Publicité
Publicité
Format du document : text/plain
Prévisualisation
# AdwCleaner 7.0.8.0 - Logfile created on Fri Mar 02 12:51:40 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 03-01-2018.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
PUP.Optional.ProxyGate, pgt_svc
Trojan.Agent, WinDefender
PUP.Adware.Heuristic, 709872e348c453b5f2c04f1e6e761268
PUP.Adware.Heuristic, 942a8dfecbe780a751e44976707a5dfd
PUP.Adware.Heuristic, b0eae94c9ca4610002a5b214af782cc3
***** [ Folders ] *****
PUP.Optional.Legacy, C:\Users\Théo\AppData\Roaming\browsers
PUP.Optional.Legacy, C:\Windows\System32\SSL
PUP.Optional.Legacy, C:\Windows\SysWOW64\SSL
PUP.Optional.Legacy, C:\Users\Théo\AppData\Local\AdvinstAnalytics
Adware.Tuto4PC, C:\Users\Théo\AppData\Local\Temp\ShutdownTime
Adware.Tuto4PC, C:\Program Files (x86)\bestDownloader
Adware.Tuto4PC, C:\Users\Théo\AppData\Local\Temp\bestDownloader
PUP.Optional.BitCoinMiner, C:\Users\Théo\AppData\Roaming\gplyra
PUP.Optional.FastDataX, C:\Users\Théo\AppData\Roaming\FastDataX
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare
PUP.Optional.OneSystemCare, C:\Users\Théo\AppData\Roaming\OneSystemCare
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
PUP.Optional.OneSystemCare, C:\Users\Théo\AppData\Roaming\One System Care
PUP.Optional.SystemHealer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
PUP.Optional.SystemHealer, C:\Users\Théo\AppData\Roaming\System Healer
PUP.Optional.SystemHealer, C:\Program Files (x86)\SystemHealer
PUP.Optional.SystemHealer, C:\Users\Théo\AppData\Roaming\SystemHealer
PUP.Optional.ProxyGate, C:\Program Files (x86)\ProxyGate
Adware.OnlineIO, C:\ProgramData\Microleaves
Adware.OnlineIO, C:\ProgramData\Application Data\Microleaves
Adware.OnlineIO, C:\Program Files (x86)\Microleaves
Adware.OnlineIO, C:\Users\All Users\Microleaves
Adware.OnlineIO, C:\Users\Théo\AppData\Roaming\Microleaves
Trojan.Agent, C:\Windows\rss
Adware.NeoBar, C:\Program Files (x86)\seyizDCNnFUn
Adware.NeoBar, C:\Program Files (x86)\pBsTWTvYOXtU2
Adware.NeoBar, C:\Program Files (x86)\mexiCphuiIE
Adware.NeoBar, C:\Program Files (x86)\GveoMZenU
Adware.NeoBar, C:\Program Files (x86)\zKUGIuVeiGvyC
Adware.NeoBar, C:\Program Files (x86)\eDQUsUcxIryKmPtCCUR
PUP.Optional.SoftUpgrade, C:\Program Files (x86)\SoftUpgrade
PUP.Optional.InterStat, C:\Users\Théo\AppData\Roaming\Interstatnogui
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.1stBrowser, C:\Users\Théo\AppData\Roaming\SPI
PUP.Optional.Glupteba, C:\Users\Théo\AppData\Roaming\EpicNet Inc
PUP.Optional.Glupteba, C:\Users\Théo\AppData\Roaming\EpicNet Inc.
PUP.Optional.MirageISO, C:\Users\Public\Documents\XMUpdate
PUP.Adware.Heuristic, C:\Program Files\b0eae94c9ca4610002a5b214af782cc3
PUP.Adware.Heuristic, C:\Program Files\88eaffc855bc153f3fce99e7e80652ac
PUP.Adware.Heuristic, C:\ProgramData\0bf6b030-4f77-1
PUP.Adware.Heuristic, C:\ProgramData\0bf6b030-6c07-0
PUP.Adware.Heuristic, C:\ProgramData\5a0e9510-3881-1
PUP.Adware.Heuristic, C:\ProgramData\5a0e9510-65c5-0
***** [ Files ] *****
PUP.Optional.Legacy, C:\Users\Théo\appdata\local\installationconfiguration.xml
PUP.Optional.ChinAd, C:\Windows\SysNative\drivers\wfcre.sys
Adware.Linkury, C:\Users\Théo\AppData\Local\PO.DB
PUP.Optional.OneSystemCare, C:\Users\Théo\Desktop\Launch One System Care.lnk
PUP.Optional.SystemHealer, C:\Users\Théo\Desktop\Launch System Healer.lnk
Trojan.Downloader, C:\ProgramData\service.exe
Trojan.Downloader, C:\ProgramData\Application Data\service.exe
Trojan.Downloader, C:\Users\All Users\service.exe
Trojan.Agent, C:\Windows\windefender.exe
Trojan.Agent, C:\Windows\SysNative\drivers\WinmonProcessMonitor.sys
Trojan.Agent, C:\Windows\SysNative\drivers\WinmonFS.sys
Trojan.Agent, C:\Windows\SysNative\drivers\Winmon.sys
PUP.Optional.OnlineIO, C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.Legacy, Online Application V2G1
PUP.Optional.Legacy, Online Application V2G3
PUP.Optional.Legacy, Online Application V2G2
PUP.Optional.Legacy, One System Care Monitor
PUP.Optional.BitCoinMiner, LaCieS
PUP.Optional.FastDataX, FastDataX Task
PUP.Optional.OneSystemCare, OneSystemCare Task
PUP.Optional.SystemHealer, SystemHealer Task
PUP.Optional.SystemHealer, System Healer Monitor
Adware.OnlineIO, Online Application V2G6
Adware.OnlineIO, Online Application V2G4
Adware.OnlineIO, Online Application V2G5
Adware.NeoBar, OHurYzwpfZsLsh
Adware.NeoBar, wXkHuguozQzssiw2
Adware.NeoBar, oWotDXBujaUxMpNAqmS2
Adware.NeoBar, VTsFYYvpoVEusFPoU2
PUP.Optional.SoftUpgrade, SoftUpgrade
PUP.Optional.Microleaves, Updater_Online_Application
PUP.Adware.Heuristic, b0eae94c9ca4610002a5b214af782cc3
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Speedownloader0099
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Run | Interstatnogui
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | Interstatnogui
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Interstatnogui
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | gplyra
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | gplyra
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
PUP.Optional.Wajam, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\WajIEnhance
PUP.Optional.Wajam, [Key] - HKCU\Software\WajIEnhance
PUP.Optional.Wajam, [Key] - HKLM\SOFTWARE\SrcAAAesom Browser Enhancer
PUP.Optional.Wajam, [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Adware.Tuto4PC, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | bestDownloader
Adware.Tuto4PC, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | bestDownloader
PUP.Optional.YeaDesktop, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\YeaDesktop
PUP.Optional.YeaDesktop, [Key] - HKCU\Software\YeaDesktop
PUP.Optional.YeaDesktop, [Value] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION | YeaDesktop.exe
PUP.Optional.YeaDesktop, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | YeaDesktop.exe
PUP.Optional.BitCoinMiner, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gplyra
PUP.Optional.BitCoinMiner, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | Optimizer.exe
PUP.Optional.BitCoinMiner, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | Optimizer.exe
PUP.Optional.FastDataX, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\FastDataX
PUP.Optional.FastDataX, [Key] - HKCU\Software\FastDataX
PUP.Optional.OneSystemCare, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\One System Care
PUP.Optional.OneSystemCare, [Key] - HKCU\Software\One System Care
PUP.Optional.OneSystemCare, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OneSystemCare_is1
PUP.Optional.NeoBar.ChrPRST, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\E3605470-291B-44EB-8648-745EE356599A
PUP.Optional.SystemHealer, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\System Healer
PUP.Optional.SystemHealer, [Key] - HKCU\Software\System Healer
PUP.Optional.SystemHealer, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer_is1
PUP.Optional.Tuto4PC, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\MICROSOFT\wewewe
PUP.Optional.Tuto4PC, [Key] - HKCU\Software\MICROSOFT\wewewe
PUP.Optional.iCommerce, [Key] - HKLM\SOFTWARE\SHMADDON
PUP.Optional.Epicsofts, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
PUP.Optional.Epicsofts, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
PUP.Optional.BestCleaner, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\BigTime
PUP.Optional.BestCleaner, [Key] - HKCU\Software\Microsoft\BigTime
Adware.OnlineIO, [Key] - HKLM\SOFTWARE\Microleaves
Adware.NeoBar, [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Adware.NeoBar, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Adware.NeoBar, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
PUP.Optional.InterStat, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Interstatnogui
PUP.Optional.InterStat, [Key] - HKCU\Software\Interstatnogui
Adware.DNSUnlocker, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
PUP.Optional.CloudScout, [Key] - HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Adware.VidSquare, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A97606DF-0FE1-4390-B0DD-ADA8B303AE61}_is1
Adware.VidSquare, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A97606DF-0FE1-4390-B0DD-ADA8B303AE61}_is1
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\APreSam
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
PUP.Optional.WeatherAlerts, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
PUP.Optional.WeatherAlerts, [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Trojan.Agent.Generic, [Key] - HKLM\SOFTWARE\texttotalk
PUP.Optional.DNSUnlocker, [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
PUP.Optional.Glupteba, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\EpicNet Inc.
PUP.Optional.Glupteba, [Key] - HKCU\Software\EpicNet Inc.
PUP.Optional.Glupteba, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Run | cloudnet
PUP.Optional.Glupteba, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | cloudnet
PUP.Optional.Glupteba, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | cloudnet
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.Microleaves, [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves, [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | C:\Program Files (x86)\Microleaves\Online Application\
PUP.Optional.Microleaves, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | C:\Program Files (x86)\Microleaves\
PUP.Optional.Microleaves, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\
Trojan.MaxiBuy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{716D2234-E822-4AB0-874A-1DD7F75047DB}_is1
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.22ChromeEXT, Plugin found: Quick Searcher v16.2 -
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
# Updated on 2018/08/02 by Malwarebytes
# Database: 03-01-2018.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
PUP.Optional.ProxyGate, pgt_svc
Trojan.Agent, WinDefender
PUP.Adware.Heuristic, 709872e348c453b5f2c04f1e6e761268
PUP.Adware.Heuristic, 942a8dfecbe780a751e44976707a5dfd
PUP.Adware.Heuristic, b0eae94c9ca4610002a5b214af782cc3
***** [ Folders ] *****
PUP.Optional.Legacy, C:\Users\Théo\AppData\Roaming\browsers
PUP.Optional.Legacy, C:\Windows\System32\SSL
PUP.Optional.Legacy, C:\Windows\SysWOW64\SSL
PUP.Optional.Legacy, C:\Users\Théo\AppData\Local\AdvinstAnalytics
Adware.Tuto4PC, C:\Users\Théo\AppData\Local\Temp\ShutdownTime
Adware.Tuto4PC, C:\Program Files (x86)\bestDownloader
Adware.Tuto4PC, C:\Users\Théo\AppData\Local\Temp\bestDownloader
PUP.Optional.BitCoinMiner, C:\Users\Théo\AppData\Roaming\gplyra
PUP.Optional.FastDataX, C:\Users\Théo\AppData\Roaming\FastDataX
PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare
PUP.Optional.OneSystemCare, C:\Users\Théo\AppData\Roaming\OneSystemCare
PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
PUP.Optional.OneSystemCare, C:\Users\Théo\AppData\Roaming\One System Care
PUP.Optional.SystemHealer, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
PUP.Optional.SystemHealer, C:\Users\Théo\AppData\Roaming\System Healer
PUP.Optional.SystemHealer, C:\Program Files (x86)\SystemHealer
PUP.Optional.SystemHealer, C:\Users\Théo\AppData\Roaming\SystemHealer
PUP.Optional.ProxyGate, C:\Program Files (x86)\ProxyGate
Adware.OnlineIO, C:\ProgramData\Microleaves
Adware.OnlineIO, C:\ProgramData\Application Data\Microleaves
Adware.OnlineIO, C:\Program Files (x86)\Microleaves
Adware.OnlineIO, C:\Users\All Users\Microleaves
Adware.OnlineIO, C:\Users\Théo\AppData\Roaming\Microleaves
Trojan.Agent, C:\Windows\rss
Adware.NeoBar, C:\Program Files (x86)\seyizDCNnFUn
Adware.NeoBar, C:\Program Files (x86)\pBsTWTvYOXtU2
Adware.NeoBar, C:\Program Files (x86)\mexiCphuiIE
Adware.NeoBar, C:\Program Files (x86)\GveoMZenU
Adware.NeoBar, C:\Program Files (x86)\zKUGIuVeiGvyC
Adware.NeoBar, C:\Program Files (x86)\eDQUsUcxIryKmPtCCUR
PUP.Optional.SoftUpgrade, C:\Program Files (x86)\SoftUpgrade
PUP.Optional.InterStat, C:\Users\Théo\AppData\Roaming\Interstatnogui
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.1stBrowser, C:\Users\Théo\AppData\Roaming\SPI
PUP.Optional.Glupteba, C:\Users\Théo\AppData\Roaming\EpicNet Inc
PUP.Optional.Glupteba, C:\Users\Théo\AppData\Roaming\EpicNet Inc.
PUP.Optional.MirageISO, C:\Users\Public\Documents\XMUpdate
PUP.Adware.Heuristic, C:\Program Files\b0eae94c9ca4610002a5b214af782cc3
PUP.Adware.Heuristic, C:\Program Files\88eaffc855bc153f3fce99e7e80652ac
PUP.Adware.Heuristic, C:\ProgramData\0bf6b030-4f77-1
PUP.Adware.Heuristic, C:\ProgramData\0bf6b030-6c07-0
PUP.Adware.Heuristic, C:\ProgramData\5a0e9510-3881-1
PUP.Adware.Heuristic, C:\ProgramData\5a0e9510-65c5-0
***** [ Files ] *****
PUP.Optional.Legacy, C:\Users\Théo\appdata\local\installationconfiguration.xml
PUP.Optional.ChinAd, C:\Windows\SysNative\drivers\wfcre.sys
Adware.Linkury, C:\Users\Théo\AppData\Local\PO.DB
PUP.Optional.OneSystemCare, C:\Users\Théo\Desktop\Launch One System Care.lnk
PUP.Optional.SystemHealer, C:\Users\Théo\Desktop\Launch System Healer.lnk
Trojan.Downloader, C:\ProgramData\service.exe
Trojan.Downloader, C:\ProgramData\Application Data\service.exe
Trojan.Downloader, C:\Users\All Users\service.exe
Trojan.Agent, C:\Windows\windefender.exe
Trojan.Agent, C:\Windows\SysNative\drivers\WinmonProcessMonitor.sys
Trojan.Agent, C:\Windows\SysNative\drivers\WinmonFS.sys
Trojan.Agent, C:\Windows\SysNative\drivers\Winmon.sys
PUP.Optional.OnlineIO, C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.Legacy, Online Application V2G1
PUP.Optional.Legacy, Online Application V2G3
PUP.Optional.Legacy, Online Application V2G2
PUP.Optional.Legacy, One System Care Monitor
PUP.Optional.BitCoinMiner, LaCieS
PUP.Optional.FastDataX, FastDataX Task
PUP.Optional.OneSystemCare, OneSystemCare Task
PUP.Optional.SystemHealer, SystemHealer Task
PUP.Optional.SystemHealer, System Healer Monitor
Adware.OnlineIO, Online Application V2G6
Adware.OnlineIO, Online Application V2G4
Adware.OnlineIO, Online Application V2G5
Adware.NeoBar, OHurYzwpfZsLsh
Adware.NeoBar, wXkHuguozQzssiw2
Adware.NeoBar, oWotDXBujaUxMpNAqmS2
Adware.NeoBar, VTsFYYvpoVEusFPoU2
PUP.Optional.SoftUpgrade, SoftUpgrade
PUP.Optional.Microleaves, Updater_Online_Application
PUP.Adware.Heuristic, b0eae94c9ca4610002a5b214af782cc3
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Speedownloader0099
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\DMunversion
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Run | Interstatnogui
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | Interstatnogui
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Interstatnogui
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | gplyra
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | gplyra
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
PUP.Optional.Wajam, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\WajIEnhance
PUP.Optional.Wajam, [Key] - HKCU\Software\WajIEnhance
PUP.Optional.Wajam, [Key] - HKLM\SOFTWARE\SrcAAAesom Browser Enhancer
PUP.Optional.Wajam, [Key] - HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
Adware.Tuto4PC, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | bestDownloader
Adware.Tuto4PC, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | bestDownloader
PUP.Optional.YeaDesktop, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\YeaDesktop
PUP.Optional.YeaDesktop, [Key] - HKCU\Software\YeaDesktop
PUP.Optional.YeaDesktop, [Value] - HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION | YeaDesktop.exe
PUP.Optional.YeaDesktop, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION | YeaDesktop.exe
PUP.Optional.BitCoinMiner, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gplyra
PUP.Optional.BitCoinMiner, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | Optimizer.exe
PUP.Optional.BitCoinMiner, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | Optimizer.exe
PUP.Optional.FastDataX, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\FastDataX
PUP.Optional.FastDataX, [Key] - HKCU\Software\FastDataX
PUP.Optional.OneSystemCare, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\One System Care
PUP.Optional.OneSystemCare, [Key] - HKCU\Software\One System Care
PUP.Optional.OneSystemCare, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OneSystemCare_is1
PUP.Optional.NeoBar.ChrPRST, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\E3605470-291B-44EB-8648-745EE356599A
PUP.Optional.SystemHealer, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\System Healer
PUP.Optional.SystemHealer, [Key] - HKCU\Software\System Healer
PUP.Optional.SystemHealer, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer_is1
PUP.Optional.Tuto4PC, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\MICROSOFT\wewewe
PUP.Optional.Tuto4PC, [Key] - HKCU\Software\MICROSOFT\wewewe
PUP.Optional.iCommerce, [Key] - HKLM\SOFTWARE\SHMADDON
PUP.Optional.Epicsofts, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
PUP.Optional.Epicsofts, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\CloudNet
PUP.Optional.BestCleaner, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\BigTime
PUP.Optional.BestCleaner, [Key] - HKCU\Software\Microsoft\BigTime
Adware.OnlineIO, [Key] - HKLM\SOFTWARE\Microleaves
Adware.NeoBar, [Key] - HKLM\SOFTWARE\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Adware.NeoBar, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
Adware.NeoBar, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114}
PUP.Optional.InterStat, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Interstatnogui
PUP.Optional.InterStat, [Key] - HKCU\Software\Interstatnogui
Adware.DNSUnlocker, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
PUP.Optional.CloudScout, [Key] - HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Adware.VidSquare, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A97606DF-0FE1-4390-B0DD-ADA8B303AE61}_is1
Adware.VidSquare, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A97606DF-0FE1-4390-B0DD-ADA8B303AE61}_is1
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\APreSam
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\NSaveA
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrAmNP
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\MPrForShutT
PUP.Optional.WeatherAlerts, [Key] - HKLM\SOFTWARE\Microsoft\PrIncub
PUP.Optional.WeatherAlerts, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
PUP.Optional.WeatherAlerts, [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Trojan.Agent.Generic, [Key] - HKLM\SOFTWARE\texttotalk
PUP.Optional.DNSUnlocker, [Key] - HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
PUP.Optional.Glupteba, [Key] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\EpicNet Inc.
PUP.Optional.Glupteba, [Key] - HKCU\Software\EpicNet Inc.
PUP.Optional.Glupteba, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Run | cloudnet
PUP.Optional.Glupteba, [Value] - HKU\S-1-5-21-1056971535-3608291700-1787555387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | cloudnet
PUP.Optional.Glupteba, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | cloudnet
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
PUP.Optional.Microleaves, [Key] - HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves, [Key] - HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
PUP.Optional.Microleaves, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | C:\Program Files (x86)\Microleaves\Online Application\
PUP.Optional.Microleaves, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | C:\Program Files (x86)\Microleaves\
PUP.Optional.Microleaves, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders | C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\
Trojan.MaxiBuy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{716D2234-E822-4AB0-874A-1DD7F75047DB}_is1
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.22ChromeEXT, Plugin found: Quick Searcher v16.2 -
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########