cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 24/12/2015
Heure de l'analyse: 15:59
Fichier journal: rapport malware.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.12.24.04
Base de données de rootkits: v2015.12.18.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Alkhaly

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 357294
Temps écoulé: 8 min, 3 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 2
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [40a4396fddae3ff7937132a6cf348080],
PUP.Optional.WinYahoo, HKU\S-1-5-21-659541644-3693245499-4077169777-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [0ed6e3c5b9d2f046c73b28b0ff0401ff],

Valeurs du Registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_49¶m1=1¶m2=f[40a4396fddae3ff7937132a6cf348080]D4%26b[40a4396fddae3ff7937132a6cf348080]DIE%26cc[40a4396fddae3ff7937132a6cf348080]Dfr%26pa[40a4396fddae3ff7937132a6cf348080]DWincy%26cd[40a4396fddae3ff7937132a6cf348080]D2XzuyEtN2Y1L1Qzu0EyC0Fzzzy0CyE0B0C0AtAyD0D0EtByEtN0D0Tzu0StCyEtAtBtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0F0DtByE0AtByDtGtAzyyDyBtGyCtC0CyEtGyE0DtD0AtG0ByByB0EtA0F0C0FyDtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FzyyE0FyE0E0FyBtG0ByB0AzztGyEtBtD0DtG0AyBtCyDtG0E0C0C0F0CyD0AyEyCyEyC0A2QtN0A0LzuyE%26cr[40a4396fddae3ff7937132a6cf348080]D1320827900%26a[40a4396fddae3ff7937132a6cf348080]Dwncy_secureddownload_15_49%26os[40a4396fddae3ff7937132a6cf348080]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_49¶m1=1¶m2=f[c420b7f1eaa14aec63a19c3cc3407c84]D4%26b[c420b7f1eaa14aec63a19c3cc3407c84]DIE%26cc[c420b7f1eaa14aec63a19c3cc3407c84]Dfr%26pa[c420b7f1eaa14aec63a19c3cc3407c84]DWincy%26cd[c420b7f1eaa14aec63a19c3cc3407c84]D2XzuyEtN2Y1L1Qzu0EyC0Fzzzy0CyE0B0C0AtAyD0D0EtByEtN0D0Tzu0StCyEtAtBtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0F0DtByE0AtByDtGtAzyyDyBtGyCtC0CyEtGyE0DtD0AtG0ByByB0EtA0F0C0FyDtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FzyyE0FyE0E0FyBtG0ByB0AzztGyEtBtD0DtG0AyBtCyDtG0E0C0C0F0CyD0AyEyCyEyC0A2QtN0A0LzuyE%26cr[c420b7f1eaa14aec63a19c3cc3407c84]D1320827900%26a[c420b7f1eaa14aec63a19c3cc3407c84]Dwncy_secureddownload_15_49%26os[c420b7f1eaa14aec63a19c3cc3407c84]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-659541644-3693245499-4077169777-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_49¶m1=1¶m2=f[0ed6e3c5b9d2f046c73b28b0ff0401ff]D4%26b[0ed6e3c5b9d2f046c73b28b0ff0401ff]DIE%26cc[0ed6e3c5b9d2f046c73b28b0ff0401ff]Dfr%26pa[0ed6e3c5b9d2f046c73b28b0ff0401ff]DWincy%26cd[0ed6e3c5b9d2f046c73b28b0ff0401ff]D2XzuyEtN2Y1L1Qzu0EyC0Fzzzy0CyE0B0C0AtAyD0D0EtByEtN0D0Tzu0StCyEtAtBtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0F0DtByE0AtByDtGtAzyyDyBtGyCtC0CyEtGyE0DtD0AtG0ByByB0EtA0F0C0FyDtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FzyyE0FyE0E0FyBtG0ByB0AzztGyEtBtD0DtG0AyBtCyDtG0E0C0C0F0CyD0AyEyCyEyC0A2QtN0A0LzuyE%26cr[0ed6e3c5b9d2f046c73b28b0ff0401ff]D1320827900%26a[0ed6e3c5b9d2f046c73b28b0ff0401ff]Dwncy_secureddownload_15_49%26os[0ed6e3c5b9d2f046c73b28b0ff0401ff]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-659541644-3693245499-4077169777-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_49¶m1=1¶m2=f[588c4068aae11f1731d14296739050b0]D4%26b[588c4068aae11f1731d14296739050b0]DIE%26cc[588c4068aae11f1731d14296739050b0]Dfr%26pa[588c4068aae11f1731d14296739050b0]DWincy%26cd[588c4068aae11f1731d14296739050b0]D2XzuyEtN2Y1L1Qzu0EyC0Fzzzy0CyE0B0C0AtAyD0D0EtByEtN0D0Tzu0StCyEtAtBtN1L2XzutAtFtCyDtFtAtFtBtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0F0DtByE0AtByDtGtAzyyDyBtGyCtC0CyEtGyE0DtD0AtG0ByByB0EtA0F0C0FyDtAyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FzyyE0FyE0E0FyBtG0ByB0AzztGyEtBtD0DtG0AyBtCyDtG0E0C0C0F0CyD0AyEyCyEyC0A2QtN0A0LzuyE%26cr[588c4068aae11f1731d14296739050b0]D1320827900%26a[588c4068aae11f1731d14296739050b0]Dwncy_secureddownload_15_49%26os[588c4068aae11f1731d14296739050b0]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 9
PUP.Optional.VBates, C:\Users\Alkhaly\AppData\LocalLow\Company\Product\1.0, En quarantaine, [41a3e6c2b7d4af8725d730a7c241b54b],
PUP.Optional.VBates, C:\Users\Alkhaly\AppData\LocalLow\Company\Product, En quarantaine, [41a3e6c2b7d4af8725d730a7c241b54b],
PUP.Optional.VBates.WnskRST, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}, En quarantaine, [ad37297f1b702214a783a40b39c94bb5],
PUP.Optional.VBates.WnskRST, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}, En quarantaine, [ad37297f1b702214a783a40b39c94bb5],
PUP.Optional.VBates.WnskRST, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5, En quarantaine, [ad37297f1b702214a783a40b39c94bb5],
Adware.LaSuperba, C:\uninst, En quarantaine, [1ec6e8c03a510b2b71c2ffbd0103f50b],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\Component, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\{B43756EE-C26A-B338-4883-DB99508986A9}, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],

Fichiers: 10
PUP.Optional.InstallCore, C:\Users\Alkhaly\Downloads\adobe_flash_player.exe, En quarantaine, [6f75e2c6e9a22412c68df3ca08f9827e],
PUP.Optional.InstallCore, C:\Users\Alkhaly\Downloads\hotspot-shield.exe, En quarantaine, [bc285850abe03bfb38ac674b32d2728e],
PUP.Optional.VBates, C:\Users\Alkhaly\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, En quarantaine, [41a3e6c2b7d4af8725d730a7c241b54b],
PUP.Optional.VBates, C:\Users\Alkhaly\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, En quarantaine, [41a3e6c2b7d4af8725d730a7c241b54b],
Adware.LaSuperba, C:\uninst\uninstall.html, En quarantaine, [1ec6e8c03a510b2b71c2ffbd0103f50b],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\Component\config.json, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\Component\manifest.json, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\Component\uconfig.json, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\{B43756EE-C26A-B338-4883-DB99508986A9}\c.dat, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],
PUP.Optional.CrossAd.Gen, C:\Users\Alkhaly\AppData\Local\Virtual Camera\{B43756EE-C26A-B338-4883-DB99508986A9}\{46FD52DB-5338-078F-1751-2E37971B90D1}.dat, En quarantaine, [93512187840744f2a94d3c7b3fc5a65a],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité