-4B43-8D7B-AD23782B0E74}MACHINE\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, http://smartsputnik.ru/?ri=1&uid=9afe50c11a9cbad63a6201749b07157e&q={searchTerms}&t=search, En quarantaine, [aa862c148f0a42f408bf82b2020252ae]
Hijack.AutoConfigURL.ShrtCln, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstopp.me/wpad.dat?6acf5374a16748411ed33cbbdfd9b7e03316654, En quarantaine, [250b46fac9d0bd7903cbd5697b893ac6]
Données du Registre: 1
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D1877264353%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]Dwncy_popjar_15_53_ssg04%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D6.3%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]DWindowsBon : (www.google.com)B8.1, %4, %5
Dossiers: 4
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0, En quarantaine, [c66a08381287082eb72b32a791719967],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
Fichiers: 93
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbia.exe.vir, En quarantaine, [a38dc8782b6e3ff72dd9e5ed837e4db3],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbici64.dll.vir, En quarantaine, [fb3545fbfa9fb97d88cd0db301032ad6],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbii32.exe.vir, En quarantaine, [78b8e25eb9e0d75fc67ea230d62be51b],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbii64.exe.vir, En quarantaine, [09276bd59801d85ecc79f1e17988c33d],
PUP.Optional.Boxore.WnskRST, C:\AdwCleaner\Quarantine\C\WINDOWS\SysWOW64\BoxoreService.dll.vir, En quarantaine, [290791afa7f272c4c45b727d3cc84cb4],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\K2A7UXY5\tiwr[1].exe, En quarantaine, [0927a799b6e321151da065ff8a789b65],
PUP.Optional.Amonetize, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\RCBX3C2X\Bundle[1].exe, En quarantaine, [d55b2f117326072f03bfa524fa074cb4],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\WYY4GXRI\4efece5b5586ee29871717baacdf4c7b[1].exe, En quarantaine, [62ce93ad2b6e8caae40684e06f93d828],
PUP.Optional.AdLoad, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\WYY4GXRI\prepreinstaller_win[1].exe, En quarantaine, [c868c17fc2d714228b3e8f483bc63dc3],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\WYY4GXRI\HQYgq9r[1].exe, En quarantaine, [5fd167d93c5d350187c5229f12f2d927],
PUP.Optional.InstallCore, C:\Users\pascal\AppData\Local\Temp\ICReinstall_setup.exe, En quarantaine, [e14fcb75aaefeb4b66da89cf90717987],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsb7DA6.tmp, En quarantaine, [90a0d16fb5e40d29d079f4462ad8d62a],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsgAD66.tmp, En quarantaine, [f13fca76851451e5fe4b73c7c73bce32],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsoC0EB.tmp, En quarantaine, [56dac878d8c157df9dc6a52ea25f07f9],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsq53AC.tmp, En quarantaine, [82ae84bc8c0d78bedd6f19a8c44012ee],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsu971B.tmp, En quarantaine, [210f4ef2e0b977bf7dcc57e32bd7728e],
Adware.EoRezo, C:\Users\pascal\AppData\Local\Temp\D3Ren8bQUo.exe, En quarantaine, [e74967d9aced1b1b345b02ca1be6ee12],
PUP.Optional.Yontoo, C:\Users\pascal\AppData\Local\Temp\T05Ro0zp5h.exe, En quarantaine, [e947ec54a7f2c86e189b5fec54ad5da3],
Adware.EoRezo.Gen, C:\Users\pascal\AppData\Local\Temp\fi_d05273.exe, En quarantaine, [86aa320e5c3da98d6996696ce91847b9],
Adware.EoRezo.Gen, C:\Users\pascal\AppData\Local\Temp\fi_d06066.exe, En quarantaine, [50e0013fd2c75bdb857a4e8721e01ee2],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\Frnl1i0bUQ.exe, En quarantaine, [6ac6053b8b0ecd695eaf96500ff2f709],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Local\Temp\Install_31408\ins_shopperpro3.exe, En quarantaine, [be729ea22e6b3df923a09c36c63b7090],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.115\the forest alpha v0 22.exe., En quarantaine, [1a16f848e6b3d165b76c8d66da2a37c9],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.181\the forest alpha v0 22.exe., En quarantaine, [f93772ce178272c48f9433c017edcf31],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.263\the forest alpha v0 22.exe., En quarantaine, [3ef23a066c2d96a0d94aaa496e96837d],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.346\the forest early access 2014 pc repack.exe., En quarantaine, [a0908ab67a1f5bdb3ee58c6706fefe02],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.391\the forest alpha v0 22.exe., En quarantaine, [7db359e71e7b43f3fe254aa92ed6748c],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.524\the forest alpha v0 22.exe., En quarantaine, [ec444ef2d4c5280e39eab34016eeb54b],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.830\the forest early access 2014 pc repack.exe., En quarantaine, [ab85b8889702a393a77c9b582ada6e92],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.912\the forest early access 2014 pc repack.exe., En quarantaine, [7cb46dd3960369cd1b0829ca887cff01],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dia0.278\the forest early access 2014 pc repack.exe. , En quarantaine, [3af6ba860d8ce6502af906ed9074ac54],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dia0.510\the forest alpha v0 22.exe. , En quarantaine, [d759c67addbc013532f1bc37d43060a0],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dia0.865\the forest early access 2014 pc repack.exe. , En quarantaine, [c66a95ab36637db90023ea0902021be5],
PUP.Optional.Solimba, c:\users\pascal\appdata\local\temp\rar$dia0.993\painttool%20sai.exe. , En quarantaine, [c36dc0804455ff372fded0a3c33e55ab],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.025\the forest early access 2014 pc repack.exe., En quarantaine, [39f7e45c92076ccae043d32019eb37c9],
PUP.Optional.OutBrowse, C:\Users\pascal\AppData\Local\Temp\bVh92D31\setup.exe, En quarantaine, [ac84ac942e6b5dd9484bd2fa24dd03fd],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.086\the forest alpha v0 22.exe., En quarantaine, [29071b25a9f084b264bfd023f410f20e],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.086\the forest alpha v0 22.exe. , En quarantaine, [131d4ff1d0c9fe385ac910e336ce59a7],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\62793.WindApp.MON001.no.exe, En quarantaine, [161ab987b5e449edc47b5c93c53f03fd],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\62793.WindApp.MON001.no[1].exe, En quarantaine, [27090c340e8bfd3926199c53d4307789],
PUP.Optional.Clara, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\9zwWz2IQu7.exe, En quarantaine, [dd531729fa9f0c2a4af3a39149b835cb],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\jsdrv.exe.VIR, En quarantaine, [1e1269d737620531428115bd827f6c94],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\spbiu.exe.VIR, En quarantaine, [3bf552eea6f37bbb19edc50d4eb3bb45],
PUP.Optional.ShopperPro, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\spbiw.sys, En quarantaine, [dc5477c99801b6801becd00219e8a858],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\downloader.63399[1].exe, En quarantaine, [a18f67d9d6c351e5ea552dc238cc768a],
PUP.Optional.Elex, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ihpmserver.exe.VIR, En quarantaine, [61cfb09023763ff710def4c6b150eb15],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\shopperpro3.dll.VIR, En quarantaine, [cf6143fd5c3dff37d092da7aa45ccd33],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\oa7tfYzo1F.exe, En quarantaine, [4fe1ed532f6ad5610e31975854b03cc4],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ASPackage.DIR\ASPackage.exe, En quarantaine, [939d251b475282b48984e7ff12efe31d],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\ShopperPro3.dll, En quarantaine, [d957df616f2a94a286dc94c045bbe61a],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\ShopperPro364.dll, En quarantaine, [dc5450f07f1a6bcb441ec490b848fe02],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\JSDriver\jsdrv.exe, En quarantaine, [71bf251bcbce4de97f44ac26cc358d73],
PUP.Optional.ShopperPro, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\JSDriver\jsdrv.sys, En quarantaine, [71bf4ff1c3d655e1b6535e74bb46659b],
PUP.Optional.ShopperPro, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\JSDriver\1.42.1.10633\jsdrv.sys, En quarantaine, [1b15e8582d6c6ec835d4ebe7b44da65a],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\ShopperPro3\ShopperPro364.dll, En quarantaine, [10205ee29207c670aeb48acac040c040],
PUP.Optional.Elex, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\raydld.DIR\Raydld.exe, En quarantaine, [c9670739742582b41cd5dcdef20f52ae],
PUP.Optional.Astori, c:\users\pascal\desktop\the forest alpha v0 22.exe., En quarantaine, [1020ec54e8b1eb4bc65d2ec545bfca36],
PUP.Optional.Astori, c:\users\pascal\desktop\the forest early access 2014 pc repack.exe., En quarantaine, [1020fa4689102016c360995a7391d42c],
PUP.Optional.Astori, c:\users\pascal\desktop\the forest early access 2014 pc repack.exe. , En quarantaine, [bb752b152376b1854ad9e60d5da7d22e],
PUP.Optional.Yontoo, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, En quarantaine, [81af7bc583163006b203a53ea55dc43c],
PUP.Optional.Yontoo, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, En quarantaine, [161a112f6831290dab0a39aa40c20ef2],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage, En quarantaine, [949c63dd1089f93d03a90d09c93bbf41],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage-journal, En quarantaine, [de5251ef9ffab086ac00f125669e34cc],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, En quarantaine, [70c0ef51d9c042f4538cf62d31d352ae],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, En quarantaine, [aa86b28e811840f6ca15a0835da7d42c],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage, En quarantaine, [d45c3907b5e4da5c5b846db6ae56867a],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal, En quarantaine, [45eb231de5b41d192bb4a0838b79ba46],
PUP.Optional.Boxore.WnskRST, C:\Windows\Temp\BoxoreService.log, En quarantaine, [4fe1241ce8b137ff2c401d19788c10f0],
PUP.Optional.Boxore.WnskRST, C:\Windows\Temp\BoxoreServicer.log, En quarantaine, [e14fcb75455403337cf0ea4c59ab6997],
PUP.Optional.PastaLeads, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [9c94360a3861cf67faa99da163a15ba5],
PUP.Optional.PastaLeads, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [dd5376ca475259dd723165d90004de22],
PUP.Optional.AdNetworkPerformance, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, En quarantaine, [062aaf91b8e1999d6bdba29ddf25a759],
PUP.Optional.AdNetworkPerformance, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, En quarantaine, [dc5465dbfa9fbd794bfb6ad5877d857b],
PUP.Optional.PriceMoon, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, En quarantaine, [cb656ad6287163d35a4c93b22bd9f20e],
PUP.Optional.PriceMoon, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, En quarantaine, [e54be15f64353df9b9ed98adc63ee020],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_onclickads.net_0.localstorage, En quarantaine, [e24e5ce40099d5619d0550f6798b8977],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_onclickads.net_0.localstorage-journal, En quarantaine, [fd33a39dd5c42d094c566fd741c3cb35],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage, En quarantaine, [3af6211f584140f63a6884c202023dc3],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage-journal, En quarantaine, [a38d132daeeb1b1b8e1466e08f75b14f],
PUP.Optional.CrossRider, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [3cf45ce4ecad2b0b0fea5de9eb196f91],
PUP.Optional.CrossRider, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [17191030bcddad89c138d373887c6b95],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_04-16-2015.log, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0\4, En quarantaine, [c66a08381287082eb72b32a791719967],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\000003.log, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\CURRENT, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOCK, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG.old, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\MANIFEST-000001, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.WinYahoo, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Secure Preferences, Bon : ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Mauvais : ("session":{"restore_on_startup":4,"startup_urls":["https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindowsRemplacé,[c7690d337d1c270f6e680eed47bd24dc]B8.1&uref=chmm"]}}), %5
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 31/01/2016
Heure de l'analyse: 22:57
Fichier journal: Journal d'analyse.txt
Administrateur: Oui
Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.31.04
Base de données de rootkits: v2016.01.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Papa chéri
Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 705641
Temps écoulé: 52 min, 0 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 15
PUP.Optional.SeeMoreResultsHub, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4d1e47a2-d7d2-4bb1-8fa8-2055f856c8ea}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.SeeMoreResultsHub, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4D1E47A2-D7D2-4BB1-8FA8-2055F856C8EA}, En quarantaine, [ce621729455445f1e9a3a1ede51dc739],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, En quarantaine, [ad834bf5ecad2c0ac47acc9af70bc13f],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, En quarantaine, [ad834bf5ecad2c0ac47acc9af70bc13f],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, En quarantaine, [ad834bf5ecad2c0ac47acc9af70bc13f],
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\Naval Action.DynamicNS, En quarantaine, [6bc530106138152194174a4fd62c936d],
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Naval Action.DynamicNS, En quarantaine, [151bd86846536dc9ebc09405c33fa35d],
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Naval Action.DynamicNS, En quarantaine, [151bd86846536dc9ebc09405c33fa35d],
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER\VERSION 1, En quarantaine, [50e09aa6079263d3bf25ae932cd8a65a],
PUP.Optional.Gameo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\84F79A5_0, En quarantaine, [f53b033d1683cf676c9f1ac838ca847c],
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}, En quarantaine, [d55b7fc1e8b171c5a97e45c36c9847b9],
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, En quarantaine, [71bf8bb5eeab0432b3a73d0013f1b947],
Valeurs du Registre: 9
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER\Version 1|utm_source, installcore, En quarantaine, [50e09aa6079263d3bf25ae932cd8a65a]
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WINZIP REGISTRY OPTIMIZER\Version 1|utm_campaign, installcore, En quarantaine, [85ab350b4c4d8aac9b493d04d52f4ab6]
PUP.Optional.Gameo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\84f79a5_0, {2}.\\?\hdaudio#func_01&ven_10ec&dev_0668&subsys_1043129d&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Users\pascal\AppData\Roaming\Gameo\gameo.exe%b{00000000-0000-0000-0000-000000000000}, En quarantaine, [f53b033d1683cf676c9f1ac838ca847c]
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f[d55b7fc1e8b171c5a97e45c36c9847b9]D4%26b[d55b7fc1e8b171c5a97e45c36c9847b9]DIE%26cc[d55b7fc1e8b171c5a97e45c36c9847b9]Dfr%26pa[d55b7fc1e8b171c5a97e45c36c9847b9]DWincy%26cd[d55b7fc1e8b171c5a97e45c36c9847b9]D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr[d55b7fc1e8b171c5a97e45c36c9847b9]D1877264353%26a[d55b7fc1e8b171c5a97e45c36c9847b9]Dwncy_popjar_15_53_ssg04%26os_ver[d55b7fc1e8b171c5a97e45c36c9847b9]D6.3%26os[d55b7fc1e8b171c5a97e45c36c9847b9]DWindowsEn quarantaineB8.1&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f[9a9648f8405987af7bacc1473cc8fa06]D4%26b[9a9648f8405987af7bacc1473cc8fa06]DIE%26cc[9a9648f8405987af7bacc1473cc8fa06]Dfr%26pa[9a9648f8405987af7bacc1473cc8fa06]DWincy%26cd[9a9648f8405987af7bacc1473cc8fa06]D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr[9a9648f8405987af7bacc1473cc8fa06]D1877264353%26a[9a9648f8405987af7bacc1473cc8fa06]Dwncy_popjar_15_53_ssg04%26os_ver[9a9648f8405987af7bacc1473cc8fa06]D6.3%26os[9a9648f8405987af7bacc1473cc8fa06]DWindowsEn quarantaineB8.1&p={searchTerms}, %4, %5
PUP.Optional.Sputnik, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{5A2BF78A-8DE6-4B43-8D7B-AD23782B0E74}MACHINE\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSuggestURL, http://smartsputnik.ru/?ri=1&uid=9afe50c11a9cbad63a6201749b07157e&q={searchTerms}&t=suggest, En quarantaine, [52de350b1f7ae650784f13215da7e917]
PUP.Optional.Sputnik, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{5A2BF78A-8DE6-4B43-8D7B-AD23782B0E74}MACHINE\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderInstantURL, http://smartsputnik.ru/?ri=1&uid=9afe50c11a9cbad63a6201749b07157e&q={searchTerms}&t=instant, En quarantaine, [0c24a29e6c2d45f1e9de0c282fd53ec2]
PUP.Optional.Sputnik, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\GROUP POLICY OBJECTS\{5A2BF78A-8DE6-4B43-8D7B-AD23782B0E74}MACHINE\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, http://smartsputnik.ru/?ri=1&uid=9afe50c11a9cbad63a6201749b07157e&q={searchTerms}&t=search, En quarantaine, [aa862c148f0a42f408bf82b2020252ae]
Hijack.AutoConfigURL.ShrtCln, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://unstopp.me/wpad.dat?6acf5374a16748411ed33cbbdfd9b7e03316654, En quarantaine, [250b46fac9d0bd7903cbd5697b893ac6]
Données du Registre: 1
PUP.Optional.WinYahoo, HKU\S-1-5-21-4078325519-3032308924-4165110637-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D1877264353%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]Dwncy_popjar_15_53_ssg04%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]D6.3%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindows%2B8.1),Remplacé,[af8169d7504969cd46db557be51f7c84]DWindowsBon : (www.google.com)B8.1, %4, %5
Dossiers: 4
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0, En quarantaine, [c66a08381287082eb72b32a791719967],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
Fichiers: 93
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbia.exe.vir, En quarantaine, [a38dc8782b6e3ff72dd9e5ed837e4db3],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbici64.dll.vir, En quarantaine, [fb3545fbfa9fb97d88cd0db301032ad6],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbii32.exe.vir, En quarantaine, [78b8e25eb9e0d75fc67ea230d62be51b],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro3\spbii64.exe.vir, En quarantaine, [09276bd59801d85ecc79f1e17988c33d],
PUP.Optional.Boxore.WnskRST, C:\AdwCleaner\Quarantine\C\WINDOWS\SysWOW64\BoxoreService.dll.vir, En quarantaine, [290791afa7f272c4c45b727d3cc84cb4],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\K2A7UXY5\tiwr[1].exe, En quarantaine, [0927a799b6e321151da065ff8a789b65],
PUP.Optional.Amonetize, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\RCBX3C2X\Bundle[1].exe, En quarantaine, [d55b2f117326072f03bfa524fa074cb4],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\WYY4GXRI\4efece5b5586ee29871717baacdf4c7b[1].exe, En quarantaine, [62ce93ad2b6e8caae40684e06f93d828],
PUP.Optional.AdLoad, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\WYY4GXRI\prepreinstaller_win[1].exe, En quarantaine, [c868c17fc2d714228b3e8f483bc63dc3],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Microsoft\Windows\INetCache\IE\WYY4GXRI\HQYgq9r[1].exe, En quarantaine, [5fd167d93c5d350187c5229f12f2d927],
PUP.Optional.InstallCore, C:\Users\pascal\AppData\Local\Temp\ICReinstall_setup.exe, En quarantaine, [e14fcb75aaefeb4b66da89cf90717987],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsb7DA6.tmp, En quarantaine, [90a0d16fb5e40d29d079f4462ad8d62a],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsgAD66.tmp, En quarantaine, [f13fca76851451e5fe4b73c7c73bce32],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsoC0EB.tmp, En quarantaine, [56dac878d8c157df9dc6a52ea25f07f9],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsq53AC.tmp, En quarantaine, [82ae84bc8c0d78bedd6f19a8c44012ee],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\nsu971B.tmp, En quarantaine, [210f4ef2e0b977bf7dcc57e32bd7728e],
Adware.EoRezo, C:\Users\pascal\AppData\Local\Temp\D3Ren8bQUo.exe, En quarantaine, [e74967d9aced1b1b345b02ca1be6ee12],
PUP.Optional.Yontoo, C:\Users\pascal\AppData\Local\Temp\T05Ro0zp5h.exe, En quarantaine, [e947ec54a7f2c86e189b5fec54ad5da3],
Adware.EoRezo.Gen, C:\Users\pascal\AppData\Local\Temp\fi_d05273.exe, En quarantaine, [86aa320e5c3da98d6996696ce91847b9],
Adware.EoRezo.Gen, C:\Users\pascal\AppData\Local\Temp\fi_d06066.exe, En quarantaine, [50e0013fd2c75bdb857a4e8721e01ee2],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Local\Temp\Frnl1i0bUQ.exe, En quarantaine, [6ac6053b8b0ecd695eaf96500ff2f709],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Local\Temp\Install_31408\ins_shopperpro3.exe, En quarantaine, [be729ea22e6b3df923a09c36c63b7090],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.115\the forest alpha v0 22.exe., En quarantaine, [1a16f848e6b3d165b76c8d66da2a37c9],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.181\the forest alpha v0 22.exe., En quarantaine, [f93772ce178272c48f9433c017edcf31],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.263\the forest alpha v0 22.exe., En quarantaine, [3ef23a066c2d96a0d94aaa496e96837d],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.346\the forest early access 2014 pc repack.exe., En quarantaine, [a0908ab67a1f5bdb3ee58c6706fefe02],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.391\the forest alpha v0 22.exe., En quarantaine, [7db359e71e7b43f3fe254aa92ed6748c],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.524\the forest alpha v0 22.exe., En quarantaine, [ec444ef2d4c5280e39eab34016eeb54b],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.830\the forest early access 2014 pc repack.exe., En quarantaine, [ab85b8889702a393a77c9b582ada6e92],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.912\the forest early access 2014 pc repack.exe., En quarantaine, [7cb46dd3960369cd1b0829ca887cff01],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dia0.278\the forest early access 2014 pc repack.exe. , En quarantaine, [3af6ba860d8ce6502af906ed9074ac54],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dia0.510\the forest alpha v0 22.exe. , En quarantaine, [d759c67addbc013532f1bc37d43060a0],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dia0.865\the forest early access 2014 pc repack.exe. , En quarantaine, [c66a95ab36637db90023ea0902021be5],
PUP.Optional.Solimba, c:\users\pascal\appdata\local\temp\rar$dia0.993\painttool%20sai.exe. , En quarantaine, [c36dc0804455ff372fded0a3c33e55ab],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.025\the forest early access 2014 pc repack.exe., En quarantaine, [39f7e45c92076ccae043d32019eb37c9],
PUP.Optional.OutBrowse, C:\Users\pascal\AppData\Local\Temp\bVh92D31\setup.exe, En quarantaine, [ac84ac942e6b5dd9484bd2fa24dd03fd],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.086\the forest alpha v0 22.exe., En quarantaine, [29071b25a9f084b264bfd023f410f20e],
PUP.Optional.Astori, c:\users\pascal\appdata\local\temp\rar$dra0.086\the forest alpha v0 22.exe. , En quarantaine, [131d4ff1d0c9fe385ac910e336ce59a7],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\62793.WindApp.MON001.no.exe, En quarantaine, [161ab987b5e449edc47b5c93c53f03fd],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\62793.WindApp.MON001.no[1].exe, En quarantaine, [27090c340e8bfd3926199c53d4307789],
PUP.Optional.Clara, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\9zwWz2IQu7.exe, En quarantaine, [dd531729fa9f0c2a4af3a39149b835cb],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\jsdrv.exe.VIR, En quarantaine, [1e1269d737620531428115bd827f6c94],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\spbiu.exe.VIR, En quarantaine, [3bf552eea6f37bbb19edc50d4eb3bb45],
PUP.Optional.ShopperPro, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\spbiw.sys, En quarantaine, [dc5477c99801b6801becd00219e8a858],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\downloader.63399[1].exe, En quarantaine, [a18f67d9d6c351e5ea552dc238cc768a],
PUP.Optional.Elex, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ihpmserver.exe.VIR, En quarantaine, [61cfb09023763ff710def4c6b150eb15],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\shopperpro3.dll.VIR, En quarantaine, [cf6143fd5c3dff37d092da7aa45ccd33],
PUP.Optional.Nosibay, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\oa7tfYzo1F.exe, En quarantaine, [4fe1ed532f6ad5610e31975854b03cc4],
PUP.Optional.ConvertAd, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ASPackage.DIR\ASPackage.exe, En quarantaine, [939d251b475282b48984e7ff12efe31d],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\ShopperPro3.dll, En quarantaine, [d957df616f2a94a286dc94c045bbe61a],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\ShopperPro364.dll, En quarantaine, [dc5450f07f1a6bcb441ec490b848fe02],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\JSDriver\jsdrv.exe, En quarantaine, [71bf251bcbce4de97f44ac26cc358d73],
PUP.Optional.ShopperPro, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\JSDriver\jsdrv.sys, En quarantaine, [71bf4ff1c3d655e1b6535e74bb46659b],
PUP.Optional.ShopperPro, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\JSDriver\1.42.1.10633\jsdrv.sys, En quarantaine, [1b15e8582d6c6ec835d4ebe7b44da65a],
PUP.Optional.Goobzo, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\ShopperPro3.DIR\ShopperPro3\ShopperPro364.dll, En quarantaine, [10205ee29207c670aeb48acac040c040],
PUP.Optional.Elex, C:\Users\pascal\AppData\Roaming\ZHP\Quarantine\raydld.DIR\Raydld.exe, En quarantaine, [c9670739742582b41cd5dcdef20f52ae],
PUP.Optional.Astori, c:\users\pascal\desktop\the forest alpha v0 22.exe., En quarantaine, [1020ec54e8b1eb4bc65d2ec545bfca36],
PUP.Optional.Astori, c:\users\pascal\desktop\the forest early access 2014 pc repack.exe., En quarantaine, [1020fa4689102016c360995a7391d42c],
PUP.Optional.Astori, c:\users\pascal\desktop\the forest early access 2014 pc repack.exe. , En quarantaine, [bb752b152376b1854ad9e60d5da7d22e],
PUP.Optional.Yontoo, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage, En quarantaine, [81af7bc583163006b203a53ea55dc43c],
PUP.Optional.Yontoo, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal, En quarantaine, [161a112f6831290dab0a39aa40c20ef2],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage, En quarantaine, [949c63dd1089f93d03a90d09c93bbf41],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage-journal, En quarantaine, [de5251ef9ffab086ac00f125669e34cc],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, En quarantaine, [70c0ef51d9c042f4538cf62d31d352ae],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, En quarantaine, [aa86b28e811840f6ca15a0835da7d42c],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage, En quarantaine, [d45c3907b5e4da5c5b846db6ae56867a],
PUP.Optional.BoostSaves, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal, En quarantaine, [45eb231de5b41d192bb4a0838b79ba46],
PUP.Optional.Boxore.WnskRST, C:\Windows\Temp\BoxoreService.log, En quarantaine, [4fe1241ce8b137ff2c401d19788c10f0],
PUP.Optional.Boxore.WnskRST, C:\Windows\Temp\BoxoreServicer.log, En quarantaine, [e14fcb75455403337cf0ea4c59ab6997],
PUP.Optional.PastaLeads, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [9c94360a3861cf67faa99da163a15ba5],
PUP.Optional.PastaLeads, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [dd5376ca475259dd723165d90004de22],
PUP.Optional.AdNetworkPerformance, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, En quarantaine, [062aaf91b8e1999d6bdba29ddf25a759],
PUP.Optional.AdNetworkPerformance, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, En quarantaine, [dc5465dbfa9fbd794bfb6ad5877d857b],
PUP.Optional.PriceMoon, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, En quarantaine, [cb656ad6287163d35a4c93b22bd9f20e],
PUP.Optional.PriceMoon, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, En quarantaine, [e54be15f64353df9b9ed98adc63ee020],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_onclickads.net_0.localstorage, En quarantaine, [e24e5ce40099d5619d0550f6798b8977],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_onclickads.net_0.localstorage-journal, En quarantaine, [fd33a39dd5c42d094c566fd741c3cb35],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage, En quarantaine, [3af6211f584140f63a6884c202023dc3],
PUP.Optional.OnClickAds, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onclickads.net_0.localstorage-journal, En quarantaine, [a38d132daeeb1b1b8e1466e08f75b14f],
PUP.Optional.CrossRider, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [3cf45ce4ecad2b0b0fea5de9eb196f91],
PUP.Optional.CrossRider, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [17191030bcddad89c138d373887c6b95],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_04-16-2015.log, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.WinZipRegOp, C:\Users\pascal\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, En quarantaine, [8aa6ae92089156e08fa030a78c76817f],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0\4, En quarantaine, [c66a08381287082eb72b32a791719967],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\000003.log, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\CURRENT, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOCK, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG.old, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.CharmSavings, C:\Users\pascal\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\MANIFEST-000001, En quarantaine, [2a06ae92445542f42eb5bd1cb84a6799],
PUP.Optional.WinYahoo, C:\Users\pascal\AppData\Local\Chromium\User Data\Default\Secure Preferences, Bon : ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Mauvais : ("session":{"restore_on_startup":4,"startup_urls":["https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg04¶m1=1¶m2=f%3D7%26b%3Dchmm%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0BtByCyD0FtByDyE0Dzy0BtN0D0Tzu0StCyEyCtCtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyB0AyD0CtCyE0CtCtGyDyDyCtBtGtCtAyEyDtGyCyC0CyCtGzz0D0FyDtDtB0CtAzy0D0C0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByEtCzztD0FtCtGtC0DtDzztGyEtA0CtBtGzyyEyD0CtG0A0CtAtDtC0CyByE0F0DyEyE2QtN0A0LzuyE%26cr%3D1877264353%26a%3Dwncy_popjar_15_53_ssg04%26os_ver%3D6.3%26os%3DWindowsRemplacé,[c7690d337d1c270f6e680eed47bd24dc]B8.1&uref=chmm"]}}), %5
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)