Program : RogueKiller Anti-Malware Version : 15.5.3.0 x64 : Yes Program Date : Jun 13 2022 Location : C:\Program Files\RogueKiller\RogueKiller64.exe Premium : Yes Company : Adlice Software Website : https://www.adlice.com/ Contact : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19043) 64-bit 64-bit OS : Yes Startup : 2 WindowsPE : No User : Jean Marie CARRIBON User is Admin : Yes Date : 2022/08/09 11:14:49 Type : Removal Aborted : No Scan Mode : Custom Duration : 83069 Found items : 50 Total scanned : 786662 Signatures Version : 20220808_080425 Truesight Driver : No Updates Count : 8 truesight_error : 1 ************************* Warnings ************************* (66:70598) C:\Capture, LONG_FOLDER_SCAN [+] path : C:\Capture [+] message : LONG_FOLDER_SCAN [+] int1 : 66 [+] int2 : 70598 (34:4563) C:\Windows\System32, LONG_FOLDER_SCAN [+] path : C:\Windows\System32 [+] message : LONG_FOLDER_SCAN [+] int1 : 34 [+] int2 : 4563 (24:0) C:\AdwCleaner\Quarantine\v1\20220718.095322\109\DRPSu\Alice\node_modules, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine\v1\20220718.095322\109\DRPSu\Alice\node_modules [+] message : LONG_FOLDER_SCAN [+] int1 : 24 [+] int2 : 0 (25:16) C:\AdwCleaner\Quarantine\v1\20220718.095322\109\DRPSu\Alice, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine\v1\20220718.095322\109\DRPSu\Alice [+] message : LONG_FOLDER_SCAN [+] int1 : 25 [+] int2 : 16 (29:1) C:\AdwCleaner\Quarantine\v1\20220718.095322\109\DRPSu, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine\v1\20220718.095322\109\DRPSu [+] message : LONG_FOLDER_SCAN [+] int1 : 29 [+] int2 : 1 (29:0) C:\AdwCleaner\Quarantine\v1\20220718.095322\109, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine\v1\20220718.095322\109 [+] message : LONG_FOLDER_SCAN [+] int1 : 29 [+] int2 : 0 (40:1) C:\AdwCleaner\Quarantine\v1\20220718.095322, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine\v1\20220718.095322 [+] message : LONG_FOLDER_SCAN [+] int1 : 40 [+] int2 : 1 (40:0) C:\AdwCleaner\Quarantine\v1, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine\v1 [+] message : LONG_FOLDER_SCAN [+] int1 : 40 [+] int2 : 0 (40:0) C:\AdwCleaner\Quarantine, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner\Quarantine [+] message : LONG_FOLDER_SCAN [+] int1 : 40 [+] int2 : 0 (40:1) C:\AdwCleaner, LONG_FOLDER_SCAN [+] path : C:\AdwCleaner [+] message : LONG_FOLDER_SCAN [+] int1 : 40 [+] int2 : 1 (100:70598) C:\Capture, LONG_FOLDER_SCAN [+] path : C:\Capture [+] message : LONG_FOLDER_SCAN [+] int1 : 100 [+] int2 : 70598 (17:0) C:\LiberKey\Apps, LONG_FOLDER_SCAN [+] path : C:\LiberKey\Apps [+] message : LONG_FOLDER_SCAN [+] int1 : 17 [+] int2 : 0 (17:3) C:\LiberKey, LONG_FOLDER_SCAN [+] path : C:\LiberKey [+] message : LONG_FOLDER_SCAN [+] int1 : 17 [+] int2 : 3 (17:471) C:\Program Files\Pinnacle\Studio for Dazzle\programs, LONG_FOLDER_SCAN [+] path : C:\Program Files\Pinnacle\Studio for Dazzle\programs [+] message : LONG_FOLDER_SCAN [+] int1 : 17 [+] int2 : 471 (26:0) C:\Program Files\Pinnacle\Studio for Dazzle, LONG_FOLDER_SCAN [+] path : C:\Program Files\Pinnacle\Studio for Dazzle [+] message : LONG_FOLDER_SCAN [+] int1 : 26 [+] int2 : 0 (27:0) C:\Program Files\Pinnacle, LONG_FOLDER_SCAN [+] path : C:\Program Files\Pinnacle [+] message : LONG_FOLDER_SCAN [+] int1 : 27 [+] int2 : 0 (16:1) C:\Program Files\qemu\share\icons\Adwaita, LONG_FOLDER_SCAN [+] path : C:\Program Files\qemu\share\icons\Adwaita [+] message : LONG_FOLDER_SCAN [+] int1 : 16 [+] int2 : 1 (16:0) C:\Program Files\qemu\share\icons, LONG_FOLDER_SCAN [+] path : C:\Program Files\qemu\share\icons [+] message : LONG_FOLDER_SCAN [+] int1 : 16 [+] int2 : 0 (16:45) C:\Program Files\qemu\share, LONG_FOLDER_SCAN [+] path : C:\Program Files\qemu\share [+] message : LONG_FOLDER_SCAN [+] int1 : 16 [+] int2 : 45 (16:1) C:\Program Files\qemu, LONG_FOLDER_SCAN [+] path : C:\Program Files\qemu [+] message : LONG_FOLDER_SCAN [+] int1 : 16 [+] int2 : 1 (68:2) C:\Program Files, LONG_FOLDER_SCAN [+] path : C:\Program Files [+] message : LONG_FOLDER_SCAN [+] int1 : 68 [+] int2 : 2 (20:0) C:\Program Files (x86)\IMAGINE Editions, LONG_FOLDER_SCAN [+] path : C:\Program Files (x86)\IMAGINE Editions [+] message : LONG_FOLDER_SCAN [+] int1 : 20 [+] int2 : 0 (19:0) C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit, LONG_FOLDER_SCAN [+] path : C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit [+] message : LONG_FOLDER_SCAN [+] int1 : 19 [+] int2 : 0 (21:0) C:\Program Files (x86)\Windows Kits\10, LONG_FOLDER_SCAN [+] path : C:\Program Files (x86)\Windows Kits\10 [+] message : LONG_FOLDER_SCAN [+] int1 : 21 [+] int2 : 0 (21:0) C:\Program Files (x86)\Windows Kits, LONG_FOLDER_SCAN [+] path : C:\Program Files (x86)\Windows Kits [+] message : LONG_FOLDER_SCAN [+] int1 : 21 [+] int2 : 0 (81:1) C:\Program Files (x86), LONG_FOLDER_SCAN [+] path : C:\Program Files (x86) [+] message : LONG_FOLDER_SCAN [+] int1 : 81 [+] int2 : 1 (27:6) C:\Users\Jean Marie CARRIBON\AppData\Local, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\AppData\Local [+] message : LONG_FOLDER_SCAN [+] int1 : 27 [+] int2 : 6 (16:14) C:\Users\Jean Marie CARRIBON\AppData\Roaming, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\AppData\Roaming [+] message : LONG_FOLDER_SCAN [+] int1 : 16 [+] int2 : 14 (46:0) C:\Users\Jean Marie CARRIBON\AppData, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\AppData [+] message : LONG_FOLDER_SCAN [+] int1 : 46 [+] int2 : 0 (18:0) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON\user1\sesam_vitale\FluxArchive, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON\user1\sesam_vitale\FluxArchive [+] message : LONG_FOLDER_SCAN [+] int1 : 18 [+] int2 : 0 (41:13034) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON\user1\sesam_vitale, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON\user1\sesam_vitale [+] message : LONG_FOLDER_SCAN [+] int1 : 41 [+] int2 : 13034 (42:33) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON\user1, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON\user1 [+] message : LONG_FOLDER_SCAN [+] int1 : 42 [+] int2 : 33 (46:257) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\Cabinet Médical CARRIBON [+] message : LONG_FOLDER_SCAN [+] int1 : 46 [+] int2 : 257 (26:7274) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\restauration\user1\sesam_vitale, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\restauration\user1\sesam_vitale [+] message : LONG_FOLDER_SCAN [+] int1 : 26 [+] int2 : 7274 (26:31) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\restauration\user1, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\restauration\user1 [+] message : LONG_FOLDER_SCAN [+] int1 : 26 [+] int2 : 31 (29:205) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\restauration, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc\restauration [+] message : LONG_FOLDER_SCAN [+] int1 : 29 [+] int2 : 205 (89:2) C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics\cabinets hellodoc [+] message : LONG_FOLDER_SCAN [+] int1 : 89 [+] int2 : 2 (89:1) C:\Users\Jean Marie CARRIBON\Documents\Documents publics, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\Documents publics [+] message : LONG_FOLDER_SCAN [+] int1 : 89 [+] int2 : 1 (21:12188) C:\Users\Jean Marie CARRIBON\Documents\hellodoc\Cabinet Médical CARRIBON\user1\sesam_vitale, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\hellodoc\Cabinet Médical CARRIBON\user1\sesam_vitale [+] message : LONG_FOLDER_SCAN [+] int1 : 21 [+] int2 : 12188 (21:15) C:\Users\Jean Marie CARRIBON\Documents\hellodoc\Cabinet Médical CARRIBON\user1, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\hellodoc\Cabinet Médical CARRIBON\user1 [+] message : LONG_FOLDER_SCAN [+] int1 : 21 [+] int2 : 15 (21:53) C:\Users\Jean Marie CARRIBON\Documents\hellodoc\Cabinet Médical CARRIBON, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\hellodoc\Cabinet Médical CARRIBON [+] message : LONG_FOLDER_SCAN [+] int1 : 21 [+] int2 : 53 (21:0) C:\Users\Jean Marie CARRIBON\Documents\hellodoc, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents\hellodoc [+] message : LONG_FOLDER_SCAN [+] int1 : 21 [+] int2 : 0 (131:43) C:\Users\Jean Marie CARRIBON\Documents, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON\Documents [+] message : LONG_FOLDER_SCAN [+] int1 : 131 [+] int2 : 43 (202:62) C:\Users\Jean Marie CARRIBON, LONG_FOLDER_SCAN [+] path : C:\Users\Jean Marie CARRIBON [+] message : LONG_FOLDER_SCAN [+] int1 : 202 [+] int2 : 62 (17:0) C:\Users\Public\Documents\Cabinet Médical CARRIBON\user1\sesam_vitale\FluxArchive, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinet Médical CARRIBON\user1\sesam_vitale\FluxArchive [+] message : LONG_FOLDER_SCAN [+] int1 : 17 [+] int2 : 0 (39:13034) C:\Users\Public\Documents\Cabinet Médical CARRIBON\user1\sesam_vitale, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinet Médical CARRIBON\user1\sesam_vitale [+] message : LONG_FOLDER_SCAN [+] int1 : 39 [+] int2 : 13034 (40:33) C:\Users\Public\Documents\Cabinet Médical CARRIBON\user1, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinet Médical CARRIBON\user1 [+] message : LONG_FOLDER_SCAN [+] int1 : 40 [+] int2 : 33 (45:257) C:\Users\Public\Documents\Cabinet Médical CARRIBON, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinet Médical CARRIBON [+] message : LONG_FOLDER_SCAN [+] int1 : 45 [+] int2 : 257 (20:0) C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON\user1\sesam_vitale\FluxArchive, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON\user1\sesam_vitale\FluxArchive [+] message : LONG_FOLDER_SCAN [+] int1 : 20 [+] int2 : 0 (51:16777) C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON\user1\sesam_vitale, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON\user1\sesam_vitale [+] message : LONG_FOLDER_SCAN [+] int1 : 51 [+] int2 : 16777 (51:34) C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON\user1, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON\user1 [+] message : LONG_FOLDER_SCAN [+] int1 : 51 [+] int2 : 34 (57:285) C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\Cabinet Médical CARRIBON [+] message : LONG_FOLDER_SCAN [+] int1 : 57 [+] int2 : 285 (19:0) C:\Users\Public\Documents\Cabinets HelloDoc\HelloDOC Mail\Mails\2, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\HelloDOC Mail\Mails\2 [+] message : LONG_FOLDER_SCAN [+] int1 : 19 [+] int2 : 0 (19:0) C:\Users\Public\Documents\Cabinets HelloDoc\HelloDOC Mail\Mails, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\HelloDOC Mail\Mails [+] message : LONG_FOLDER_SCAN [+] int1 : 19 [+] int2 : 0 (19:12) C:\Users\Public\Documents\Cabinets HelloDoc\HelloDOC Mail, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc\HelloDOC Mail [+] message : LONG_FOLDER_SCAN [+] int1 : 19 [+] int2 : 12 (80:9) C:\Users\Public\Documents\Cabinets HelloDoc, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Cabinets HelloDoc [+] message : LONG_FOLDER_SCAN [+] int1 : 80 [+] int2 : 9 (22:0) C:\Users\Public\Documents\Pinnacle\Content, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Pinnacle\Content [+] message : LONG_FOLDER_SCAN [+] int1 : 22 [+] int2 : 0 (22:0) C:\Users\Public\Documents\Pinnacle, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents\Pinnacle [+] message : LONG_FOLDER_SCAN [+] int1 : 22 [+] int2 : 0 (149:8) C:\Users\Public\Documents, LONG_FOLDER_SCAN [+] path : C:\Users\Public\Documents [+] message : LONG_FOLDER_SCAN [+] int1 : 149 [+] int2 : 8 (149:1) C:\Users\Public, LONG_FOLDER_SCAN [+] path : C:\Users\Public [+] message : LONG_FOLDER_SCAN [+] int1 : 149 [+] int2 : 1 (362:5) C:\Users, LONG_FOLDER_SCAN [+] path : C:\Users [+] message : LONG_FOLDER_SCAN [+] int1 : 362 [+] int2 : 5 (256:64410) C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1826.1.8, LONG_FOLDER_SCAN [+] path : C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1826.1.8 [+] message : LONG_FOLDER_SCAN [+] int1 : 256 [+] int2 : 64410 (256:0) C:\Windows\servicing\LCU, LONG_FOLDER_SCAN [+] path : C:\Windows\servicing\LCU [+] message : LONG_FOLDER_SCAN [+] int1 : 256 [+] int2 : 0 (262:4) C:\Windows\servicing, LONG_FOLDER_SCAN [+] path : C:\Windows\servicing [+] message : LONG_FOLDER_SCAN [+] int1 : 262 [+] int2 : 4 (31:4560) C:\Windows\System32, LONG_FOLDER_SCAN [+] path : C:\Windows\System32 [+] message : LONG_FOLDER_SCAN [+] int1 : 31 [+] int2 : 4560 (47:19155) C:\Windows\WinSxS\Manifests, LONG_FOLDER_SCAN [+] path : C:\Windows\WinSxS\Manifests [+] message : LONG_FOLDER_SCAN [+] int1 : 47 [+] int2 : 19155 (115:1) C:\Windows\WinSxS, LONG_FOLDER_SCAN [+] path : C:\Windows\WinSxS [+] message : LONG_FOLDER_SCAN [+] int1 : 115 [+] int2 : 1 (436:61) C:\Windows, LONG_FOLDER_SCAN [+] path : C:\Windows [+] message : LONG_FOLDER_SCAN [+] int1 : 436 [+] int2 : 61 ************************* Removal ************************* [PUP.PCReviver (Potentiellement Malicieux)] Start Menu Logon Manager [Corel Corporation] -- %ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe -> Arrêté(e) [+] scan_what : 0 [+] vendors : PUP.PCReviver [+] Name : Start Menu Logon Manager [Corel Corporation] [+] value : %ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [+] Type : Service [+] file_hash : 6E8D6292336AC47BC612F09B3BD17427F2FAD4C15E46A7FAA5568BBA98E3D107 [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 0 [+] status : 3 [+] status_str : Arrêté(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] HKEY_CLASSES_ROOT\CLSID\{E131C1D9-83F7-4D46-8660-C7211F8FD33A} -- [%ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe] -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.PCReviver [+] Name : HKEY_CLASSES_ROOT\CLSID\{E131C1D9-83F7-4D46-8660-C7211F8FD33A} [+] value : [%ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe] [+] Type : Registry [+] file_hash : 6E8D6292336AC47BC612F09B3BD17427F2FAD4C15E46A7FAA5568BBA98E3D107 [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 1 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] HKEY_CLASSES_ROOT\CLSID\{FF9E013D-4E10-455C-837F-0796B513CCA3} -- [%ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe] -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.PCReviver [+] Name : HKEY_CLASSES_ROOT\CLSID\{FF9E013D-4E10-455C-837F-0796B513CCA3} [+] value : [%ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe] [+] Type : Registry [+] file_hash : 6E8D6292336AC47BC612F09B3BD17427F2FAD4C15E46A7FAA5568BBA98E3D107 [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 2 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak|PUP.Gen1 (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\Software\Systweak -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.SysTweak|PUP.Gen1 [+] Name : HKEY_LOCAL_MACHINE\Software\Systweak [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 3 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.InnovativeSolutions (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\Software\Innovative Solutions -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.InnovativeSolutions [+] Name : HKEY_LOCAL_MACHINE\Software\Innovative Solutions [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 4 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak|PUP.Gen1 (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\Software\Systweak -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.SysTweak|PUP.Gen1 [+] Name : HKEY_LOCAL_MACHINE\Software\Systweak [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 5 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser|PUP.Gen1 (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\Software\UCBrowser -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.UCBrowser|PUP.Gen1 [+] Name : HKEY_LOCAL_MACHINE\Software\UCBrowser [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 6 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.Gen1 (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\Software\UCBrowserPID -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.Gen1 [+] Name : HKEY_LOCAL_MACHINE\Software\UCBrowserPID [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 7 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak|PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\.DEFAULT\Software\Systweak -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.SysTweak|PUP.Gen1 [+] Name : HKEY_USERS\.DEFAULT\Software\Systweak [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 8 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser|PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\.DEFAULT\Software\UCBrowser -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.UCBrowser|PUP.Gen1 [+] Name : HKEY_USERS\.DEFAULT\Software\UCBrowser [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 9 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.InnovativeSolutions (Potentiellement Malicieux)] HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Innovative Solutions -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.InnovativeSolutions [+] Name : HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Innovative Solutions [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 10 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak|PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Systweak -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.SysTweak|PUP.Gen1 [+] Name : HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Systweak [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 11 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser|PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\UCBrowser -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.UCBrowser|PUP.Gen1 [+] Name : HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\UCBrowser [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 12 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\UCBrowserPID -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.Gen1 [+] Name : HKEY_USERS\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\UCBrowserPID [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 13 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak|PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\S-1-5-18\Software\Systweak -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.SysTweak|PUP.Gen1 [+] Name : HKEY_USERS\S-1-5-18\Software\Systweak [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 14 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser|PUP.Gen1 (Potentiellement Malicieux)] HKEY_USERS\S-1-5-18\Software\UCBrowser -- -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.UCBrowser|PUP.Gen1 [+] Name : HKEY_USERS\S-1-5-18\Software\UCBrowser [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 15 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Start Menu Logon Manager -- [%ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe] -> Supprimé(e) [+] scan_what : 2 [+] vendors : PUP.PCReviver [+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Start Menu Logon Manager [+] value : [%ProgramFiles%\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe] [+] Type : Registry [+] file_hash : 6E8D6292336AC47BC612F09B3BD17427F2FAD4C15E46A7FAA5568BBA98E3D107 [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 16 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [Suspicious.Path (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A7410B54-0DD5-4625-9816-0BFD86CE2867} -- [%localappdata%\Temp\linuxlive-usb-creator-2-8-3-multi-win\S.O.S.64.exe] -> Supprimé(e) [+] scan_what : 1 [+] vendors : Suspicious.Path [+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A7410B54-0DD5-4625-9816-0BFD86CE2867} [+] value : [%localappdata%\Temp\linuxlive-usb-creator-2-8-3-multi-win\S.O.S.64.exe] [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 17 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [Suspicious.Path (Potentiellement Malicieux)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9F29FB47-4A26-4AA7-BE6A-4D2A1F186EA9} -- [%localappdata%\Temp\linuxlive-usb-creator-2-8-3-multi-win\S.O.S.64.exe] -> Supprimé(e) [+] scan_what : 1 [+] vendors : Suspicious.Path [+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9F29FB47-4A26-4AA7-BE6A-4D2A1F186EA9} [+] value : [%localappdata%\Temp\linuxlive-usb-creator-2-8-3-multi-win\S.O.S.64.exe] [+] Type : Registry [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 18 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] Start Menu Reviver.lnk -- %SystemDrive%\Users\Public\Desktop\Start Menu Reviver.lnk (lnk => C:\PROGRA~1\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe []) -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : Start Menu Reviver.lnk [+] value : %SystemDrive%\Users\Public\Desktop\Start Menu Reviver.lnk (lnk => C:\PROGRA~1\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe []) [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 19 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.HackTool (Potentiellement Malicieux)] AutoKMS -- %SystemRoot%\AutoKMS -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.HackTool [+] Name : AutoKMS [+] value : %SystemRoot%\AutoKMS [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 20 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [Tr.Gen (Malicieux)] Migration -- %SystemRoot%\Migration -> Supprimé(e) [+] scan_what : 1 [+] vendors : Tr.Gen [+] Name : Migration [+] value : %SystemRoot%\Migration [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 2 [+] id : 21 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] Facebook.lnk -- %SystemRoot%\SysWOW64\config\systemprofile\Desktop\Facebook.lnk (lnk => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe [http://facebook.com]) -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : Facebook.lnk [+] value : %SystemRoot%\SysWOW64\config\systemprofile\Desktop\Facebook.lnk (lnk => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe [http://facebook.com]) [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 22 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.InnovativeSolutions (Potentiellement Malicieux)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.InnovativeSolutions [+] Name : Innovative Solutions [+] value : %localappdata%\Innovative Solutions [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 23 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] UCBrowser -- %localappdata%\UCBrowser -> Supprimé(e) au redémarrage [91] [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : UCBrowser [+] value : %localappdata%\UCBrowser [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 24 [+] status : 5 [+] status_str : Supprimé(e) au redémarrage [91] [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] ReviverSoft -- %programdata%\Microsoft\Windows\Start Menu\Programs\ReviverSoft -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : ReviverSoft [+] value : %programdata%\Microsoft\Windows\Start Menu\Programs\ReviverSoft [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 25 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] ReviverSoft -- %programdata%\ReviverSoft -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : ReviverSoft [+] value : %programdata%\ReviverSoft [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 26 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak (Potentiellement Malicieux)] Systweak -- %programdata%\Systweak -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.SysTweak [+] Name : Systweak [+] value : %programdata%\Systweak [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 27 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] ReviverSoft -- %ProgramFiles%\ReviverSoft -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : ReviverSoft [+] value : %ProgramFiles%\ReviverSoft [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 28 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.InnovativeSolutions (Potentiellement Malicieux)] Innovative Solutions -- %programfiles(x86)%\Innovative Solutions -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.InnovativeSolutions [+] Name : Innovative Solutions [+] value : %programfiles(x86)%\Innovative Solutions [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 29 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] UCBrowser -- %programfiles(x86)%\UCBrowser -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : UCBrowser [+] value : %programfiles(x86)%\UCBrowser [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 30 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] Start Menu Reviver.lnk -- %SystemDrive%\documents and settings\Public\Desktop\Start Menu Reviver.lnk (lnk => C:\PROGRA~1\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe []) -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : Start Menu Reviver.lnk [+] value : %SystemDrive%\documents and settings\Public\Desktop\Start Menu Reviver.lnk (lnk => C:\PROGRA~1\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe []) [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 31 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [Cloud.Generic (Malicieux)] TNTW2KE.exe -- %SystemDrive%\1à6 -\Drivers\Nvidia\Win2000\TNTW2KE.exe -> Supprimé(e) [+] scan_what : 1 [+] vendors : Cloud.Generic [+] Name : TNTW2KE.exe [+] value : %SystemDrive%\1à6 -\Drivers\Nvidia\Win2000\TNTW2KE.exe [+] Type : File/Folder [+] file_hash : A5B35DEBB34664623FA6CD9875FC801A37A1FDD1F0037FBC4BFE9E5F2898B9D2 [+] file_vtscore : 7 [+] file_vttotal : 69 [+] is_malicious : Yes [+] detection_level : 2 [+] id : 32 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 99 [Cloud.Generic (Malicieux)] DCU.exe -- %SystemDrive%\LiberKey\Apps\DCU\App\DCU\DCU.exe -> Supprimé(e) [+] scan_what : 1 [+] vendors : Cloud.Generic [+] Name : DCU.exe [+] value : %SystemDrive%\LiberKey\Apps\DCU\App\DCU\DCU.exe [+] Type : File/Folder [+] file_hash : BF8BDD7C6064373FFBEED10049E527B6FE5C4EDF3FAC734E7E5EB92053194CFC [+] file_vtscore : 8 [+] file_vttotal : 69 [+] is_malicious : Yes [+] detection_level : 2 [+] id : 33 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 99 [PUP.PCReviver (Potentiellement Malicieux)] ReviverSoft -- %ProgramFiles%\ReviverSoft -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : ReviverSoft [+] value : %ProgramFiles%\ReviverSoft [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 34 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.InnovativeSolutions (Potentiellement Malicieux)] Innovative Solutions -- %programfiles(x86)%\Innovative Solutions -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.InnovativeSolutions [+] Name : Innovative Solutions [+] value : %programfiles(x86)%\Innovative Solutions [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 35 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] UCBrowser -- %programfiles(x86)%\UCBrowser -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : UCBrowser [+] value : %programfiles(x86)%\UCBrowser [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 36 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] ReviverSoft -- %programdata%\Microsoft\Windows\Start Menu\Programs\ReviverSoft -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : ReviverSoft [+] value : %programdata%\Microsoft\Windows\Start Menu\Programs\ReviverSoft [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 37 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] ReviverSoft -- %programdata%\ReviverSoft -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : ReviverSoft [+] value : %programdata%\ReviverSoft [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 38 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.SysTweak (Potentiellement Malicieux)] Systweak -- %programdata%\Systweak -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.SysTweak [+] Name : Systweak [+] value : %programdata%\Systweak [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 39 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.InnovativeSolutions (Potentiellement Malicieux)] Innovative Solutions -- %localappdata%\Innovative Solutions -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.InnovativeSolutions [+] Name : Innovative Solutions [+] value : %localappdata%\Innovative Solutions [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 40 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] UCBrowser -- %localappdata%\UCBrowser -> Supprimé(e) au redémarrage [91] [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : UCBrowser [+] value : %localappdata%\UCBrowser [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 41 [+] status : 5 [+] status_str : Supprimé(e) au redémarrage [91] [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.AutoIt.Gen (Potentiellement Malicieux)] ServicesRepair.exe -- %USERPROFILE%\Desktop\Désinfection Debug Endoscope-UEF- De L'Eau Croisière 3 Suite\resources\stage_9_manual_tools\ServicesRepair.exe -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.AutoIt.Gen [+] Name : ServicesRepair.exe [+] value : %USERPROFILE%\Desktop\Désinfection Debug Endoscope-UEF- De L'Eau Croisière 3 Suite\resources\stage_9_manual_tools\ServicesRepair.exe [+] Type : File/Folder [+] file_hash : 8CABC5DFDA708D6C6FB7E3EAEE83C050DD913DA623012CFE2D50C3709F7038C5 [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 42 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.AutoIt.Gen (Potentiellement Malicieux)] ServicesRepair.exe -- %USERPROFILE%\Desktop\tron\resources\stage_9_manual_tools\ServicesRepair.exe -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.AutoIt.Gen [+] Name : ServicesRepair.exe [+] value : %USERPROFILE%\Desktop\tron\resources\stage_9_manual_tools\ServicesRepair.exe [+] Type : File/Folder [+] file_hash : 8CABC5DFDA708D6C6FB7E3EAEE83C050DD913DA623012CFE2D50C3709F7038C5 [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 43 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.PCReviver (Potentiellement Malicieux)] Start Menu Reviver.lnk -- %SystemDrive%\Users\Public\Desktop\Start Menu Reviver.lnk (lnk => C:\PROGRA~1\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe []) -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.PCReviver [+] Name : Start Menu Reviver.lnk [+] value : %SystemDrive%\Users\Public\Desktop\Start Menu Reviver.lnk (lnk => C:\PROGRA~1\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe []) [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 44 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.HackTool (Potentiellement Malicieux)] AutoKMS -- %SystemRoot%\AutoKMS -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.HackTool [+] Name : AutoKMS [+] value : %SystemRoot%\AutoKMS [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 45 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [Tr.Gen (Malicieux)] Migration -- %SystemRoot%\Migration -> Trouvé(e) [+] scan_what : 1 [+] vendors : Tr.Gen [+] Name : Migration [+] value : %SystemRoot%\Migration [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 2 [+] id : 46 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] UC Browser.lnk -- %SystemRoot%\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UC Browser.lnk (lnk => C:\PROGRA~2\UCBROW~1\Application\UCBrowser.exe []) -> Supprimé(e) [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : UC Browser.lnk [+] value : %SystemRoot%\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\UC Browser.lnk (lnk => C:\PROGRA~2\UCBROW~1\Application\UCBrowser.exe []) [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 47 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 0 [PUP.UCBrowser (Potentiellement Malicieux)] Facebook.lnk -- %SystemRoot%\SysWOW64\config\systemprofile\Desktop\Facebook.lnk (lnk => C:\PROGRA~2\UCBROW~1\Application\UCBrowser.exe [http://facebook.com]) -> Trouvé(e) [+] scan_what : 1 [+] vendors : PUP.UCBrowser [+] Name : Facebook.lnk [+] value : %SystemRoot%\SysWOW64\config\systemprofile\Desktop\Facebook.lnk (lnk => C:\PROGRA~2\UCBROW~1\Application\UCBrowser.exe [http://facebook.com]) [+] Type : File/Folder [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 48 [+] status : 1 [+] status_str : Trouvé(e) [+] removed : No [+] status_choice : 2 [+] malpe_score : 0 [Cloud.Generic (Malicieux)] TFC.exe -- F:\TFC.exe -> Supprimé(e) [+] scan_what : 1 [+] vendors : Cloud.Generic [+] Name : TFC.exe [+] value : F:\TFC.exe [+] Type : File/Folder [+] file_hash : C6592C2061C39EA8ED94D1F6854E16A722DC461F4D5B907B0230452D07D4CCE3 [+] file_vtscore : 6 [+] file_vttotal : 67 [+] is_malicious : Yes [+] detection_level : 2 [+] id : 49 [+] status : 3 [+] status_str : Supprimé(e) [+] removed : Yes [+] status_choice : 2 [+] malpe_score : 99