Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 09/04/2018
Heure de l'analyse: 19:45
Fichier journal: 6ba3c176-3c15-11e8-9281-80fa5b3bb453.json
Administrateur: Oui
-Informations du logiciel-
Version: 3.4.5.2467
Version de composants: 1.0.342
Version de pack de mise à jour: 1.0.4668
Licence: Essai
-Informations système-
Système d'exploitation: Windows 10 (Build 16299.309)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-1BLP8C2\bfurk
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 361832
Menaces détectées: 92
Menaces mises en quarantaine: 92
Temps écoulé: 4 min, 17 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 1
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\5DBC0000-372F-2DFB-005A-97FAEAE6ED56\{FB4F5A00-30CD-663C-005A-F3A6E207C74B}, En quarantaine, [909], [481065],1.0.4668
Clé du registre: 18
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC11_SkipUac_bfurk, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D53D24DF-0410-4002-BC55-7DFEB97C8E7A}, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D53D24DF-0410-4002-BC55-7DFEB97C8E7A}, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Supprimer au redémarrage, [6595], [425124],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E080A47-050D-7F7D-0911-0A7F0D091178}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE3F5ABD-BDC6-4E11-98BA-7F0807557CA0}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE3F5ABD-BDC6-4E11-98BA-7F0807557CA0}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\TASKENG.EXE, Supprimer au redémarrage, [6595], [425125],1.0.4668
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9d736acd}, Supprimer au redémarrage, [2871], [260250],1.0.4668
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [8075], [506330],1.0.4668
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [8075], [506330],1.0.4668
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [8075], [506330],1.0.4668
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\A242B400-38B0-B203-00B4-8AA1CDEEB422, Supprimer au redémarrage, [909], [481065],1.0.4668
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F12B1FBC-F310-4F3F-98B6-F7AD9BAFDA06}, Supprimer au redémarrage, [909], [481065],1.0.4668
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{F12B1FBC-F310-4F3F-98B6-F7AD9BAFDA06}, Supprimer au redémarrage, [909], [481065],1.0.4668
Valeur du registre: 10
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Supprimer au redémarrage, [6595], [425124],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Supprimer au redémarrage, [6595], [425126],1.0.4668
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ADVANCED SYSTEMCARE 11, Supprimer au redémarrage, [4580], [380353],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Supprimer au redémarrage, [6595], [425125],1.0.4668
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9d736acd}|1, Supprimer au redémarrage, [2871], [260250],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{2158a4b6-e489-4f23-8636-c535f82a2162}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{5d9b053d-a795-4e83-9b10-8dbd1e705de6}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{aa0652a0-7926-4ec4-83e1-7359c5acb5ac}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{c14debb4-e552-4a80-a7c2-818b65dbe6fe}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{fa553ef2-4579-4dac-88bb-285fa2e782c5}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Données du registre: 15
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{2158a4b6-e489-4f23-8636-c535f82a2162}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{2158a4b6-e489-4f23-8636-c535f82a2162}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5d9b053d-a795-4e83-9b10-8dbd1e705de6}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5d9b053d-a795-4e83-9b10-8dbd1e705de6}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{a19d4dd8-3f8f-4e06-8ebe-122f96fe9f09}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aa0652a0-7926-4ec4-83e1-7359c5acb5ac}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aa0652a0-7926-4ec4-83e1-7359c5acb5ac}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c14debb4-e552-4a80-a7c2-818b65dbe6fe}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c14debb4-e552-4a80-a7c2-818b65dbe6fe}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f1d33b6d-0024-43a1-98f2-04823320e502}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fa553ef2-4579-4dac-88bb-285fa2e782c5}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fa553ef2-4579-4dac-88bb-285fa2e782c5}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NAMESERVER, Remplacer au redémarrage, [7799], [293494],1.0.4668
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 4
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\js, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\USERS\BFURK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\q82gsxhs.default\EXTENSIONS\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233, Supprimer au redémarrage, [1149], [450133],1.0.4668
Fichier: 44
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC11_SkipUac_bfurk, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, C:\WINDOWS\SYSTEM32\TASKS\{7E080A47-050D-7F7D-0911-0A7F0D091178}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, C:\WINDOWS\SYSTEM32\TASKS\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-128.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-18.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-48.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-64.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\js\background.js, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF\manifest.mf, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF\mozilla.rsa, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF\mozilla.sf, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\index.html, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\manifest.json, Supprimer au redémarrage, [1149], [450133],1.0.4668
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\5DBC0000-372F-2DFB-005A-97FAEAE6ED56\{FB4F5A00-30CD-663C-005A-F3A6E207C74B}, Supprimer au redémarrage, [909], [481065],1.0.4668
Adware.Adposhel, C:\WINDOWS\SYSTEM32\TASKS\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [8075], [506330],1.0.4668
RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\A242B400-38B0-B203-00B4-8AA1CDEEB422, Supprimer au redémarrage, [909], [481065],1.0.4668
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\5DBC0000-372F-2DFB-005A-97FAEAE6ED56\{FB4F5A00-30CD-663C-005A-F3A6E207C74B}., Supprimer au redémarrage, [909], [481065],1.0.4668
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IOBIT\DRIVER BOOSTER\DOWNLOADER\DB5\ASCSETUP.EXE, Supprimer au redémarrage, [4580], [396386],1.0.4668
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Supprimer au redémarrage, [8215], [393793],1.0.4668
PUP.Optional.InstallCore, C:\USERS\BFURK\DOWNLOADS\CHEAT-ENGINE.EXE, Supprimer au redémarrage, [388], [500846],1.0.4668
PUP.Optional.InstallCore.Generic, C:\USERS\BFURK\DOWNLOADS\INSTALLER_AUTOCAD_2013_2013__32BIT__3040292472.EXE, Supprimer au redémarrage, [6345], [492455],1.0.4668
CrackTool.AutoDesk.Keygen, C:\USERS\BFURK\DOWNLOADS\CRACK OF AUTOCAD 2017.ZIP, Supprimer au redémarrage, [11303], [117344],1.0.4668
RiskWare.Tool.CK, C:\USERS\BFURK\DOWNLOADS\AUTODESK.2013.PRODUCTS.UNIVERSAL.KEYGEN-XFORCE.RAR, Supprimer au redémarrage, [5953], [36579],1.0.4668
PUP.Optional.Trovi, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [375], [454808],1.0.4668
PUP.Optional.Trovi, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [375], [454808],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454718],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [244], [454718],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454718],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454718],1.0.4668
RiskWare.Agent, C:\USERS\BFURK\DOWNLOADS\X-FORCE KEYGEN 2018 32X 64X.RAR, Supprimer au redémarrage, [3883], [421389],1.0.4668
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\TEMP\1F9B3F2E076AC30B, Supprimer au redémarrage, [909], [481065],1.0.4668
CrackTool.AutoDesk.Keygen, C:\USERS\BFURK\DOWNLOADS\KEYGEN AUTOCAD 2017.ZIP, Supprimer au redémarrage, [11303], [117344],1.0.4668
PUP.Optional.MailPassView, C:\USERS\BFURK\DOWNLOADS\MINECRAFT PRENIUM INJECTOR.RAR, Supprimer au redémarrage, [8636], [299452],1.0.4668
PUP.Optional.WiperSoft, C:\USERS\BFURK\DOWNLOADS\WIPERSOFT-INSTALLER.EXE, Supprimer au redémarrage, [4513], [340923],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454721],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454721],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [281], [455229],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [281], [455229],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454721],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [281], [455229],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [281], [455229],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454721],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454721],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [281], [455229],1.0.4668
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 09/04/2018
Heure de l'analyse: 19:45
Fichier journal: 6ba3c176-3c15-11e8-9281-80fa5b3bb453.json
Administrateur: Oui
-Informations du logiciel-
Version: 3.4.5.2467
Version de composants: 1.0.342
Version de pack de mise à jour: 1.0.4668
Licence: Essai
-Informations système-
Système d'exploitation: Windows 10 (Build 16299.309)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-1BLP8C2\bfurk
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 361832
Menaces détectées: 92
Menaces mises en quarantaine: 92
Temps écoulé: 4 min, 17 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 1
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\5DBC0000-372F-2DFB-005A-97FAEAE6ED56\{FB4F5A00-30CD-663C-005A-F3A6E207C74B}, En quarantaine, [909], [481065],1.0.4668
Clé du registre: 18
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC11_SkipUac_bfurk, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D53D24DF-0410-4002-BC55-7DFEB97C8E7A}, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D53D24DF-0410-4002-BC55-7DFEB97C8E7A}, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Supprimer au redémarrage, [6595], [425124],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E080A47-050D-7F7D-0911-0A7F0D091178}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE3F5ABD-BDC6-4E11-98BA-7F0807557CA0}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE3F5ABD-BDC6-4E11-98BA-7F0807557CA0}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\TASKENG.EXE, Supprimer au redémarrage, [6595], [425125],1.0.4668
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9d736acd}, Supprimer au redémarrage, [2871], [260250],1.0.4668
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [8075], [506330],1.0.4668
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [8075], [506330],1.0.4668
Adware.Adposhel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{6A84C0D2-EF76-40F0-9B8E-C08E9A7CD69A}, Supprimer au redémarrage, [8075], [506330],1.0.4668
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\A242B400-38B0-B203-00B4-8AA1CDEEB422, Supprimer au redémarrage, [909], [481065],1.0.4668
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F12B1FBC-F310-4F3F-98B6-F7AD9BAFDA06}, Supprimer au redémarrage, [909], [481065],1.0.4668
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{F12B1FBC-F310-4F3F-98B6-F7AD9BAFDA06}, Supprimer au redémarrage, [909], [481065],1.0.4668
Valeur du registre: 10
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Supprimer au redémarrage, [6595], [425124],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Supprimer au redémarrage, [6595], [425126],1.0.4668
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ADVANCED SYSTEMCARE 11, Supprimer au redémarrage, [4580], [380353],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-2748298575-777681836-3071086262-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Supprimer au redémarrage, [6595], [425125],1.0.4668
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9d736acd}|1, Supprimer au redémarrage, [2871], [260250],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{2158a4b6-e489-4f23-8636-c535f82a2162}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{5d9b053d-a795-4e83-9b10-8dbd1e705de6}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{aa0652a0-7926-4ec4-83e1-7359c5acb5ac}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{c14debb4-e552-4a80-a7c2-818b65dbe6fe}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{fa553ef2-4579-4dac-88bb-285fa2e782c5}|NAMESERVER, Supprimer au redémarrage, [7799], [260227],1.0.4668
Données du registre: 15
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{2158a4b6-e489-4f23-8636-c535f82a2162}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{2158a4b6-e489-4f23-8636-c535f82a2162}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5d9b053d-a795-4e83-9b10-8dbd1e705de6}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5d9b053d-a795-4e83-9b10-8dbd1e705de6}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{a19d4dd8-3f8f-4e06-8ebe-122f96fe9f09}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aa0652a0-7926-4ec4-83e1-7359c5acb5ac}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aa0652a0-7926-4ec4-83e1-7359c5acb5ac}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c14debb4-e552-4a80-a7c2-818b65dbe6fe}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c14debb4-e552-4a80-a7c2-818b65dbe6fe}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f1d33b6d-0024-43a1-98f2-04823320e502}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fa553ef2-4579-4dac-88bb-285fa2e782c5}|NameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fa553ef2-4579-4dac-88bb-285fa2e782c5}|DhcpNameServer, Remplacer au redémarrage, [2871], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NAMESERVER, Remplacer au redémarrage, [7799], [293494],1.0.4668
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 4
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\js, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\USERS\BFURK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\q82gsxhs.default\EXTENSIONS\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233, Supprimer au redémarrage, [1149], [450133],1.0.4668
Fichier: 44
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC11_SkipUac_bfurk, Supprimer au redémarrage, [4580], [380341],1.0.4668
PUP.Optional.PSScriptLoad.ACMB3, C:\WINDOWS\SYSTEM32\TASKS\{7E080A47-050D-7F7D-0911-0A7F0D091178}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.PSScriptLoad.ACMB3, C:\WINDOWS\SYSTEM32\TASKS\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [6595], [-1],0.0.0
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-128.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-18.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-48.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\images\icon-64.png, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\js\background.js, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF\manifest.mf, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF\mozilla.rsa, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\META-INF\mozilla.sf, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\index.html, Supprimer au redémarrage, [1149], [450133],1.0.4668
PUP.Optional.SuperFind, C:\Users\bfurk\AppData\Roaming\Mozilla\Firefox\Profiles\q82gsxhs.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233\manifest.json, Supprimer au redémarrage, [1149], [450133],1.0.4668
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\5DBC0000-372F-2DFB-005A-97FAEAE6ED56\{FB4F5A00-30CD-663C-005A-F3A6E207C74B}, Supprimer au redémarrage, [909], [481065],1.0.4668
Adware.Adposhel, C:\WINDOWS\SYSTEM32\TASKS\{2F4229D7-14C1-4A2E-D7C9-A07342F3D544}, Supprimer au redémarrage, [8075], [506330],1.0.4668
RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\A242B400-38B0-B203-00B4-8AA1CDEEB422, Supprimer au redémarrage, [909], [481065],1.0.4668
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\5DBC0000-372F-2DFB-005A-97FAEAE6ED56\{FB4F5A00-30CD-663C-005A-F3A6E207C74B}., Supprimer au redémarrage, [909], [481065],1.0.4668
PUP.Optional.AdvancedSystemCare, C:\PROGRAMDATA\IOBIT\DRIVER BOOSTER\DOWNLOADER\DB5\ASCSETUP.EXE, Supprimer au redémarrage, [4580], [396386],1.0.4668
PUP.Optional.GameHack, C:\PROGRAM FILES (X86)\CHEAT ENGINE 6.7\STANDALONEPHASE1.DAT, Supprimer au redémarrage, [8215], [393793],1.0.4668
PUP.Optional.InstallCore, C:\USERS\BFURK\DOWNLOADS\CHEAT-ENGINE.EXE, Supprimer au redémarrage, [388], [500846],1.0.4668
PUP.Optional.InstallCore.Generic, C:\USERS\BFURK\DOWNLOADS\INSTALLER_AUTOCAD_2013_2013__32BIT__3040292472.EXE, Supprimer au redémarrage, [6345], [492455],1.0.4668
CrackTool.AutoDesk.Keygen, C:\USERS\BFURK\DOWNLOADS\CRACK OF AUTOCAD 2017.ZIP, Supprimer au redémarrage, [11303], [117344],1.0.4668
RiskWare.Tool.CK, C:\USERS\BFURK\DOWNLOADS\AUTODESK.2013.PRODUCTS.UNIVERSAL.KEYGEN-XFORCE.RAR, Supprimer au redémarrage, [5953], [36579],1.0.4668
PUP.Optional.Trovi, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [375], [454808],1.0.4668
PUP.Optional.Trovi, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [375], [454808],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454718],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [244], [454718],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454718],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454718],1.0.4668
RiskWare.Agent, C:\USERS\BFURK\DOWNLOADS\X-FORCE KEYGEN 2018 32X 64X.RAR, Supprimer au redémarrage, [3883], [421389],1.0.4668
RiskWare.BitCoinMiner, C:\USERS\BFURK\APPDATA\LOCAL\TEMP\1F9B3F2E076AC30B, Supprimer au redémarrage, [909], [481065],1.0.4668
CrackTool.AutoDesk.Keygen, C:\USERS\BFURK\DOWNLOADS\KEYGEN AUTOCAD 2017.ZIP, Supprimer au redémarrage, [11303], [117344],1.0.4668
PUP.Optional.MailPassView, C:\USERS\BFURK\DOWNLOADS\MINECRAFT PRENIUM INJECTOR.RAR, Supprimer au redémarrage, [8636], [299452],1.0.4668
PUP.Optional.WiperSoft, C:\USERS\BFURK\DOWNLOADS\WIPERSOFT-INSTALLER.EXE, Supprimer au redémarrage, [4513], [340923],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454721],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454721],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [281], [455229],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [281], [455229],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454721],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [281], [455229],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [281], [455229],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [244], [454721],1.0.4668
Adware.Elex.ShrtCln, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [244], [454721],1.0.4668
PUP.Optional.GoSearch, C:\USERS\BFURK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [281], [455229],1.0.4668
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)