cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 12/09/2015
Heure de l'analyse: 13:05
Fichier journal: ra.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.12.02
Base de données de rootkits: v2015.08.16.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Hamza

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 467576
Temps écoulé: 56 min, 9 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 1
PUP.Optional.LuckyTab, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, 6680, Supprimer au redémarrage, [0ef4151a6e1d85b195b58c5336cca957]

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 10
PUP.Optional.LuckyTab, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, En quarantaine, [0ef4151a6e1d85b195b58c5336cca957],
PUP.Optional.LuckyTab, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GamesAppIntegrationService, En quarantaine, [0ef4151a6e1d85b195b58c5336cca957],
PUP.Optional.LuckyTab, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, En quarantaine, [0ef4151a6e1d85b195b58c5336cca957],
PUP.Optional.SaleClipper, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B18906DF-1DFA-4D50-8A1F-7D076A8C87B7}, En quarantaine, [15ed0b244843a195288d8b57a55d28d8],
PUP.Optional.SaleClipper, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B18906DF-1DFA-4D50-8A1F-7D076A8C87B7}, En quarantaine, [15ed0b244843a195288d8b57a55d28d8],
PUP.Optional.Linkey, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fpmeembnagmagppkgghhfjfdfajdfcah, En quarantaine, [55ad44ebd7b4ec4ae864abf221e37f81],
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iomphmdalfmaifjccmagmllnicjoghhk, En quarantaine, [62a06ac5c0cb1521259ffb922ada9c64],
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [56ac8aa5a0eb4aec371cc7aba55f55ab],
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, En quarantaine, [fd0558d767247bbb88cbc1b11fe5df21],
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, En quarantaine, [46bc78b76625cb6bf85bf2807d877a86],

Valeurs du registre: 4
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541075A9E680_140314JA130912GMM6UPX&ts=1437405507&type=default&q={searchTerms}, En quarantaine, [56ac8aa5a0eb4aec371cc7aba55f55ab]
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541075A9E680_140314JA130912GMM6UPX&ts=1437405507&type=default&q={searchTerms}, En quarantaine, [fd0558d767247bbb88cbc1b11fe5df21]
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.sweet-page.com//favicon.ico, En quarantaine, [857d7db2ef9cbf770251db97bf4551af]
PUP.Optional.SweetPage.ShrtCln, HKU\S-1-5-21-518511124-2112986350-859192497-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.sweet-page.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=HGSTXHTS541075A9E680_140314JA130912GMM6UPX&ts=1437405507&type=default&q={searchTerms}, En quarantaine, [46bc78b76625cb6bf85bf2807d877a86]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5677.24976_0, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5728.28446_0, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],

Fichiers: 12
PUP.Optional.LuckyTab, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, Supprimer au redémarrage, [0ef4151a6e1d85b195b58c5336cca957],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5677.24976_0\manifest.json, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5677.24976_0\background.js, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5677.24976_0\content.js, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5677.24976_0\icon.png, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5728.28446_0\background.js, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5728.28446_0\content.js, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5728.28446_0\icon.png, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.SaleClipper, C:\Users\Hamza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmaipjnbcmcjoaaomnemjkidcidefghb\1.0.5728.28446_0\manifest.json, En quarantaine, [649ed05f7d0e1620e39f8421c144fe02],
PUP.Optional.DefaultProtectedSearch, C:\Users\Hamza\AppData\Roaming\Mozilla\Firefox\Profiles\4amdzdvh.default\prefs.js, Bon : (), Mauvais : (defsearchp@gmail.com), Remplacé,[15ed31fe8803e452dea55b4d8382fc04]
PUP.Optional.DeskCut, C:\Users\Hamza\AppData\Roaming\Mozilla\Firefox\Profiles\4amdzdvh.default\prefs.js, Bon : (), Mauvais : (deskCutv2@gmail.com), Remplacé,[1be782adafdc01354044f0b8cc394ab6]
PUP.Optional.SweetSearch, C:\Users\Hamza\AppData\Roaming\Mozilla\Firefox\Profiles\4amdzdvh.default\prefs.js, Bon : (), Mauvais : (sweetsearch@gmail.com), Remplacé,[aa58b679513a76c03f4dc6e27392e21e]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité