Security-X

Forum Security-X => Sécurité Générale => Malwares => Discussion démarrée par: chantal11 le octobre 19, 2017, 16:01:44

Titre: Privacy Reviver
Posté par: chantal11 le octobre 19, 2017, 16:01:44
Contenu republié avec la permission de Malwarebytes (https://forums.malwarebytes.org/index.php?showforum=39)

Privacy Reviver est un faux nettoyeur/optimiseur, affiche intentionnellement des faux-positifs pour convaincre l'utilisateur que son système a des problèmes et lui faire acheter le logiciel.
Plus d'infos : Registry Cleaners: Digital Snake Oil | Malwarebytes Labs (https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/)


(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/main.png&key=93fa36323bb9f50e97378089aa37f838f94044426e19e6efe9135a5cdd48fa57)

(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/warning4.png&key=5d1320b1a25eba1847b04fe79e28ffd9ea3478b18ebb3cfb1d70b013aa43a100)

(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/warning1.png&key=c4d9570887f900d2814353c8cc9a1ca25d4496c9df5b5384239a9de9ed456239)

(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/warning5.png&key=5d61f330b205f48122bea1c996748fa764e5f649ea613e2b2004541d82954852)

(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/warning6.png&key=64a4a206756031fb49117f64811beecb6d12687ab097943444abe02ae7a2e8a6)

(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/icons.png&key=2435a350da0eda790b41b5374b96c5f010e3d748595de4dbd45f438593e9c63a)


(https://forums.malwarebytes.com/applications/core/interface/imageproxy/imageproxy.php?img=https://static-cdn.malwarebytes.org/pub_images/PrivacyReviver/warning3.png&key=8b6db5833fedf914de2d4d9b1ff541f126d5d4b5414b3e252c9bc153f00323c8)







**********

Détection de Privacy Reviver dans des rapports FRST :

Citer
Privacy Reviver (HKLM\...\{F4844364-CF98-4050-815D-54466DB7D7C9}) (Version: 3.4.0.0 - Corel Corporation)
Task: {16E02FB5-D9EC-4E22-A229-EBEC52D0FB30} - System32\Tasks\ReviverSoft_PrivacyReviver_Daily => C:\ProgramData\ReviverSoft\Privacy Reviver\notifier.exe [2017-07-26] (ReviverSoft)
Task: {B6E38965-1F6E-4C8E-9720-E3C8D909690A} - System32\Tasks\PrivacyReviver_Master => C:\Program Files (x86)\Privacy Reviver\InstAct.exe [2017-07-24] ()
Task: {BC34FE59-985A-4C32-AC71-D255C4D09D40} - System32\Tasks\PrivacyReviver_Popup => C:\Program Files (x86)\Privacy Reviver\PrivacyReviver.exe [2017-07-24] (Privacy Reviver)
Task: {F97C78EB-5AFC-43A1-B511-61A75BBCD3FE} - System32\Tasks\PrivacyReviver_Popup3 => C:\Program Files (x86)\Privacy Reviver\PrivacyReviver.exe [2017-07-24] (Privacy Reviver)

() C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoft Smart Monitor Service.exe
(Privacy Reviver) C:\Program Files (x86)\Privacy Reviver\PrivacyReviver.exe
(Corel Corporation) C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoftSmartMonitor.exe
HKCU\...\Run: [PrivacyReviver] => C:\Program Files (x86)\Privacy Reviver\PrivacyReviver.exe [9551712 2017-07-24] (Privacy Reviver)
R2 ReviverSoft Smart Monitor Service; C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoft Smart Monitor Service.exe [495872 2017-07-21] ()
C:\Windows\System32\Tasks\PrivacyReviver_Popup3
C:\Users\{Nom_Utilisateur}\AppData\Local\PrivacyReviver
C:\Windows\System32\Tasks\PrivacyReviver_Popup
C:\ProgramData\ReviverSoft
C:\Windows\System32\Tasks\ReviverSoft_PrivacyReviver_Daily
C:\Windows\System32\Tasks\PrivacyReviver_Master
C:\Users\{Nom_Utilisateur}\Desktop\Privacy Reviver.lnk
C:\Users\{Nom_Utilisateur}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Privacy Reviver
C:\Program Files\ReviverSoft
C:\Program Files (x86)\Privacy Reviver

**********

Détecté et traité par Malwarebytes en tant que PUP/LPI (Programme potentiellement Indésirable)
Sous la version Premium, Malwarebytes bloque l'accès au domaine reviversoft.com et l'IP 52.5.232.222


Citer
-Scan Details-
Process: 1
PUP.Optional.ReviverSoft, C:\PROGRAM FILES (X86)\PRIVACY REVIVER\PRIVACYREVIVER.EXE, Quarantined, [2838], [430456],1.0.2701

Module: 2
PUP.Optional.ReviverSoft, C:\PROGRAM FILES (X86)\PRIVACY REVIVER\PRIVACYREVIVER.EXE, Quarantined, [2838], [430456],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\System.Data.SQLite.dll, Quarantined, [2838], [430442],1.0.2701

Registry Key: 17
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\WOW6432NODE\Privacy Reviver, Delete-on-Reboot, [2838], [430451],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PrivacyReviver_Master, Delete-on-Reboot, [2838], [430449],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PrivacyReviver_Popup, Delete-on-Reboot, [2838], [430449],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Privacy Reviver, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F4844364-CF98-4050-815D-54466DB7D7C9}, Delete-on-Reboot, [2838], [430445],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PrivacyReviver_Popup3, Delete-on-Reboot, [2838], [430449],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{16E02FB5-D9EC-4E22-A229-EBEC52D0FB30}, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B6E38965-1F6E-4C8E-9720-E3C8D909690A}, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BC34FE59-985A-4C32-AC71-D255C4D09D40}, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKCU\SOFTWARE\PrivacyReviverValidity, Delete-on-Reboot, [2838], [430450],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F97C78EB-5AFC-43A1-B511-61A75BBCD3FE}, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ReviverSoft_PrivacyReviver_Daily, Delete-on-Reboot, [2838], [430449],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\PrivacyReviver.exe, Delete-on-Reboot, [2838], [430454],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\PrivacyReviver.exe, Delete-on-Reboot, [2838], [430454],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\CLASSES\APPID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}, Delete-on-Reboot, [2838], [347964],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}, Delete-on-Reboot, [2838], [347964],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}, Delete-on-Reboot, [2838], [347964],1.0.2701

Registry Value: 5
PUP.Optional.ReviverSoft, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PRIVACYREVIVER, Delete-on-Reboot, [2838], [430456],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{16E02FB5-D9EC-4E22-A229-EBEC52D0FB30}|PATH, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B6E38965-1F6E-4C8E-9720-E3C8D909690A}|PATH, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BC34FE59-985A-4C32-AC71-D255C4D09D40}|PATH, Delete-on-Reboot, [2838], [430457],1.0.2701
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F97C78EB-5AFC-43A1-B511-61A75BBCD3FE}|PATH, Delete-on-Reboot, [2838], [430457],1.0.2701

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 19
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\fil-PH, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\se-FI, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\ar, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\da, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\de, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\es, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\fr, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\he, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\it, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\ja, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\nl, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\no, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\pt, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\ru, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\sv, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\PROGRAM FILES (X86)\PRIVACY REVIVER, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\PRIVACY REVIVER, Delete-on-Reboot, [2838], [430443],1.0.2701
PUP.Optional.ReviverSoft, C:\USERS\{username}\APPDATA\LOCAL\PRIVACYREVIVER, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\PROGRAMDATA\REVIVERSOFT\PRIVACY REVIVER, Delete-on-Reboot, [2838], [430445],1.0.2701

File: 58
PUP.Optional.ReviverSoft, C:\USERS\{username}\DESKTOP\PRIVACY REVIVER.LNK, Delete-on-Reboot, [2838], [430446],1.0.2701
PUP.Optional.ReviverSoft, C:\WINDOWS\SYSTEM32\TASKS\PrivacyReviver_Master, Delete-on-Reboot, [2838], [430448],1.0.2701
PUP.Optional.ReviverSoft, C:\WINDOWS\SYSTEM32\TASKS\PrivacyReviver_Popup, Delete-on-Reboot, [2838], [430448],1.0.2701
PUP.Optional.ReviverSoft, C:\WINDOWS\SYSTEM32\TASKS\PrivacyReviver_Popup3, Delete-on-Reboot, [2838], [430448],1.0.2701
PUP.Optional.ReviverSoft, C:\WINDOWS\SYSTEM32\TASKS\ReviverSoft_PrivacyReviver_Daily, Delete-on-Reboot, [2838], [430448],1.0.2701
PUP.Optional.ReviverSoft, C:\PROGRAM FILES (X86)\PRIVACY REVIVER\PRIVACYREVIVER.EXE, Delete-on-Reboot, [2838], [430456],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\ar\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\da\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\de\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\es\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\fil-PH\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\fr\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\he\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\it\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\ja\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\nl\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\no\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\pt\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\ru\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\se-FI\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\sv\PrivacyReviver.resources.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Esent.Interop.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\InstAct.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\InstAct.exe.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Microsoft.Win32.TaskScheduler.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Newtonsoft.Json.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\PrivacyEngine.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\PrivacyEngine.dll.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\PrivacyReviver.exe.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Push.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Push.exe.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\schedc.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\schedc.exe.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\schedc10.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\schedc10.exe.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Setup.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Setup.dll.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\System.Data.SQLite.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\TaskTools.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\TaskTools.exe.config, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\uninstall.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\updater.exe, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\updater.ini, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Program Files (x86)\Privacy Reviver\Util.dll, Delete-on-Reboot, [2838], [430442],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Privacy Reviver\Privacy Reviver.lnk, Delete-on-Reboot, [2838], [430443],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\chcookies.txt, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\debug.log, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\ffcookies.txt, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\iecookies.txt, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\log.rtf, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\lsttick, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\PrivacyReviver.settings, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\report.txt, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\Users\{username}\AppData\Local\PrivacyReviver\wndstate.tmp, Delete-on-Reboot, [2838], [430444],1.0.2701
PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Privacy Reviver\notifier.exe, Delete-on-Reboot, [2838], [430445],1.0.2701
PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Privacy Reviver\tray.exe, Delete-on-Reboot, [2838], [430445],1.0.2701
PUP.Optional.ReviverSoft, C:\ProgramData\ReviverSoft\Privacy Reviver\Uninst.exe, Delete-on-Reboot, [2838], [430445],1.0.2701
PUP.Optional.ReviverSoft, C:\USERS\{username}\DESKTOP\PRIVACYREVIVERSETUP.EXE, Delete-on-Reboot, [2838], [430335],1.0.2701

Physical Sector: 0
(No malicious items detected)



Tutoriel d'utilisation Malwarebytes en images (https://forum.security-x.fr/tutoriels-317/tutoriel-malwarebytes-anti-malware-22723/)


Source : Removal instructions for Privacy Reviver de Metallica - Malwarebytes Forums (https://forums.malwarebytes.com/topic/209536-removal-instructions-for-privacy-reviver/)



Toujours infecté ? Une question avant de faire des manipulations ?

Venez poster un nouveau sujet dans ce forum : http://forum.security-x.fr/desinfections/  en prenant soin de suivre la procédure http://forum.security-x.fr/desinfections/procedure-preliminaire/