cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 04/11/2015
Heure de l'analyse: 17:11
Fichier journal: MAMB du 4_11.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.11.04.05
Base de données de rootkits: v2015.11.04.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Raymond

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 345799
Temps écoulé: 52 min, 14 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 7
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE, En quarantaine, [5baacbafa9e291a5bc920b911ce7c838],
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, En quarantaine, [a95cf98135561d19e9faab05c83b946c],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE, En quarantaine, [ea1b0476abe07cbaadb2600d0cf707f9],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE, En quarantaine, [ee17e4967d0ee0562826ddbfb2513ec2],
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, En quarantaine, [c83dfc7e5c2f06307e656c448b783fc1],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE, En quarantaine, [b74e6a10bccf64d2342ba3cad92af010],
PUP.Optional.Spigot, HKU\S-1-5-21-1258690044-2682897043-1428058912-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D78A35E6-01B4-4843-B968-D42BF8A8E27A}, En quarantaine, [0afbb1c94447fe380dce6b1d15ee42be],

Valeurs du Registre: 8
PUP.Optional.Spigot, HKU\S-1-5-21-1258690044-2682897043-1428058912-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SMSetup, "C:\Users\Raymond\AppData\Local\Temp\{FA80476A-A828-4912-AF54-D33B4F33A6CE}\SMSetup.exe" /cnid 926458 /fpd /dsie /dsff /dsgc /hp /wait /ntp_ie /ms /restart, En quarantaine, [3acbc7b3fb90da5cc762c79d4eb6a55b]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", En quarantaine, [5baacbafa9e291a5bc920b911ce7c838]
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", En quarantaine, [a95cf98135561d19e9faab05c83b946c]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", En quarantaine, [ea1b0476abe07cbaadb2600d0cf707f9]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CCLEANER64.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", En quarantaine, [ee17e4967d0ee0562826ddbfb2513ec2]
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", En quarantaine, [c83dfc7e5c2f06307e656c448b783fc1]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", En quarantaine, [b74e6a10bccf64d2342ba3cad92af010]
PUP.Optional.Spigot, HKU\S-1-5-21-1258690044-2682897043-1428058912-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D78A35E6-01B4-4843-B968-D42BF8A8E27A}|URL, https://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}, En quarantaine, [0afbb1c94447fe380dce6b1d15ee42be]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 5
PUP.Optional.Spigot, C:\Users\Raymond\AppData\Local\Temp\{FA80476A-A828-4912-AF54-D33B4F33A6CE}\SMSetup.exe, En quarantaine, [3acbc7b3fb90da5cc762c79d4eb6a55b],
PUP.Optional.Spigot, C:\Users\Raymond\AppData\Local\Temp\nsf2CEF.tmp\SM.dll, En quarantaine, [d233e6949dee31059396f272da2a619f],
PUP.Optional.Spigot, C:\Users\Raymond\AppData\Local\Temp\nsl4265.tmp\SM.dll, En quarantaine, [57ae4b2fd1ba4ceae44514500103db25],
PUP.Optional.Proinstall, C:\Users\Raymond\Downloads\DLighterSetup-63862019.exe, En quarantaine, [31d49ddd0b80d16541dd737e2ed2926e],
PUP.Optional.Spigot, C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\zvifh6gr.default\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "https://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=");), Remplacé,[2dd83a40c4c73ff7693492d61ce8d32d]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité