cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 31/08/2015
Heure de l'analyse: 20:59
Fichier journal: rapport anti-malware.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.31.03
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: pc portable

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 375515
Temps écoulé: 10 min, 15 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 34
PUP.Optional.BDYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En quarantaine, [79e60609b8d31d19e458fd7fec1803fd],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE, En quarantaine, [f86753bc2c5f4beb48a510a822e1ea16],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE, En quarantaine, [cf90c6494a41072fd14518a1fc078779],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE, En quarantaine, [d48be22d6229c96d98a12990748fea16],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE, En quarantaine, [db846ea1ef9c94a2be748fcb26deed13],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE, En quarantaine, [e57ab956117a9c9ad51d457437cc13ed],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE, En quarantaine, [005f907fd8b30c2a61833e7c42c1fa06],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE, En quarantaine, [bca318f7850680b6bc750852f014a55b],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE, En quarantaine, [70ef12fd3a5174c299264e6da95ade22],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE, En quarantaine, [77e818f76d1e73c339c3209bb44f1ce4],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE, En quarantaine, [ce916da27f0c85b1937b6557d42f1fe1],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE, En quarantaine, [fd62cd424e3dfc3a2ff21f9d24df7b85],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE, En quarantaine, [80df2ce3008b40f6988fc2fae221bb45],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE, En quarantaine, [bba4cc436c1ff541452373c8699bac54],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE, En quarantaine, [005f63ac711a90a6f14280da39cbc937],
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE, En quarantaine, [72ed2be4fc8f3ff77efd4d72956e966a],
PUP.Optional.SaleCharger, HKLM\SOFTWARE\WOW6432NODE\SaleCharger, En quarantaine, [5b0460af0a81f541f144d5d6e81c8b75],
PUP.Optional.WordAnchor, HKLM\SOFTWARE\WOW6432NODE\WordAnchor_1.10.0.19, En quarantaine, [9dc2907f4348171f750b97260400629e],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE, En quarantaine, [c59a56b9ddaeac8a7f6ea315d62dbe42],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE, En quarantaine, [cb9464aba8e366d017ff2594a162bd43],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE, En quarantaine, [2a358f8046452115dd5ce2d738cbb749],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE, En quarantaine, [d28d41cee7a467cfe052a5b5bc4821df],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE, En quarantaine, [5b041cf3e8a364d2d220edcc20e3fd03],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE, En quarantaine, [a8b7b25d8605f5410ada5d5df31035cb],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE, En quarantaine, [b1ae3fd05437cc6a64cde9710ff519e7],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE, En quarantaine, [0f5086892d5e7abc4d720bb04fb4bd43],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE, En quarantaine, [530ca56a36551a1cc4382497a95a50b0],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE, En quarantaine, [5c0337d8a8e33afcb95583393ec53ec2],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE, En quarantaine, [b2aded22682352e4f32efdbfc04310f0],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE, En quarantaine, [26392de2dcaf68cecf5844781fe45aa6],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE, En quarantaine, [75eace4195f652e4a9bf94a7e2224db3],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE, En quarantaine, [342b59b60c7fd85e0330da80cb391be5],
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE, En quarantaine, [60ff34db5d2eb0867209a619f60d3fc1],
PUP.Optional.BDYahoo, HKU\S-1-5-21-3339448437-3027786054-3453759721-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En quarantaine, [9ec1749be0ab3cfa102bf18b27dd9f61],

Valeurs du registre: 36
PUP.Optional.BDYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, http://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}, En quarantaine, [79e60609b8d31d19e458fd7fec1803fd]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE|Debugger, nsjw.exe, En quarantaine, [f86753bc2c5f4beb48a510a822e1ea16]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE|Debugger, nsjw.exe, En quarantaine, [cf90c6494a41072fd14518a1fc078779]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger, nsjw.exe, En quarantaine, [d48be22d6229c96d98a12990748fea16]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger, nsjw.exe, En quarantaine, [144b50bf068584b2d19edddc788b17e9]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE|Debugger, nsjw.exe, En quarantaine, [db846ea1ef9c94a2be748fcb26deed13]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE|Debugger, nsjw.exe, En quarantaine, [e57ab956117a9c9ad51d457437cc13ed]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger, nsjw.exe, En quarantaine, [d08f6ca36922bc7ace825367e61de11f]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE|Debugger, nsjw.exe, En quarantaine, [005f907fd8b30c2a61833e7c42c1fa06]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE|Debugger, nsjw.exe, En quarantaine, [bca318f7850680b6bc750852f014a55b]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE|Debugger, nsjw.exe, En quarantaine, [70ef12fd3a5174c299264e6da95ade22]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE|Debugger, nsjw.exe, En quarantaine, [77e818f76d1e73c339c3209bb44f1ce4]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE|Debugger, nsjw.exe, En quarantaine, [ce916da27f0c85b1937b6557d42f1fe1]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE|Debugger, nsjw.exe, En quarantaine, [fd62cd424e3dfc3a2ff21f9d24df7b85]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE|Debugger, nsjw.exe, En quarantaine, [80df2ce3008b40f6988fc2fae221bb45]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE|Debugger, nsjw.exe, En quarantaine, [bba4cc436c1ff541452373c8699bac54]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE|Debugger, nsjw.exe, En quarantaine, [005f63ac711a90a6f14280da39cbc937]
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE|Debugger, nsjw.exe, En quarantaine, [72ed2be4fc8f3ff77efd4d72956e966a]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVCENTER.EXE|Debugger, nsjw.exe, En quarantaine, [c59a56b9ddaeac8a7f6ea315d62dbe42]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGUARD.EXE|Debugger, nsjw.exe, En quarantaine, [cb9464aba8e366d017ff2594a162bd43]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger, nsjw.exe, En quarantaine, [2a358f8046452115dd5ce2d738cbb749]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger, nsjw.exe, En quarantaine, [26393fd0117a5dd9e38cac0def14aa56]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCUAC.EXE|Debugger, nsjw.exe, En quarantaine, [d28d41cee7a467cfe052a5b5bc4821df]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\COMBOFIX.EXE|Debugger, nsjw.exe, En quarantaine, [5b041cf3e8a364d2d220edcc20e3fd03]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger, nsjw.exe, En quarantaine, [93cc7e9154379d996ae6605a26dda858]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\HIJACKTHIS.EXE|Debugger, nsjw.exe, En quarantaine, [a8b7b25d8605f5410ada5d5df31035cb]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\KEYSCRAMBLER.EXE|Debugger, nsjw.exe, En quarantaine, [b1ae3fd05437cc6a64cde9710ff519e7]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE|Debugger, nsjw.exe, En quarantaine, [0f5086892d5e7abc4d720bb04fb4bd43]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE|Debugger, nsjw.exe, En quarantaine, [530ca56a36551a1cc4382497a95a50b0]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCUI.EXE|Debugger, nsjw.exe, En quarantaine, [5c0337d8a8e33afcb95583393ec53ec2]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE|Debugger, nsjw.exe, En quarantaine, [b2aded22682352e4f32efdbfc04310f0]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSSECES.EXE|Debugger, nsjw.exe, En quarantaine, [26392de2dcaf68cecf5844781fe45aa6]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SPYBOTSD.EXE|Debugger, nsjw.exe, En quarantaine, [75eace4195f652e4a9bf94a7e2224db3]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WIRESHARK.EXE|Debugger, nsjw.exe, En quarantaine, [342b59b60c7fd85e0330da80cb391be5]
Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLCLIENT.EXE|Debugger, nsjw.exe, En quarantaine, [60ff34db5d2eb0867209a619f60d3fc1]
PUP.Optional.BDYahoo, HKU\S-1-5-21-3339448437-3027786054-3453759721-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, http://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-is__alt__ddc_dss_bd_com&p={searchTerms}, En quarantaine, [9ec1749be0ab3cfa102bf18b27dd9f61]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 2
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifceekaonljpjdnanifbjlpjlpjihahe\1.0.5637.26466_0, En quarantaine, [f06ffc131e6da88e9c1ad2c7e42154ac],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifceekaonljpjdnanifbjlpjlpjihahe, En quarantaine, [f06ffc131e6da88e9c1ad2c7e42154ac],

Fichiers: 24
PUP.Optional.WordAnchor, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\wafd_1_10_0_19.sys, En quarantaine, [d48b858a4546cb6bdc347d170203639d],
PUP.Optional.InstallCore, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z\CCleaner Packages\uninstaller.exe, En quarantaine, [203fe728a9e28ea872b3973b58a96898],
PUP.Optional.Dregol, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\Run_Dregol\uninstall.exe, En quarantaine, [233c9e715d2e5adc31ea4e431ee7f50b],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\Sale Charger\Uninstaller.exe, En quarantaine, [8dd2080719720a2ce3d5860d798c59a7],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\Sale Charger\Extensions\7a38e53c-e000-41e4-9b5a-47447db81c2b.dll, En quarantaine, [5f0017f8e5a69f971c9c613207fe2dd3],
PUP.Optional.WordAnchor, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\WordAnchor_1.10.0.19\Uninstall.exe, En quarantaine, [9fc054bba1eaff376aa63c58df263cc4],
PUP.Optional.WordAnchor, C:\Users\pc portable\AppData\Roaming\ZHP\Quarantine\WordAnchor_1.10.0.19\Service\wasvc.exe, En quarantaine, [005f4ec1117a8caa57b9e1b3e223bb45],
Trojan.Agent.H, C:\Program Files (x86)\Anno 2070\solidcore32.dll, En quarantaine, [4f1066a9dab16acc450f79be9b67e51b],
PUP.HackTool.Agent, C:\Program Files (x86)\Total War Rome II\steam_api.dll, En quarantaine, [bda241ce9dee81b5b1215be6f20f20e0],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Temp\{56467B21-21DF-44AC-B6F4-C62510923A75}.dll, En quarantaine, [dd824ec1662591a51b9d9ef5669f48b8],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Temp\{E2EA134F-A28D-4984-A003-ED1115A7692A}.dll, En quarantaine, [035c6ea1711ade587f3953400104a15f],
PUP.Optional.Yontoo.Gen, C:\Users\pc portable\AppData\Local\Temp\{D4B83A30-1B69-42CF-9630-DC5A70EAB9C4}.xpi, En quarantaine, [431c5ab54f3c41f53a924975cf32d52b],
Trojan.Agent, C:\Users\pc portable\AppData\Roaming\msconfig.ini, En quarantaine, [481714fbcac1ed49748efd2f8282748c],
PUP.Optional.WinYahoo, C:\Users\pc portable\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, En quarantaine, [3a25818e13782a0c9de5600e56ae01ff],
PUP.Optional.Dregol, C:\Users\pc portable\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, En quarantaine, [a5ba749b5536cc6aeacf216af50f9b65],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifceekaonljpjdnanifbjlpjlpjihahe\1.0.5637.26466_0\manifest.json, En quarantaine, [f06ffc131e6da88e9c1ad2c7e42154ac],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifceekaonljpjdnanifbjlpjlpjihahe\1.0.5637.26466_0\background.js, En quarantaine, [f06ffc131e6da88e9c1ad2c7e42154ac],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifceekaonljpjdnanifbjlpjlpjihahe\1.0.5637.26466_0\content.js, En quarantaine, [f06ffc131e6da88e9c1ad2c7e42154ac],
PUP.Optional.SaleCharger, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifceekaonljpjdnanifbjlpjlpjihahe\1.0.5637.26466_0\icon.png, En quarantaine, [f06ffc131e6da88e9c1ad2c7e42154ac],
PUP.Optional.BDYahoo, C:\Users\pc portable\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Bon : ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Mauvais : ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://fr.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"],"urls_to_restore_on_startup":["http://fr.search.yahoo.com/?fr=hp-ddc-bd&type=bl-bcr-is__alt__ddc_dsssyc_bd_com"]}}), Remplacé,[f36c46c9543793a37b2fd0cb6f96f60a]
PUP.Optional.BDYahoo, C:\Users\pc portable\AppData\Roaming\Mozilla\Firefox\Profiles\w2l29au5.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.newtab.url", "http://fr.search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-is__alt__ddc_dsssyctab_bd_com");), Remplacé,[401f7c93b8d3a294d376276e38cd34cc]
PUP.Optional.BDYahoo, C:\Users\pc portable\AppData\Roaming\Mozilla\Firefox\Profiles\w2l29au5.default\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "http://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-is__alt__ddc_dss_bd_com&p={searchTerms}");), Remplacé,[e9764ac5d7b4d462a1a9b4e1b25356aa]
PUP.Optional.BDYahoo, C:\Users\pc portable\AppData\Roaming\Mozilla\Firefox\Profiles\w2l29au5.default\prefs.js, Bon : (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (browser.startup.homepage", "http://fr.search.yahoo.com/?fr=hp-ddc-bd&type=bl), Remplacé,[f46b957aa4e74de9f2b6bae165a09f61]
PUP.Optional.BDYahoo, C:\Users\pc portable\AppData\Roaming\Mozilla\Firefox\Profiles\w2l29au5.default\searchplugins\yahoo-search.xml, En quarantaine, [6ff041ce5f2cc07697d2aee91aeb7e82],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité