Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 08/10/2016
Heure de l'analyse: 21:13
Fichier journal: ExamMalewareJambo.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.10.08.05
Base de données de rootkits: v2016.09.26.02
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: corentin
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 541658
Temps écoulé: 5 h, 55 min, 57 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 2
PUP.Optional.StartGo123, C:\Windows\SysWOW64\NetUtils2016.exe, 2756, Supprimer au redémarrage, [19ac31652179c96d293549a7c044817f]
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.exe, 3948, Supprimer au redémarrage, [02c3286eb9e126107adcc236b251d030]
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 32
PUP.Optional.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\6005f700424469895677896695fa2d44, En quarantaine, [814464327c1e1f1724310bfdfb0a8779],
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, En quarantaine, [dce99bfbf3a7e353c19d757b15ef08f8],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [3b8ae9ad900a5adcd2df36610ff3e818],
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [497c82144c4ec96de4b66433cb3729d7],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [f8cd8511c1d9b581e5cccccbe71b10f0],
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [c302a3f36e2c3006acee9bfc3ac84ab6],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [c10490062674171f456cf1a65aa88080],
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [685df99d6d2d88aee0ba583f9171bd43],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE, En quarantaine, [863f1581dac046f052cb1cd228db18e8],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\zdengine.EXE, En quarantaine, [1fa6fc9a445644f28a933bb357aca759],
PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, En quarantaine, [d2f34551adedb08617e8867741c2b050],
PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{654BB701-8330-442E-8029-8241EECE7D34}, En quarantaine, [408593035d3d3105b865d912e81cb050],
PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\updengine, En quarantaine, [7a4b3f5717831422ed316883f01429d7],
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, En quarantaine, [e1e47a1ce3b732040bf9dff3da2a22de],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\zdengine.EXE, En quarantaine, [2d98f2a4abefbb7b4ad3c02eb350946c],
PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SimpleMalwareProtector_RASMANCS, En quarantaine, [f8cd197df7a3b383b6e807f7b0537e82],
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Nimfind.exe, En quarantaine, [566f7e186238092db834488a3bc915eb],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\PARAMS, En quarantaine, [685d1a7ce6b4b2849e8a30c5bf45956b],
PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR, En quarantaine, [873ebcdac8d2e5513c640fef53b07090],
Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\zdwfp, En quarantaine, [279ec8cedfbb44f292ea26d622e1e31d],
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHNGTSvc, En quarantaine, [02c330667426c96d43d867786b9911ef],
PUP.Optional.ChromeHelper.ChrPRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GoogleChromeUpService, En quarantaine, [794cc3d321793cfa7b5fa32957ab27d9],
PUP.Optional.MaohaWiFi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaohaWifiNetPro, En quarantaine, [586d8d0948528da9c3954570e61e42be],
PUP.Optional.MaohaWiFi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaohaWifiSvr, En quarantaine, [7451fc9a6f2be74f1f3a823300047888],
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016srv, En quarantaine, [f9ccb6e0cecce94db5a7f9f724e0d42c],
PUP.Optional.CornerSunshine, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Sunshinesvc, En quarantaine, [eadb6036e9b1191d838500e58e76738d],
PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ProntSpooler, En quarantaine, [fdc8fb9be1b974c2cf88c137ef14936d],
PUP.Optional.InstallCore, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\csastats, En quarantaine, [2f960b8b2c6eac8a3050d129ec170ff1],
PUP.Optional.IDSCProduct, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\IDSC, En quarantaine, [3a8b1a7c6e2c5fd7314e6e8cda29e51b],
PUP.Optional.WinYahoo, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, En quarantaine, [d8ede9ad52482511f145718be122db25],
PUP.Optional.AdvancedSystemProtector, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\PARAMS, En quarantaine, [01c4088eb9e11026929cd02530d4ff01],
PUP.Optional.SimpleMP, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR, En quarantaine, [6f5652441189bd79405cf806ae55946c],
Valeurs du Registre: 9
Adware.Agent, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|msiql, C:\Windows\Temp\00026125\msiql.exe /RUNNING, En quarantaine, [9b2a9afca9f15cda7227152544bc20e0]
PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{654BB701-8330-442E-8029-8241EECE7D34}|Path, \updengine, En quarantaine, [408593035d3d3105b865d912e81cb050]
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\PARAMS|SMPInstalledPath, C:\Program Files (x86)\Simple Malware Protector, En quarantaine, [685d1a7ce6b4b2849e8a30c5bf45956b]
PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR|BuyNowURL, http://goto.simplestar.com/action/?product=SMP&LinkType=Purchase&Language=fr&BuildID=1&t=&UID=, En quarantaine, [873ebcdac8d2e5513c640fef53b07090]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=APSFImali&co=FR&userid=0efd3e80-ab5a-38cf-cf67-30de01b7892e&searchtype=sc&installDate=08/10/2016&barcodeid=50127003&channelid=3&av=windows, En quarantaine, [675eecaa4d4d39fd6f6d40b42ed57d83]
PUP.Optional.IDSCProduct, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\IDSC|partner, CMI3, En quarantaine, [3a8b1a7c6e2c5fd7314e6e8cda29e51b]
PUP.Optional.WinYahoo, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|filename, C:\Users\corentin\AppData\Local\{87D5B16E-A287-DC18-C9B1-FBCA156306F4}\UpdateTask.exe, En quarantaine, [d8ede9ad52482511f145718be122db25]
PUP.Optional.AdvancedSystemProtector, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\PARAMS|SMPInstalledPath, C:\Program Files (x86)\Simple Malware Protector, En quarantaine, [01c4088eb9e11026929cd02530d4ff01]
PUP.Optional.SimpleMP, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR|affiliateid, En quarantaine, [6f5652441189bd79405cf806ae55946c],
Données du Registre: 6
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[7a4bbfd73e5c57df258d5c135ca8a65a]
PUM.Optional.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[daeb8214603a77bfbac8abcee51fce32]
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[3e87187ef2a8fc3a77d32356749057a9]
Hijack.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[4085a1f5c3d75adc4e6496d9b54ff808]
PUM.Optional.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[11b444521a803cfad3af69103dc712ee]
PUP.Optional.Linkury, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[3d88375f16841f172425de9b29dbb54b]
Dossiers: 5
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, En quarantaine, [c2039df9b3e70f272ce252a23bc826da],
PUP.Optional.Tuto4PC, C:\Program Files\Caster, En quarantaine, [a81db0e62377290d29fed92663a01ee2],
PUP.Optional.UPUpdata, C:\Users\corentin\AppData\Roaming\UPUpdata, En quarantaine, [893c31656f2ba690c22971553fc309f7],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax, En quarantaine, [21a41b7b881263d38b322b718282f010],
Fichiers: 119
PUP.Optional.StartGo123, C:\Windows\SysWOW64\NetUtils2016.exe, Supprimer au redémarrage, [19ac31652179c96d293549a7c044817f],
PUP.Optional.Wajam.Generic, C:\Windows\System32\drivers\6005f700424469895677896695fa2d44.sys, En quarantaine, [814464327c1e1f1724310bfdfb0a8779],
Adware.Agent, C:\Windows\Temp\00026125\msiql.exe, En quarantaine, [9b2a9afca9f15cda7227152544bc20e0],
PUP.Optional.StartGo123, C:\Windows\System32\drivers\NetUtils2016.sys, En quarantaine, [dce99bfbf3a7e353c19d757b15ef08f8],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\Cloud.exe, En quarantaine, [5b6ae6b01981f3430ad53b51a65bbf41],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\PGChk.exe, En quarantaine, [daebade9fd9dd95d5cca0f5b47ba46ba],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\PGCommon.dll, En quarantaine, [467f5e383763af873ceab5b505fc24dc],
PUP.Optional.HDWallPaper, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\14759303086f1a7tmp.exe, En quarantaine, [7b4acfc7fb9fc373d7434386a06421df],
PUP.Optional.Tuto4PC, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\6DOD9P9Y7M.exe, En quarantaine, [e9dc8e08f0aa280ee8eca4412fd2b24e],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Cloud.exe, En quarantaine, [c7fe32643466d95d6e7127652ed3a957],
PUP.Optional.LogicHandler, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\set.exe, En quarantaine, [4283504612882610a84481dd768a8977],
PUP.Optional.AdvancedSystemProtector, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\SimpleMalwareProtectorSetup_ppc.exe, En quarantaine, [893c484e0f8b40f6877b3db85ca8c43c],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\zdengine.exe, En quarantaine, [eadbf99dd1c93bfb65f0039c639e936d],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\zdwfp64.sys, En quarantaine, [586d7125623821157cda2679659cc13f],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\MainService.exe, En quarantaine, [11b49afc8f0bea4ccb5b7af027dad729],
PUP.Optional.InstallCore, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\malwarebytes-anti-malware.exe, En quarantaine, [00c57f179ffb7fb79ccf72c9b150956b],
PUP.Optional.Linkury, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nettrans.exe, En quarantaine, [d8ed682e4d4d63d31849d531ef1647b9],
PUP.Optional.Amonetize, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\nsn4014.exe, En quarantaine, [794c0b8b8c0eda5c56f6b2f2788958a8],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\PGChk.exe, En quarantaine, [1ea78b0b4c4e082ed155d59502ff04fc],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\PGCommon.dll, En quarantaine, [a61f2175a8f20c2a7ea89cce8a7759a7],
PUP.Optional.Amonetize, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\sdfF3B8.exe, En quarantaine, [368fecaad4c6c57123c77c5040c17e82],
PUP.Optional.SimpleMP, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Simple Malware Protector.DIR\AppResource.dll, En quarantaine, [c9fcfb9b782284b2a0d0e3ff956c629e],
Trojan.Downloader, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\DanSailhold.exe, En quarantaine, [b4114d498d0d2313e2e22dacf80c1ae6],
PUP.Optional.Linkury.ACMB1, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\Namplus.dll, En quarantaine, [b213bfd7207ab3832d85e0f9d430cb35],
PUP.Optional.Linkury.ACMB1, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\Silverhold.dll, En quarantaine, [f6cf395d6337a294f6cf38a14bb91ce4],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\uninstall.exe, En quarantaine, [2e9797ff900ab185f8852ebacf35ba46],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdengine.dll, En quarantaine, [5d6899fd1c7e89ad8acbb0ef976a4db3],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdengine64.dll, En quarantaine, [2c99c7cfb3e744f29fb666391ae708f8],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdenginecert.dll, En quarantaine, [6e57e5b148525ed882d3336ca45d5ea2],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdinstaller.exe, En quarantaine, [9233d5c14b4f2e08371f1a856e934eb2],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdwfp.sys, En quarantaine, [0db8a9edbcde60d68ec8a3fcbf42ba46],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdwfp64.sys, En quarantaine, [2a9bf6a0217914225cfa7b243bc617e9],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\ziengine.exe, En quarantaine, [5174880ecad0bf77a4b17d2241c0c13f],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\ziengine64.exe, En quarantaine, [388d6432a0fa7db9183d3d622dd401ff],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\Cloud.exe, En quarantaine, [41843c5abfdbd85eeef1692349b8857b],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\MainService.exe, En quarantaine, [5e67bdd92e6ca88eb6701555986926da],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGChk.exe, En quarantaine, [289dccca3a60c373e83e46248b764db3],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGCommon.dll, En quarantaine, [883dfd994e4cc076b571c4a6e61b07f9],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGHelp.exe, En quarantaine, [8b3adbbb2f6bd95d9b8b80ea0ff27090],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGLog.exe, En quarantaine, [784daee8089262d436f07eec936ee61a],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGNet.exe, En quarantaine, [ffc6385e0d8d5adc939375f508f902fe],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGUpd.exe, En quarantaine, [8342e7afeab0013548dedb8f877adc24],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\ProxyGate.exe, En quarantaine, [9a2b7a1c207ac3730f175119e51cf709],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\Socket.exe, En quarantaine, [b01556408317b6809492313933ce33cd],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\TrafficMonitor.exe, En quarantaine, [0cb99402b9e1af874dd95713758c7888],
PUP.Optional.SystemHealer, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\SystemHealer\RescueMonitor.exe, En quarantaine, [5a6bbcdadfbbf64064546f787d8735cb],
PUP.Optional.WizzCaster, C:\Program Files\Caster\wizzcaster.exe, En quarantaine, [f5d01581a7f360d6544a6070ff0529d7],
PUP.Optional.SimpleMP, C:\Windows\System32\smpnative64.exe, En quarantaine, [6b5a6630900a5dd92749608215ec28d8],
PUP.Optional.StartGo123, C:\Windows\System32\NetUtils2016.dll, Supprimer au redémarrage, [14b11a7c9ffb50e68b5990449c68bb45],
PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll, Supprimer au redémarrage, [f9cccfc7673355e1f362dbc459a810f0],
PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll.rlwrgkr, En quarantaine, [3b8ac6d08e0c4aec8dc86b3418e9bc44],
PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.dll, Supprimer au redémarrage, [2e979bfbc9d1ac8a21345b44e31e3fc1],
PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.dll.rlwrgkr, En quarantaine, [a322672f2d6ddd599fb6d9c67e8343bd],
PUP.Optional.LogicHandler, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Unoex.bin, En quarantaine, [cdf8f3a33961171fea02b9a530d05ca4],
PUP.Optional.Linkury, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Vaiahome.bin, En quarantaine, [b312c7cfd8c2d561c29ff115bb4ad828],
PUP.Optional.Linkury, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Zaambam.bin, En quarantaine, [73520d89653561d57a408b1dfc05a060],
Trojan.KorAd, C:\Users\corentin\AppData\Local\Temp\KZ7ZData.7z, En quarantaine, [e4e121752e6c181eb7d14c91ee163fc1],
Trojan.KorAd, C:\Users\corentin\AppData\Local\Temp\my7zData.7z, En quarantaine, [4580bfd7415948eec5c39647966e8977],
PUP.Optional.Bundler, C:\Users\corentin\AppData\Local\Temp\fsdAF9.exe, En quarantaine, [daeb593db3e7bc7afad9a082d42c34cc],
PUP.Optional.BundleInstaller, C:\Users\corentin\AppData\Local\Temp\AB56.tmp.exe, En quarantaine, [8d380195128824123536845b71933dc3],
PUP.Optional.IDSCProduct, C:\Users\corentin\AppData\Local\Temp\DGDZ9S5I12.exe, En quarantaine, [dee77224a2f8d6606f909cc56e960ef2],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\Temp\00020833\hp.exe, En quarantaine, [5c69187eafebec4ae1f80fea21e3c838],
PUP.Optional.Elex, C:\Users\corentin\AppData\Local\Temp\00020833\kpzip.exe, En quarantaine, [f5d0187e5e3c86b07089efed8183b54b],
Adware.Agent, C:\Users\corentin\AppData\Local\Temp\00020833\msiql.exe, En quarantaine, [fbca92045743e05685147cbe5aa634cc],
Adware.Agent, C:\Users\corentin\AppData\Local\Temp\00020833\newAutoTime_51477.jpg, En quarantaine, [4d7841552179162090ef5891c440d828],
PUP.Optional.BitCoinMiner, C:\Users\corentin\AppData\Local\Temp\00020842\Zone2.exe, En quarantaine, [368f9ef8a3f7e452544c02d95fa27e82],
Adware.Kuaiba, C:\Users\corentin\AppData\Local\Temp\00021280\KuaiZip_Setup_129823379_zzlm_013.exe, En quarantaine, [f3d2ddb95d3d40f641d75603dc245ba5],
Adware.HPDefender, C:\Users\corentin\AppData\Local\Temp\8547F92A-4562-4B75-AE6C-B0043E1FA0EB\miwelahnus.ru_World.exe, En quarantaine, [c6ffb5e19307bd791310f613986d0ff1],
PUP.Optional.Amonetize, C:\Users\corentin\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, En quarantaine, [ab1ac8ced7c372c492588448ad547a86],
PUP.Optional.ConvertAd, C:\Windows\Temp\231.tmp, En quarantaine, [cff6f0a6752579bd074a06827e838878],
PUP.Optional.BitCoinMiner, C:\Windows\Temp\234.tmp, En quarantaine, [e4e19df91d7d67cfb7e92ead5ba653ad],
PUP.Optional.VBates, C:\Windows\Temp\239.tmp, En quarantaine, [8243d7bfc3d7da5cc72729b3f1107a86],
PUP.Optional.PreInstaller, C:\Windows\Temp\23A.tmp, En quarantaine, [9233593ddac00630d62dee3f1be630d0],
Trojan.Agent, C:\Windows\Temp\nsoEBC9.tmp\prepreinstaller_win.exe, En quarantaine, [3e870195306a93a35865d6f638cc59a7],
Adware.Agent, C:\Windows\Temp\00021130\msiql.exe, En quarantaine, [00c5f99dc8d2979f475290aaec14a15f],
PUP.Optional.InstallCore, C:\Users\corentin\Downloads\camstudio.exe, En quarantaine, [7253573f18827abc0e5deb50ee130ff1],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\1.tmp.exe, En quarantaine, [aa1b16804a500e284e52ffc0768db24e],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\2.tmp.exe, En quarantaine, [0db8fd9983170b2b5c441da27b88619f],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\3.tmp.exe, En quarantaine, [13b2a0f61d7ded49930d13ac43c0936d],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\4.tmp.exe, En quarantaine, [18adb4e24c4ea88ed5cb2c93c43f0ef2],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\5.tmp.exe, En quarantaine, [08bd583e5941280e049c3b840af960a0],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\6.tmp.exe, En quarantaine, [d2f39bfb6832c96d039dfbc4b1529e62],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\7.tmp.exe, En quarantaine, [4184eda98e0cdd594759f8c7a3607f81],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\8.tmp.exe, En quarantaine, [edd8009693072412d6caffc08380bd43],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\9.tmp.exe, En quarantaine, [2f966432ecaedb5b2a76447b29daa45c],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Local\Temp\ziengine.ini.log, En quarantaine, [7550187e5c3e58de8194c92554afbc44],
PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, En quarantaine, [834263332278da5c1df8d01e08fb7b85],
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, En quarantaine, [72538610c2d863d37a9c9f4fb84bb947],
PUP.Optional.Komodia.WnskRST, C:\Windows\System32\zdengineOff.ini, En quarantaine, [daeb63332b6fe74f4ece4ba342c19a66],
PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zdengineOff.ini, En quarantaine, [3194eda9b4e63df9d04c49a5867de31d],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Round-Fix.ico, En quarantaine, [c2039df9b3e70f272ce252a23bc826da],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Zerlex.ico, En quarantaine, [c2039df9b3e70f272ce252a23bc826da],
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.exe, Supprimer au redémarrage, [02c3286eb9e126107adcc236b251d030],
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.InstallLog, En quarantaine, [dee7a1f5d0ca91a5de786f891ce73ac6],
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.InstallState, En quarantaine, [e9dc5e382c6e0a2c292d708823e040c0],
PUP.Optional.Tuto4PC, C:\Program Files\Caster\Uninstaller.exe, En quarantaine, [a81db0e62377290d29fed92663a01ee2],
PUP.Optional.Komodia, C:\Windows\System32\Tasks\updengine, En quarantaine, [9d287e189604c3733fe0915a1be9a35d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\InstallationConfiguration.xml, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.dat, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.exe, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.ico, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Mozilla\Firefox\Profiles\z3rncwsl.default\searchplugins\mke2h7o3.xml, En quarantaine, [b80deaacf1a93402f96fabf262a2639d],
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.newtab.url", "http://www.trotux.com/?z=d15a719ae76847fb01f863egez0m8w9t4c3ebc9w3g&from=clc&uid=ST1000LM024XHN-M101MBB_S2WZJ90D480891480891&type=hp");), Remplacé,[44814a4c05957fb71a83777536cea060]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (;
user_pref("app.update.lastUpdateTime.search-engine-up), Remplacé,[fdc80096dac05fd70a935993a55f39c7]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (s file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change t), Remplacé,[6e578610e9b10b2b564704e8d62e15eb]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (s running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfin), Remplacé,[2b9aaaec6a301323f7a678742bd9b34d]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (nces, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind", true);
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.auto", false);
user_pref("ap), Remplacé,[c2036d29910932042578dd0f64a04eb2]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (ges will be overwritten when the application exits.
), Remplacé,[06bfd8beaeec8bab18850ddfd430d030]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (cessibility.typeaheadfind", true);
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", false);
user), Remplacé,[7154cbcb1f7bcb6b0b926686c93b24dc]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\searchplugins\mke2h7o3.xml, En quarantaine, [388d2c6a0199e4522b6fc428e81c8a76],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 08/10/2016
Heure de l'analyse: 21:13
Fichier journal: ExamMalewareJambo.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.10.08.05
Base de données de rootkits: v2016.09.26.02
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: corentin
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 541658
Temps écoulé: 5 h, 55 min, 57 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 2
PUP.Optional.StartGo123, C:\Windows\SysWOW64\NetUtils2016.exe, 2756, Supprimer au redémarrage, [19ac31652179c96d293549a7c044817f]
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.exe, 3948, Supprimer au redémarrage, [02c3286eb9e126107adcc236b251d030]
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 32
PUP.Optional.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\6005f700424469895677896695fa2d44, En quarantaine, [814464327c1e1f1724310bfdfb0a8779],
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, En quarantaine, [dce99bfbf3a7e353c19d757b15ef08f8],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [3b8ae9ad900a5adcd2df36610ff3e818],
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [497c82144c4ec96de4b66433cb3729d7],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [f8cd8511c1d9b581e5cccccbe71b10f0],
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [c302a3f36e2c3006acee9bfc3ac84ab6],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [c10490062674171f456cf1a65aa88080],
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [685df99d6d2d88aee0ba583f9171bd43],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE, En quarantaine, [863f1581dac046f052cb1cd228db18e8],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\zdengine.EXE, En quarantaine, [1fa6fc9a445644f28a933bb357aca759],
PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, En quarantaine, [d2f34551adedb08617e8867741c2b050],
PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{654BB701-8330-442E-8029-8241EECE7D34}, En quarantaine, [408593035d3d3105b865d912e81cb050],
PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\updengine, En quarantaine, [7a4b3f5717831422ed316883f01429d7],
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, En quarantaine, [e1e47a1ce3b732040bf9dff3da2a22de],
PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\zdengine.EXE, En quarantaine, [2d98f2a4abefbb7b4ad3c02eb350946c],
PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SimpleMalwareProtector_RASMANCS, En quarantaine, [f8cd197df7a3b383b6e807f7b0537e82],
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Nimfind.exe, En quarantaine, [566f7e186238092db834488a3bc915eb],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\PARAMS, En quarantaine, [685d1a7ce6b4b2849e8a30c5bf45956b],
PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR, En quarantaine, [873ebcdac8d2e5513c640fef53b07090],
Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\zdwfp, En quarantaine, [279ec8cedfbb44f292ea26d622e1e31d],
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHNGTSvc, En quarantaine, [02c330667426c96d43d867786b9911ef],
PUP.Optional.ChromeHelper.ChrPRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GoogleChromeUpService, En quarantaine, [794cc3d321793cfa7b5fa32957ab27d9],
PUP.Optional.MaohaWiFi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaohaWifiNetPro, En quarantaine, [586d8d0948528da9c3954570e61e42be],
PUP.Optional.MaohaWiFi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaohaWifiSvr, En quarantaine, [7451fc9a6f2be74f1f3a823300047888],
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016srv, En quarantaine, [f9ccb6e0cecce94db5a7f9f724e0d42c],
PUP.Optional.CornerSunshine, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Sunshinesvc, En quarantaine, [eadb6036e9b1191d838500e58e76738d],
PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ProntSpooler, En quarantaine, [fdc8fb9be1b974c2cf88c137ef14936d],
PUP.Optional.InstallCore, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\csastats, En quarantaine, [2f960b8b2c6eac8a3050d129ec170ff1],
PUP.Optional.IDSCProduct, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\IDSC, En quarantaine, [3a8b1a7c6e2c5fd7314e6e8cda29e51b],
PUP.Optional.WinYahoo, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, En quarantaine, [d8ede9ad52482511f145718be122db25],
PUP.Optional.AdvancedSystemProtector, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\PARAMS, En quarantaine, [01c4088eb9e11026929cd02530d4ff01],
PUP.Optional.SimpleMP, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR, En quarantaine, [6f5652441189bd79405cf806ae55946c],
Valeurs du Registre: 9
Adware.Agent, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|msiql, C:\Windows\Temp\00026125\msiql.exe /RUNNING, En quarantaine, [9b2a9afca9f15cda7227152544bc20e0]
PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{654BB701-8330-442E-8029-8241EECE7D34}|Path, \updengine, En quarantaine, [408593035d3d3105b865d912e81cb050]
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\PARAMS|SMPInstalledPath, C:\Program Files (x86)\Simple Malware Protector, En quarantaine, [685d1a7ce6b4b2849e8a30c5bf45956b]
PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR|BuyNowURL, http://goto.simplestar.com/action/?product=SMP&LinkType=Purchase&Language=fr&BuildID=1&t=&UID=, En quarantaine, [873ebcdac8d2e5513c640fef53b07090]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=APSFImali&co=FR&userid=0efd3e80-ab5a-38cf-cf67-30de01b7892e&searchtype=sc&installDate=08/10/2016&barcodeid=50127003&channelid=3&av=windows, En quarantaine, [675eecaa4d4d39fd6f6d40b42ed57d83]
PUP.Optional.IDSCProduct, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\IDSC|partner, CMI3, En quarantaine, [3a8b1a7c6e2c5fd7314e6e8cda29e51b]
PUP.Optional.WinYahoo, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|filename, C:\Users\corentin\AppData\Local\{87D5B16E-A287-DC18-C9B1-FBCA156306F4}\UpdateTask.exe, En quarantaine, [d8ede9ad52482511f145718be122db25]
PUP.Optional.AdvancedSystemProtector, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\PARAMS|SMPInstalledPath, C:\Program Files (x86)\Simple Malware Protector, En quarantaine, [01c4088eb9e11026929cd02530d4ff01]
PUP.Optional.SimpleMP, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR|affiliateid, En quarantaine, [6f5652441189bd79405cf806ae55946c],
Données du Registre: 6
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[7a4bbfd73e5c57df258d5c135ca8a65a]
PUM.Optional.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[daeb8214603a77bfbac8abcee51fce32]
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[3e87187ef2a8fc3a77d32356749057a9]
Hijack.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[4085a1f5c3d75adc4e6496d9b54ff808]
PUM.Optional.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[11b444521a803cfad3af69103dc712ee]
PUP.Optional.Linkury, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[3d88375f16841f172425de9b29dbb54b]
Dossiers: 5
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, En quarantaine, [c2039df9b3e70f272ce252a23bc826da],
PUP.Optional.Tuto4PC, C:\Program Files\Caster, En quarantaine, [a81db0e62377290d29fed92663a01ee2],
PUP.Optional.UPUpdata, C:\Users\corentin\AppData\Roaming\UPUpdata, En quarantaine, [893c31656f2ba690c22971553fc309f7],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax, En quarantaine, [21a41b7b881263d38b322b718282f010],
Fichiers: 119
PUP.Optional.StartGo123, C:\Windows\SysWOW64\NetUtils2016.exe, Supprimer au redémarrage, [19ac31652179c96d293549a7c044817f],
PUP.Optional.Wajam.Generic, C:\Windows\System32\drivers\6005f700424469895677896695fa2d44.sys, En quarantaine, [814464327c1e1f1724310bfdfb0a8779],
Adware.Agent, C:\Windows\Temp\00026125\msiql.exe, En quarantaine, [9b2a9afca9f15cda7227152544bc20e0],
PUP.Optional.StartGo123, C:\Windows\System32\drivers\NetUtils2016.sys, En quarantaine, [dce99bfbf3a7e353c19d757b15ef08f8],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\Cloud.exe, En quarantaine, [5b6ae6b01981f3430ad53b51a65bbf41],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\PGChk.exe, En quarantaine, [daebade9fd9dd95d5cca0f5b47ba46ba],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\PGCommon.dll, En quarantaine, [467f5e383763af873ceab5b505fc24dc],
PUP.Optional.HDWallPaper, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\14759303086f1a7tmp.exe, En quarantaine, [7b4acfc7fb9fc373d7434386a06421df],
PUP.Optional.Tuto4PC, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\6DOD9P9Y7M.exe, En quarantaine, [e9dc8e08f0aa280ee8eca4412fd2b24e],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Cloud.exe, En quarantaine, [c7fe32643466d95d6e7127652ed3a957],
PUP.Optional.LogicHandler, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\set.exe, En quarantaine, [4283504612882610a84481dd768a8977],
PUP.Optional.AdvancedSystemProtector, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\SimpleMalwareProtectorSetup_ppc.exe, En quarantaine, [893c484e0f8b40f6877b3db85ca8c43c],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\zdengine.exe, En quarantaine, [eadbf99dd1c93bfb65f0039c639e936d],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\zdwfp64.sys, En quarantaine, [586d7125623821157cda2679659cc13f],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\MainService.exe, En quarantaine, [11b49afc8f0bea4ccb5b7af027dad729],
PUP.Optional.InstallCore, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\malwarebytes-anti-malware.exe, En quarantaine, [00c57f179ffb7fb79ccf72c9b150956b],
PUP.Optional.Linkury, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nettrans.exe, En quarantaine, [d8ed682e4d4d63d31849d531ef1647b9],
PUP.Optional.Amonetize, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\nsn4014.exe, En quarantaine, [794c0b8b8c0eda5c56f6b2f2788958a8],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\PGChk.exe, En quarantaine, [1ea78b0b4c4e082ed155d59502ff04fc],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\PGCommon.dll, En quarantaine, [a61f2175a8f20c2a7ea89cce8a7759a7],
PUP.Optional.Amonetize, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\sdfF3B8.exe, En quarantaine, [368fecaad4c6c57123c77c5040c17e82],
PUP.Optional.SimpleMP, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Simple Malware Protector.DIR\AppResource.dll, En quarantaine, [c9fcfb9b782284b2a0d0e3ff956c629e],
Trojan.Downloader, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\DanSailhold.exe, En quarantaine, [b4114d498d0d2313e2e22dacf80c1ae6],
PUP.Optional.Linkury.ACMB1, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\Namplus.dll, En quarantaine, [b213bfd7207ab3832d85e0f9d430cb35],
PUP.Optional.Linkury.ACMB1, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\Silverhold.dll, En quarantaine, [f6cf395d6337a294f6cf38a14bb91ce4],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\uninstall.exe, En quarantaine, [2e9797ff900ab185f8852ebacf35ba46],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdengine.dll, En quarantaine, [5d6899fd1c7e89ad8acbb0ef976a4db3],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdengine64.dll, En quarantaine, [2c99c7cfb3e744f29fb666391ae708f8],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdenginecert.dll, En quarantaine, [6e57e5b148525ed882d3336ca45d5ea2],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdinstaller.exe, En quarantaine, [9233d5c14b4f2e08371f1a856e934eb2],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdwfp.sys, En quarantaine, [0db8a9edbcde60d68ec8a3fcbf42ba46],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdwfp64.sys, En quarantaine, [2a9bf6a0217914225cfa7b243bc617e9],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\ziengine.exe, En quarantaine, [5174880ecad0bf77a4b17d2241c0c13f],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\ziengine64.exe, En quarantaine, [388d6432a0fa7db9183d3d622dd401ff],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\Cloud.exe, En quarantaine, [41843c5abfdbd85eeef1692349b8857b],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\MainService.exe, En quarantaine, [5e67bdd92e6ca88eb6701555986926da],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGChk.exe, En quarantaine, [289dccca3a60c373e83e46248b764db3],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGCommon.dll, En quarantaine, [883dfd994e4cc076b571c4a6e61b07f9],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGHelp.exe, En quarantaine, [8b3adbbb2f6bd95d9b8b80ea0ff27090],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGLog.exe, En quarantaine, [784daee8089262d436f07eec936ee61a],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGNet.exe, En quarantaine, [ffc6385e0d8d5adc939375f508f902fe],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGUpd.exe, En quarantaine, [8342e7afeab0013548dedb8f877adc24],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\ProxyGate.exe, En quarantaine, [9a2b7a1c207ac3730f175119e51cf709],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\Socket.exe, En quarantaine, [b01556408317b6809492313933ce33cd],
PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\TrafficMonitor.exe, En quarantaine, [0cb99402b9e1af874dd95713758c7888],
PUP.Optional.SystemHealer, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\SystemHealer\RescueMonitor.exe, En quarantaine, [5a6bbcdadfbbf64064546f787d8735cb],
PUP.Optional.WizzCaster, C:\Program Files\Caster\wizzcaster.exe, En quarantaine, [f5d01581a7f360d6544a6070ff0529d7],
PUP.Optional.SimpleMP, C:\Windows\System32\smpnative64.exe, En quarantaine, [6b5a6630900a5dd92749608215ec28d8],
PUP.Optional.StartGo123, C:\Windows\System32\NetUtils2016.dll, Supprimer au redémarrage, [14b11a7c9ffb50e68b5990449c68bb45],
PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll, Supprimer au redémarrage, [f9cccfc7673355e1f362dbc459a810f0],
PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll.rlwrgkr, En quarantaine, [3b8ac6d08e0c4aec8dc86b3418e9bc44],
PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.dll, Supprimer au redémarrage, [2e979bfbc9d1ac8a21345b44e31e3fc1],
PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.dll.rlwrgkr, En quarantaine, [a322672f2d6ddd599fb6d9c67e8343bd],
PUP.Optional.LogicHandler, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Unoex.bin, En quarantaine, [cdf8f3a33961171fea02b9a530d05ca4],
PUP.Optional.Linkury, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Vaiahome.bin, En quarantaine, [b312c7cfd8c2d561c29ff115bb4ad828],
PUP.Optional.Linkury, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Zaambam.bin, En quarantaine, [73520d89653561d57a408b1dfc05a060],
Trojan.KorAd, C:\Users\corentin\AppData\Local\Temp\KZ7ZData.7z, En quarantaine, [e4e121752e6c181eb7d14c91ee163fc1],
Trojan.KorAd, C:\Users\corentin\AppData\Local\Temp\my7zData.7z, En quarantaine, [4580bfd7415948eec5c39647966e8977],
PUP.Optional.Bundler, C:\Users\corentin\AppData\Local\Temp\fsdAF9.exe, En quarantaine, [daeb593db3e7bc7afad9a082d42c34cc],
PUP.Optional.BundleInstaller, C:\Users\corentin\AppData\Local\Temp\AB56.tmp.exe, En quarantaine, [8d380195128824123536845b71933dc3],
PUP.Optional.IDSCProduct, C:\Users\corentin\AppData\Local\Temp\DGDZ9S5I12.exe, En quarantaine, [dee77224a2f8d6606f909cc56e960ef2],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\Temp\00020833\hp.exe, En quarantaine, [5c69187eafebec4ae1f80fea21e3c838],
PUP.Optional.Elex, C:\Users\corentin\AppData\Local\Temp\00020833\kpzip.exe, En quarantaine, [f5d0187e5e3c86b07089efed8183b54b],
Adware.Agent, C:\Users\corentin\AppData\Local\Temp\00020833\msiql.exe, En quarantaine, [fbca92045743e05685147cbe5aa634cc],
Adware.Agent, C:\Users\corentin\AppData\Local\Temp\00020833\newAutoTime_51477.jpg, En quarantaine, [4d7841552179162090ef5891c440d828],
PUP.Optional.BitCoinMiner, C:\Users\corentin\AppData\Local\Temp\00020842\Zone2.exe, En quarantaine, [368f9ef8a3f7e452544c02d95fa27e82],
Adware.Kuaiba, C:\Users\corentin\AppData\Local\Temp\00021280\KuaiZip_Setup_129823379_zzlm_013.exe, En quarantaine, [f3d2ddb95d3d40f641d75603dc245ba5],
Adware.HPDefender, C:\Users\corentin\AppData\Local\Temp\8547F92A-4562-4B75-AE6C-B0043E1FA0EB\miwelahnus.ru_World.exe, En quarantaine, [c6ffb5e19307bd791310f613986d0ff1],
PUP.Optional.Amonetize, C:\Users\corentin\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, En quarantaine, [ab1ac8ced7c372c492588448ad547a86],
PUP.Optional.ConvertAd, C:\Windows\Temp\231.tmp, En quarantaine, [cff6f0a6752579bd074a06827e838878],
PUP.Optional.BitCoinMiner, C:\Windows\Temp\234.tmp, En quarantaine, [e4e19df91d7d67cfb7e92ead5ba653ad],
PUP.Optional.VBates, C:\Windows\Temp\239.tmp, En quarantaine, [8243d7bfc3d7da5cc72729b3f1107a86],
PUP.Optional.PreInstaller, C:\Windows\Temp\23A.tmp, En quarantaine, [9233593ddac00630d62dee3f1be630d0],
Trojan.Agent, C:\Windows\Temp\nsoEBC9.tmp\prepreinstaller_win.exe, En quarantaine, [3e870195306a93a35865d6f638cc59a7],
Adware.Agent, C:\Windows\Temp\00021130\msiql.exe, En quarantaine, [00c5f99dc8d2979f475290aaec14a15f],
PUP.Optional.InstallCore, C:\Users\corentin\Downloads\camstudio.exe, En quarantaine, [7253573f18827abc0e5deb50ee130ff1],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\1.tmp.exe, En quarantaine, [aa1b16804a500e284e52ffc0768db24e],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\2.tmp.exe, En quarantaine, [0db8fd9983170b2b5c441da27b88619f],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\3.tmp.exe, En quarantaine, [13b2a0f61d7ded49930d13ac43c0936d],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\4.tmp.exe, En quarantaine, [18adb4e24c4ea88ed5cb2c93c43f0ef2],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\5.tmp.exe, En quarantaine, [08bd583e5941280e049c3b840af960a0],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\6.tmp.exe, En quarantaine, [d2f39bfb6832c96d039dfbc4b1529e62],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\7.tmp.exe, En quarantaine, [4184eda98e0cdd594759f8c7a3607f81],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\8.tmp.exe, En quarantaine, [edd8009693072412d6caffc08380bd43],
Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\9.tmp.exe, En quarantaine, [2f966432ecaedb5b2a76447b29daa45c],
PUP.Optional.Komodia, C:\Users\corentin\AppData\Local\Temp\ziengine.ini.log, En quarantaine, [7550187e5c3e58de8194c92554afbc44],
PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, En quarantaine, [834263332278da5c1df8d01e08fb7b85],
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, En quarantaine, [72538610c2d863d37a9c9f4fb84bb947],
PUP.Optional.Komodia.WnskRST, C:\Windows\System32\zdengineOff.ini, En quarantaine, [daeb63332b6fe74f4ece4ba342c19a66],
PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zdengineOff.ini, En quarantaine, [3194eda9b4e63df9d04c49a5867de31d],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Round-Fix.ico, En quarantaine, [c2039df9b3e70f272ce252a23bc826da],
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Zerlex.ico, En quarantaine, [c2039df9b3e70f272ce252a23bc826da],
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.exe, Supprimer au redémarrage, [02c3286eb9e126107adcc236b251d030],
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.InstallLog, En quarantaine, [dee7a1f5d0ca91a5de786f891ce73ac6],
PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.InstallState, En quarantaine, [e9dc5e382c6e0a2c292d708823e040c0],
PUP.Optional.Tuto4PC, C:\Program Files\Caster\Uninstaller.exe, En quarantaine, [a81db0e62377290d29fed92663a01ee2],
PUP.Optional.Komodia, C:\Windows\System32\Tasks\updengine, En quarantaine, [9d287e189604c3733fe0915a1be9a35d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\InstallationConfiguration.xml, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.dat, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.exe, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.ico, En quarantaine, [21a41b7b881263d38b322b718282f010],
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Mozilla\Firefox\Profiles\z3rncwsl.default\searchplugins\mke2h7o3.xml, En quarantaine, [b80deaacf1a93402f96fabf262a2639d],
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.newtab.url", "http://www.trotux.com/?z=d15a719ae76847fb01f863egez0m8w9t4c3ebc9w3g&from=clc&uid=ST1000LM024XHN-M101MBB_S2WZJ90D480891480891&type=hp");), Remplacé,[44814a4c05957fb71a83777536cea060]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (;
user_pref("app.update.lastUpdateTime.search-engine-up), Remplacé,[fdc80096dac05fd70a935993a55f39c7]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (s file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change t), Remplacé,[6e578610e9b10b2b564704e8d62e15eb]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (s running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfin), Remplacé,[2b9aaaec6a301323f7a678742bd9b34d]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (nces, you can visit the URL about:config
*/
user_pref("accessibility.typeaheadfind", true);
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.auto", false);
user_pref("ap), Remplacé,[c2036d29910932042578dd0f64a04eb2]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (ges will be overwritten when the application exits.
), Remplacé,[06bfd8beaeec8bab18850ddfd430d030]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (cessibility.typeaheadfind", true);
user_pref("accessibility.typeaheadfind.flashBar", 0);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", false);
user), Remplacé,[7154cbcb1f7bcb6b0b926686c93b24dc]
PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\searchplugins\mke2h7o3.xml, En quarantaine, [388d2c6a0199e4522b6fc428e81c8a76],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)