Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 08/10/2016 Heure de l'analyse: 21:13 Fichier journal: ExamMalewareJambo.txt Administrateur: Oui Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.10.08.05 Base de données de rootkits: v2016.09.26.02 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: corentin Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 541658 Temps écoulé: 5 h, 55 min, 57 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Désactivé Heuristique: Activé PUP: Activé PUM: Activé Processus: 2 PUP.Optional.StartGo123, C:\Windows\SysWOW64\NetUtils2016.exe, 2756, Supprimer au redémarrage, [19ac31652179c96d293549a7c044817f] PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.exe, 3948, Supprimer au redémarrage, [02c3286eb9e126107adcc236b251d030] Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 32 PUP.Optional.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\6005f700424469895677896695fa2d44, En quarantaine, [814464327c1e1f1724310bfdfb0a8779], PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, En quarantaine, [dce99bfbf3a7e353c19d757b15ef08f8], PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [3b8ae9ad900a5adcd2df36610ff3e818], PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [497c82144c4ec96de4b66433cb3729d7], PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [f8cd8511c1d9b581e5cccccbe71b10f0], PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [c302a3f36e2c3006acee9bfc3ac84ab6], PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, En quarantaine, [c10490062674171f456cf1a65aa88080], PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}, En quarantaine, [685df99d6d2d88aee0ba583f9171bd43], PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE, En quarantaine, [863f1581dac046f052cb1cd228db18e8], PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\zdengine.EXE, En quarantaine, [1fa6fc9a445644f28a933bb357aca759], PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, En quarantaine, [d2f34551adedb08617e8867741c2b050], PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{654BB701-8330-442E-8029-8241EECE7D34}, En quarantaine, [408593035d3d3105b865d912e81cb050], PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\updengine, En quarantaine, [7a4b3f5717831422ed316883f01429d7], PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, En quarantaine, [e1e47a1ce3b732040bf9dff3da2a22de], PUP.Optional.Komodia.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\zdengine.EXE, En quarantaine, [2d98f2a4abefbb7b4ad3c02eb350946c], PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SimpleMalwareProtector_RASMANCS, En quarantaine, [f8cd197df7a3b383b6e807f7b0537e82], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Nimfind.exe, En quarantaine, [566f7e186238092db834488a3bc915eb], PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\PARAMS, En quarantaine, [685d1a7ce6b4b2849e8a30c5bf45956b], PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR, En quarantaine, [873ebcdac8d2e5513c640fef53b07090], Rootkit.Komodia.PUA, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\zdwfp, En quarantaine, [279ec8cedfbb44f292ea26d622e1e31d], PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CHNGTSvc, En quarantaine, [02c330667426c96d43d867786b9911ef], PUP.Optional.ChromeHelper.ChrPRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GoogleChromeUpService, En quarantaine, [794cc3d321793cfa7b5fa32957ab27d9], PUP.Optional.MaohaWiFi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaohaWifiNetPro, En quarantaine, [586d8d0948528da9c3954570e61e42be], PUP.Optional.MaohaWiFi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaohaWifiSvr, En quarantaine, [7451fc9a6f2be74f1f3a823300047888], PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016srv, En quarantaine, [f9ccb6e0cecce94db5a7f9f724e0d42c], PUP.Optional.CornerSunshine, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Sunshinesvc, En quarantaine, [eadb6036e9b1191d838500e58e76738d], PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ProntSpooler, En quarantaine, [fdc8fb9be1b974c2cf88c137ef14936d], PUP.Optional.InstallCore, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\csastats, En quarantaine, [2f960b8b2c6eac8a3050d129ec170ff1], PUP.Optional.IDSCProduct, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\IDSC, En quarantaine, [3a8b1a7c6e2c5fd7314e6e8cda29e51b], PUP.Optional.WinYahoo, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, En quarantaine, [d8ede9ad52482511f145718be122db25], PUP.Optional.AdvancedSystemProtector, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\PARAMS, En quarantaine, [01c4088eb9e11026929cd02530d4ff01], PUP.Optional.SimpleMP, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR, En quarantaine, [6f5652441189bd79405cf806ae55946c], Valeurs du Registre: 9 Adware.Agent, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|msiql, C:\Windows\Temp\00026125\msiql.exe /RUNNING, En quarantaine, [9b2a9afca9f15cda7227152544bc20e0] PUP.Optional.Komodia, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{654BB701-8330-442E-8029-8241EECE7D34}|Path, \updengine, En quarantaine, [408593035d3d3105b865d912e81cb050] PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\PARAMS|SMPInstalledPath, C:\Program Files (x86)\Simple Malware Protector, En quarantaine, [685d1a7ce6b4b2849e8a30c5bf45956b] PUP.Optional.SimpleMP, HKLM\SOFTWARE\WOW6432NODE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR|BuyNowURL, http://goto.simplestar.com/action/?product=SMP&LinkType=Purchase&Language=fr&BuildID=1&t=&UID=, En quarantaine, [873ebcdac8d2e5513c640fef53b07090] PUP.Optional.Linkury.ACMB1, HKU\S-1-5-18\ENVIRONMENT|SNP, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=APSFImali&co=FR&userid=0efd3e80-ab5a-38cf-cf67-30de01b7892e&searchtype=sc&installDate=08/10/2016&barcodeid=50127003&channelid=3&av=windows, En quarantaine, [675eecaa4d4d39fd6f6d40b42ed57d83] PUP.Optional.IDSCProduct, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\IDSC|partner, CMI3, En quarantaine, [3a8b1a7c6e2c5fd7314e6e8cda29e51b] PUP.Optional.WinYahoo, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|filename, C:\Users\corentin\AppData\Local\{87D5B16E-A287-DC18-C9B1-FBCA156306F4}\UpdateTask.exe, En quarantaine, [d8ede9ad52482511f145718be122db25] PUP.Optional.AdvancedSystemProtector, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\PARAMS|SMPInstalledPath, C:\Program Files (x86)\Simple Malware Protector, En quarantaine, [01c4088eb9e11026929cd02530d4ff01] PUP.Optional.SimpleMP, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\SIMPLE STAR\SIMPLE MALWARE PROTECTOR|affiliateid, En quarantaine, [6f5652441189bd79405cf806ae55946c], Données du Registre: 6 Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[7a4bbfd73e5c57df258d5c135ca8a65a] PUM.Optional.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[daeb8214603a77bfbac8abcee51fce32] PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[3e87187ef2a8fc3a77d32356749057a9] Hijack.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[4085a1f5c3d75adc4e6496d9b54ff808] PUM.Optional.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[11b444521a803cfad3af69103dc712ee] PUP.Optional.Linkury, HKU\S-1-5-21-1761234563-1659186092-255712589-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({ielnksrch}),Remplacé,[3d88375f16841f172425de9b29dbb54b] Dossiers: 5 PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, En quarantaine, [c2039df9b3e70f272ce252a23bc826da], PUP.Optional.Tuto4PC, C:\Program Files\Caster, En quarantaine, [a81db0e62377290d29fed92663a01ee2], PUP.Optional.UPUpdata, C:\Users\corentin\AppData\Roaming\UPUpdata, En quarantaine, [893c31656f2ba690c22971553fc309f7], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax, En quarantaine, [21a41b7b881263d38b322b718282f010], Fichiers: 119 PUP.Optional.StartGo123, C:\Windows\SysWOW64\NetUtils2016.exe, Supprimer au redémarrage, [19ac31652179c96d293549a7c044817f], PUP.Optional.Wajam.Generic, C:\Windows\System32\drivers\6005f700424469895677896695fa2d44.sys, En quarantaine, [814464327c1e1f1724310bfdfb0a8779], Adware.Agent, C:\Windows\Temp\00026125\msiql.exe, En quarantaine, [9b2a9afca9f15cda7227152544bc20e0], PUP.Optional.StartGo123, C:\Windows\System32\drivers\NetUtils2016.sys, En quarantaine, [dce99bfbf3a7e353c19d757b15ef08f8], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\Cloud.exe, En quarantaine, [5b6ae6b01981f3430ad53b51a65bbf41], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\PGChk.exe, En quarantaine, [daebade9fd9dd95d5cca0f5b47ba46ba], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ProxyGate\PGCommon.dll, En quarantaine, [467f5e383763af873ceab5b505fc24dc], PUP.Optional.HDWallPaper, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\14759303086f1a7tmp.exe, En quarantaine, [7b4acfc7fb9fc373d7434386a06421df], PUP.Optional.Tuto4PC, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\6DOD9P9Y7M.exe, En quarantaine, [e9dc8e08f0aa280ee8eca4412fd2b24e], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Cloud.exe, En quarantaine, [c7fe32643466d95d6e7127652ed3a957], PUP.Optional.LogicHandler, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\set.exe, En quarantaine, [4283504612882610a84481dd768a8977], PUP.Optional.AdvancedSystemProtector, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\SimpleMalwareProtectorSetup_ppc.exe, En quarantaine, [893c484e0f8b40f6877b3db85ca8c43c], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\zdengine.exe, En quarantaine, [eadbf99dd1c93bfb65f0039c639e936d], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\zdwfp64.sys, En quarantaine, [586d7125623821157cda2679659cc13f], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\MainService.exe, En quarantaine, [11b49afc8f0bea4ccb5b7af027dad729], PUP.Optional.InstallCore, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\malwarebytes-anti-malware.exe, En quarantaine, [00c57f179ffb7fb79ccf72c9b150956b], PUP.Optional.Linkury, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nettrans.exe, En quarantaine, [d8ed682e4d4d63d31849d531ef1647b9], PUP.Optional.Amonetize, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\nsn4014.exe, En quarantaine, [794c0b8b8c0eda5c56f6b2f2788958a8], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\PGChk.exe, En quarantaine, [1ea78b0b4c4e082ed155d59502ff04fc], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\PGCommon.dll, En quarantaine, [a61f2175a8f20c2a7ea89cce8a7759a7], PUP.Optional.Amonetize, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\sdfF3B8.exe, En quarantaine, [368fecaad4c6c57123c77c5040c17e82], PUP.Optional.SimpleMP, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Simple Malware Protector.DIR\AppResource.dll, En quarantaine, [c9fcfb9b782284b2a0d0e3ff956c629e], Trojan.Downloader, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\DanSailhold.exe, En quarantaine, [b4114d498d0d2313e2e22dacf80c1ae6], PUP.Optional.Linkury.ACMB1, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\Namplus.dll, En quarantaine, [b213bfd7207ab3832d85e0f9d430cb35], PUP.Optional.Linkury.ACMB1, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\Nimfind\Silverhold.dll, En quarantaine, [f6cf395d6337a294f6cf38a14bb91ce4], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\uninstall.exe, En quarantaine, [2e9797ff900ab185f8852ebacf35ba46], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdengine.dll, En quarantaine, [5d6899fd1c7e89ad8acbb0ef976a4db3], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdengine64.dll, En quarantaine, [2c99c7cfb3e744f29fb666391ae708f8], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdenginecert.dll, En quarantaine, [6e57e5b148525ed882d3336ca45d5ea2], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdinstaller.exe, En quarantaine, [9233d5c14b4f2e08371f1a856e934eb2], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdwfp.sys, En quarantaine, [0db8a9edbcde60d68ec8a3fcbf42ba46], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\zdwfp64.sys, En quarantaine, [2a9bf6a0217914225cfa7b243bc617e9], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\ziengine.exe, En quarantaine, [5174880ecad0bf77a4b17d2241c0c13f], PUP.Optional.Komodia, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\OtherSearch\ziengine64.exe, En quarantaine, [388d6432a0fa7db9183d3d622dd401ff], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\Cloud.exe, En quarantaine, [41843c5abfdbd85eeef1692349b8857b], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\MainService.exe, En quarantaine, [5e67bdd92e6ca88eb6701555986926da], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGChk.exe, En quarantaine, [289dccca3a60c373e83e46248b764db3], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGCommon.dll, En quarantaine, [883dfd994e4cc076b571c4a6e61b07f9], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGHelp.exe, En quarantaine, [8b3adbbb2f6bd95d9b8b80ea0ff27090], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGLog.exe, En quarantaine, [784daee8089262d436f07eec936ee61a], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGNet.exe, En quarantaine, [ffc6385e0d8d5adc939375f508f902fe], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\PGUpd.exe, En quarantaine, [8342e7afeab0013548dedb8f877adc24], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\ProxyGate.exe, En quarantaine, [9a2b7a1c207ac3730f175119e51cf709], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\Socket.exe, En quarantaine, [b01556408317b6809492313933ce33cd], PUP.Optional.GoldClick, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\ProxyGate.DIR\TrafficMonitor.exe, En quarantaine, [0cb99402b9e1af874dd95713758c7888], PUP.Optional.SystemHealer, C:\Users\corentin\AppData\Roaming\ZHP\Quarantine\SystemHealer\RescueMonitor.exe, En quarantaine, [5a6bbcdadfbbf64064546f787d8735cb], PUP.Optional.WizzCaster, C:\Program Files\Caster\wizzcaster.exe, En quarantaine, [f5d01581a7f360d6544a6070ff0529d7], PUP.Optional.SimpleMP, C:\Windows\System32\smpnative64.exe, En quarantaine, [6b5a6630900a5dd92749608215ec28d8], PUP.Optional.StartGo123, C:\Windows\System32\NetUtils2016.dll, Supprimer au redémarrage, [14b11a7c9ffb50e68b5990449c68bb45], PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll, Supprimer au redémarrage, [f9cccfc7673355e1f362dbc459a810f0], PUP.Optional.Komodia, C:\Windows\System32\zdengine64.dll.rlwrgkr, En quarantaine, [3b8ac6d08e0c4aec8dc86b3418e9bc44], PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.dll, Supprimer au redémarrage, [2e979bfbc9d1ac8a21345b44e31e3fc1], PUP.Optional.Komodia, C:\Windows\SysWOW64\zdengine.dll.rlwrgkr, En quarantaine, [a322672f2d6ddd599fb6d9c67e8343bd], PUP.Optional.LogicHandler, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Unoex.bin, En quarantaine, [cdf8f3a33961171fea02b9a530d05ca4], PUP.Optional.Linkury, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Vaiahome.bin, En quarantaine, [b312c7cfd8c2d561c29ff115bb4ad828], PUP.Optional.Linkury, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Zaambam.bin, En quarantaine, [73520d89653561d57a408b1dfc05a060], Trojan.KorAd, C:\Users\corentin\AppData\Local\Temp\KZ7ZData.7z, En quarantaine, [e4e121752e6c181eb7d14c91ee163fc1], Trojan.KorAd, C:\Users\corentin\AppData\Local\Temp\my7zData.7z, En quarantaine, [4580bfd7415948eec5c39647966e8977], PUP.Optional.Bundler, C:\Users\corentin\AppData\Local\Temp\fsdAF9.exe, En quarantaine, [daeb593db3e7bc7afad9a082d42c34cc], PUP.Optional.BundleInstaller, C:\Users\corentin\AppData\Local\Temp\AB56.tmp.exe, En quarantaine, [8d380195128824123536845b71933dc3], PUP.Optional.IDSCProduct, C:\Users\corentin\AppData\Local\Temp\DGDZ9S5I12.exe, En quarantaine, [dee77224a2f8d6606f909cc56e960ef2], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\Temp\00020833\hp.exe, En quarantaine, [5c69187eafebec4ae1f80fea21e3c838], PUP.Optional.Elex, C:\Users\corentin\AppData\Local\Temp\00020833\kpzip.exe, En quarantaine, [f5d0187e5e3c86b07089efed8183b54b], Adware.Agent, C:\Users\corentin\AppData\Local\Temp\00020833\msiql.exe, En quarantaine, [fbca92045743e05685147cbe5aa634cc], Adware.Agent, C:\Users\corentin\AppData\Local\Temp\00020833\newAutoTime_51477.jpg, En quarantaine, [4d7841552179162090ef5891c440d828], PUP.Optional.BitCoinMiner, C:\Users\corentin\AppData\Local\Temp\00020842\Zone2.exe, En quarantaine, [368f9ef8a3f7e452544c02d95fa27e82], Adware.Kuaiba, C:\Users\corentin\AppData\Local\Temp\00021280\KuaiZip_Setup_129823379_zzlm_013.exe, En quarantaine, [f3d2ddb95d3d40f641d75603dc245ba5], Adware.HPDefender, C:\Users\corentin\AppData\Local\Temp\8547F92A-4562-4B75-AE6C-B0043E1FA0EB\miwelahnus.ru_World.exe, En quarantaine, [c6ffb5e19307bd791310f613986d0ff1], PUP.Optional.Amonetize, C:\Users\corentin\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, En quarantaine, [ab1ac8ced7c372c492588448ad547a86], PUP.Optional.ConvertAd, C:\Windows\Temp\231.tmp, En quarantaine, [cff6f0a6752579bd074a06827e838878], PUP.Optional.BitCoinMiner, C:\Windows\Temp\234.tmp, En quarantaine, [e4e19df91d7d67cfb7e92ead5ba653ad], PUP.Optional.VBates, C:\Windows\Temp\239.tmp, En quarantaine, [8243d7bfc3d7da5cc72729b3f1107a86], PUP.Optional.PreInstaller, C:\Windows\Temp\23A.tmp, En quarantaine, [9233593ddac00630d62dee3f1be630d0], Trojan.Agent, C:\Windows\Temp\nsoEBC9.tmp\prepreinstaller_win.exe, En quarantaine, [3e870195306a93a35865d6f638cc59a7], Adware.Agent, C:\Windows\Temp\00021130\msiql.exe, En quarantaine, [00c5f99dc8d2979f475290aaec14a15f], PUP.Optional.InstallCore, C:\Users\corentin\Downloads\camstudio.exe, En quarantaine, [7253573f18827abc0e5deb50ee130ff1], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\1.tmp.exe, En quarantaine, [aa1b16804a500e284e52ffc0768db24e], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\2.tmp.exe, En quarantaine, [0db8fd9983170b2b5c441da27b88619f], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\3.tmp.exe, En quarantaine, [13b2a0f61d7ded49930d13ac43c0936d], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\4.tmp.exe, En quarantaine, [18adb4e24c4ea88ed5cb2c93c43f0ef2], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\5.tmp.exe, En quarantaine, [08bd583e5941280e049c3b840af960a0], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\6.tmp.exe, En quarantaine, [d2f39bfb6832c96d039dfbc4b1529e62], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\7.tmp.exe, En quarantaine, [4184eda98e0cdd594759f8c7a3607f81], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\8.tmp.exe, En quarantaine, [edd8009693072412d6caffc08380bd43], Trojan.Agent.E, C:\Users\corentin\AppData\Local\Temp\9.tmp.exe, En quarantaine, [2f966432ecaedb5b2a76447b29daa45c], PUP.Optional.Komodia, C:\Users\corentin\AppData\Local\Temp\ziengine.ini.log, En quarantaine, [7550187e5c3e58de8194c92554afbc44], PUP.Optional.Komodia, C:\Windows\Temp\ziengine.ini.log, En quarantaine, [834263332278da5c1df8d01e08fb7b85], PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, En quarantaine, [72538610c2d863d37a9c9f4fb84bb947], PUP.Optional.Komodia.WnskRST, C:\Windows\System32\zdengineOff.ini, En quarantaine, [daeb63332b6fe74f4ece4ba342c19a66], PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zdengineOff.ini, En quarantaine, [3194eda9b4e63df9d04c49a5867de31d], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Round-Fix.ico, En quarantaine, [c2039df9b3e70f272ce252a23bc826da], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Zerlex.ico, En quarantaine, [c2039df9b3e70f272ce252a23bc826da], PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.exe, Supprimer au redémarrage, [02c3286eb9e126107adcc236b251d030], PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.InstallLog, En quarantaine, [dee7a1f5d0ca91a5de786f891ce73ac6], PUP.Optional.ProntSpooler, C:\Users\corentin\AppData\Local\Apps\2.0\abril.InstallState, En quarantaine, [e9dc5e382c6e0a2c292d708823e040c0], PUP.Optional.Tuto4PC, C:\Program Files\Caster\Uninstaller.exe, En quarantaine, [a81db0e62377290d29fed92663a01ee2], PUP.Optional.Komodia, C:\Windows\System32\Tasks\updengine, En quarantaine, [9d287e189604c3733fe0915a1be9a35d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script - ¸±±¾.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Elex.ClnShrt, C:\Users\corentin\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js, En quarantaine, [b31264326a30b18516c2b1484cb8f30d], PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\InstallationConfiguration.xml, En quarantaine, [21a41b7b881263d38b322b718282f010], PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.dat, En quarantaine, [21a41b7b881263d38b322b718282f010], PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.exe, En quarantaine, [21a41b7b881263d38b322b718282f010], PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Voyalax\uninstall.ico, En quarantaine, [21a41b7b881263d38b322b718282f010], PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Mozilla\Firefox\Profiles\z3rncwsl.default\searchplugins\mke2h7o3.xml, En quarantaine, [b80deaacf1a93402f96fabf262a2639d], PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.newtab.url", "http://www.trotux.com/?z=d15a719ae76847fb01f863egez0m8w9t4c3ebc9w3g&from=clc&uid=ST1000LM024XHN-M101MBB_S2WZJ90D480891480891&type=hp");), Remplacé,[44814a4c05957fb71a83777536cea060] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (; user_pref("app.update.lastUpdateTime.search-engine-up), Remplacé,[fdc80096dac05fd70a935993a55f39c7] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (s file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual change t), Remplacé,[6e578610e9b10b2b564704e8d62e15eb] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (s running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.typeaheadfin), Remplacé,[2b9aaaec6a301323f7a678742bd9b34d] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (nces, you can visit the URL about:config */ user_pref("accessibility.typeaheadfind", true); user_pref("accessibility.typeaheadfind.flashBar", 0); user_pref("app.update.auto", false); user_pref("ap), Remplacé,[c2036d29910932042578dd0f64a04eb2] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (ges will be overwritten when the application exits. ), Remplacé,[06bfd8beaeec8bab18850ddfd430d030] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\prefs.js, Bon : (), Mauvais : (cessibility.typeaheadfind", true); user_pref("accessibility.typeaheadfind.flashBar", 0); user_pref("app.update.auto", false); user_pref("app.update.enabled", false); user), Remplacé,[7154cbcb1f7bcb6b0b926686c93b24dc] PUP.Optional.Trotux, C:\Users\corentin\AppData\Roaming\Profiles\Coavaward.default\searchplugins\mke2h7o3.xml, En quarantaine, [388d2c6a0199e4522b6fc428e81c8a76], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)