Page 1 sur 1

Knight System Protector

Posté : jeu. 21 juin 2018 19:35
par Amesam
Qu'est-ce que Knight System Protector ?


L'équipe de recherche Malwarebytes a déterminé que Knight System Protector est un faux programme d'optimisation.
Il utilise des faux positifs pour convaincre les utilisateurs que leurs systèmes est remplit d'erreurs à corriger. Ensuite, il essaie de vous vendre son logiciel, en prétendant que cela supprimera ces problèmes.

Malwarebytes peut détecter et supprimer ce programme potentiellement indésirable (PUP.Optional.KnightSystemProtector).


Image


Détails techniques :

Lignes possibles dans les rapports FRST :

Code : Tout sélectionner

() C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe
C:\Program Files (x86)\Knight System Protector
C:\Windows\System32\Tasks\Knight System Protector Startup
C:\Users\{username}\Desktop\Knight System Protector.lnk
C:\Users\{username}\AppData\Roaming\Knight System Protector
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knight System Protector

Knight System Protector version 3.0 (HKLM-x32\...\Knight System Protector_is1) (Version:  - )
Task: {67B6F24A-57CC-463A-9122-5D5C3A8B9C12} - System32\Tasks\Knight System Protector Startup => C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe [2013-12-17] ()

Modifications apportées :

Code : Tout sélectionner

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\Knight System Protector
       Adds the file Engine.dll"="8/6/2013 5:12 PM, 2059776 bytes, A
       Adds the file EngineEx.dll"="12/8/2013 4:41 AM, 5632 bytes, A
       Adds the file eSellerateControl365.dll"="2/23/2007 2:57 PM, 94208 bytes, A
       Adds the file eSellerateEngine.dll"="3/5/2007 9:51 AM, 360580 bytes, A
       Adds the file eWebClient.dll"="4/19/2007 1:04 PM, 279172 bytes, A
       Adds the file eWebControl365.dll"="4/13/2007 4:49 PM, 143360 bytes, A
       Adds the file Knight System Protector.ini"="5/9/2018 8:01 AM, 23 bytes, A
       Adds the file KnightSystemProtector.exe"="12/17/2013 6:07 PM, 2159864 bytes, A
       Adds the file Languages.ini"="11/17/2013 11:28 PM, 387518 bytes, A
       Adds the file unins000.dat"="5/9/2018 8:01 AM, 6419 bytes, A
       Adds the file unins000.exe"="5/9/2018 8:00 AM, 715038 bytes, A
    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knight System Protector
       Adds the file Knight System Protector.lnk"="5/9/2018 8:01 AM, 1243 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Knight System Protector\Data
    In the existing folder C:\Users\{username}\Desktop
       Adds the file Knight System Protector.lnk"="5/9/2018 8:01 AM, 1225 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file Knight System Protector Startup"="5/9/2018 8:01 AM, 3388 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}]
       "(Default)"="REG_SZ", "eSeller Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\InprocServer32]
       "(Default)"="REG_SZ", "C:\PROGRA~2\KNIGHT~1\ESELLE~1.DLL"
       "ThreadingModel"="REG_SZ", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\ProgID]
       "(Default)"="REG_SZ", "eSellerateControl.365.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\Programmable]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\TypeLib]
       "(Default)"="REG_SZ", "{169FBBF8-0478-42A4-B386-4F5B2CF9A98B}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\VersionIndependentProgID]
       "(Default)"="REG_SZ", "eSellerateControl.365"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}]
       "AuthorizedCDFPrefix"="REG_SZ", ""
       "Comments"="REG_SZ", "Caution. Removing this product might prevent some applications from running."
       "Contact"="REG_SZ", ""
       "DisplayName"="REG_SZ", "Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219"
       "DisplayVersion"="REG_SZ", "10.0.40219"
       "EstimatedSize"="REG_DWORD", 14166
       "HelpLink"="REG_EXPAND_SZ, "http://go.microsoft.com/fwlink/?LinkId=146008"
       "HelpTelephone"="REG_SZ", ""
       "InstallDate"="REG_SZ", "20180509"
       "InstallLocation"="REG_SZ", ""
       "InstallSource"="REG_SZ", "c:\9135c92b2c0a43fbccf3\"
       "Language"="REG_DWORD", 0
       "ModifyPath"="REG_EXPAND_SZ, "MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}"
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "Microsoft Corporation"
       "Readme"="REG_SZ", ""
       "Size"="REG_SZ", ""
       "UninstallString"="REG_EXPAND_SZ, "MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}"
       "URLInfoAbout"="REG_SZ", ""
       "URLUpdateInfo"="REG_SZ", ""
       "Version"="REG_DWORD", 167812379
       "VersionMajor"="REG_DWORD", 10
       "VersionMinor"="REG_DWORD", 0
       "WindowsInstaller"="REG_DWORD", 1

Malwarebytes log :

Code : Tout sélectionner

-Log Details-
Scan Date: 5/9/18
Scan Time: 8:16 AM
Log File: 8048c283-5350-11e8-9a1d-080027235d76.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.5038
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239177
Threats Detected: 87
Threats Quarantined: 87
Time Elapsed: 2 min, 37 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 1
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe, Quarantined, [1064], [257011],1.0.5038

Module: 1
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe, Quarantined, [1064], [257011],1.0.5038

Registry Key: 62
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eSellerateControl.365, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eSellerateControl.365.1, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\TYPELIB\{169FBBF8-0478-42A4-B386-4F5B2CF9A98B}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\INTERFACE\{40A9417F-F41E-40A2-BAA5-FE0ACB1CF8F8}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40A9417F-F41E-40A2-BAA5-FE0ACB1CF8F8}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40A9417F-F41E-40A2-BAA5-FE0ACB1CF8F8}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{169FBBF8-0478-42A4-B386-4F5B2CF9A98B}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{169FBBF8-0478-42A4-B386-4F5B2CF9A98B}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\AxeServer.AxeNV, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\AxeServer.AxeNV.1, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\TYPELIB\{24158A0E-DA05-4591-BA7D-D85D801E3F11}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C9CA10D-E604-47FB-A2F9-C9A013193609}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C9CA10D-E604-47FB-A2F9-C9A013193609}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C9CA10D-E604-47FB-A2F9-C9A013193609}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{24158A0E-DA05-4591-BA7D-D85D801E3F11}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{24158A0E-DA05-4591-BA7D-D85D801E3F11}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6C9CA10D-E604-47FB-A2F9-C9A013193609}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6C9CA10D-E604-47FB-A2F9-C9A013193609}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6C9CA10D-E604-47FB-A2F9-C9A013193609}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{44EEAD9B-4EB1-4236-83BC-1273BB4B01EF}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6C9CA10D-E604-47FB-A2F9-C9A013193609}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eWebPrefillData.365, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eWebPrefillData.365.1, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\TYPELIB\{FD96BC95-A0B9-4533-B0D3-8D47E9924D34}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\INTERFACE\{4CC7B178-100E-4533-BA30-BDB668229BF9}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\INTERFACE\{788C5A1B-3643-4E99-87DF-E9E0C5B73691}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\INTERFACE\{9512C7B2-2065-4774-A522-2EFFB4188331}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4CC7B178-100E-4533-BA30-BDB668229BF9}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{788C5A1B-3643-4E99-87DF-E9E0C5B73691}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9512C7B2-2065-4774-A522-2EFFB4188331}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4CC7B178-100E-4533-BA30-BDB668229BF9}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{788C5A1B-3643-4E99-87DF-E9E0C5B73691}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9512C7B2-2065-4774-A522-2EFFB4188331}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FD96BC95-A0B9-4533-B0D3-8D47E9924D34}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FD96BC95-A0B9-4533-B0D3-8D47E9924D34}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eWebSDK.365, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eWebSDK.365.1, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eWebResultData.365, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\eWebResultData.365.1, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{892F787F-B650-4A3E-AA5B-2B8021CE4D0A}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A0B0E5AB-617C-4A7D-8A94-9937D24B6670}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B34CCD89-D1CD-4F9A-BA6C-936BA7F7A239}\InprocServer32, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Knight System Protector Startup, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{67B6F24A-57CC-463A-9122-5D5C3A8B9C12}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{67B6F24A-57CC-463A-9122-5D5C3A8B9C12}, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Knight System Protector_is1, Quarantined, [1064], [257011],1.0.5038

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 5
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Logs, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\PROGRAM FILES (X86)\KNIGHT SYSTEM PROTECTOR, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Users\{username}\AppData\Roaming\Knight System Protector\Data, Quarantined, [1064], [181917],1.0.5038
PUP.Optional.KnightSystemProtector, C:\USERS\{username}\APPDATA\ROAMING\KNIGHT SYSTEM PROTECTOR, Quarantined, [1064], [181917],1.0.5038
PUP.Optional.KnightSystemProtector, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\KNIGHT SYSTEM PROTECTOR, Quarantined, [1064], [181918],1.0.5038

File: 18
PUP.Optional.KnightSystemProtector, C:\USERS\{username}\DESKTOP\KNIGHT SYSTEM PROTECTOR.LNK, Quarantined, [1064], [257010],1.0.5038
PUP.Optional.KnightSystemProtector, C:\PROGRAM FILES (X86)\KNIGHT SYSTEM PROTECTOR\unins000.dat, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Logs\43229.338445787.txt, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Logs\43229.3389508912.txt, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Logs\43229.3390886921.txt, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Engine.dll, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\EngineEx.dll, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\eSellerateControl365.dll, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\eSellerateEngine.dll, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\eWebClient.dll, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\eWebControl365.dll, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Knight System Protector.ini, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\KnightSystemProtector.exe, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\Languages.ini, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\Program Files (x86)\Knight System Protector\unins000.exe, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\WINDOWS\SYSTEM32\TASKS\Knight System Protector Startup, Quarantined, [1064], [257011],1.0.5038
PUP.Optional.KnightSystemProtector, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knight System Protector\Knight System Protector.lnk, Quarantined, [1064], [181918],1.0.5038
PUP.Optional.KnightSystemProtector, C:\USERS\{username}\DESKTOP\KSPSETUP.EXE, Quarantined, [1064], [366348],1.0.5038

Physical Sector: 0
(No malicious items detected)


(end)

Publication autorisée par le Staff de Malwarebytes
Source

Image