cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 04/01/2016
Heure de l'analyse: 15:52
Fichier journal: Historique d'analyse.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.04.02
Base de données de rootkits: v2015.12.26.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: JB

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 490361
Temps écoulé: 55 min, 23 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 10
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AEEF4389-6327-45E5-9552-021C0F5AEF2D}, En quarantaine, [1290b184fe9b11251cb5182ca161eb15],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GamesAppIntegrationService, En quarantaine, [1290b184fe9b11251cb5182ca161eb15],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AEEF4389-6327-45E5-9552-021C0F5AEF2D}, En quarantaine, [1290b184fe9b11251cb5182ca161eb15],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AEEF4389-6327-45E5-9552-021C0F5AEF2D}, En quarantaine, [1290b184fe9b11251cb5182ca161eb15],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AEEF4389-6327-45E5-9552-021C0F5AEF2D}, En quarantaine, [1290b184fe9b11251cb5182ca161eb15],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5BFD1D3-18B6-4FC3-B3F9-262AE3552DBE}, En quarantaine, [495938fd0693f1458c51be86bd452ed2],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5BFD1D3-18B6-4FC3-B3F9-262AE3552DBE}, En quarantaine, [495938fd0693f1458c51be86bd452ed2],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OLDSEARCH, En quarantaine, [643ef63fe2b7ca6c83b8c619669d857b],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [aef4d2638d0c3cfa7bc0b926946f8977],
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}, En quarantaine, [cad861d42970ae883ffc7966d231c33d],

Valeurs du Registre: 6
PUP.Optional.Yontoo.ChrPRST, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, En quarantaine, [7f2392a3cecbf24421003aa7748f45bb]
PUP.Optional.Yontoo.ChrPRST, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, En quarantaine, [eeb4bc7949500d29e9725e8291728080]
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OldSearch|URL, http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwAUwsQRFMQbQEOAg9cFVMRIRQAAw9BDFEbIQ0IUg0VFQRGeB9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}, En quarantaine, [643ef63fe2b7ca6c83b8c619669d857b]
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwAUwsQRFMQbQEOAg9cFVMRIRQAAw9BDFEbIQ0IUg0VFQRGeB9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}, En quarantaine, [aef4d2638d0c3cfa7bc0b926946f8977]
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}|URL, http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwAUwsQRFMQbQEOAg9cFVMRIRQAAw9BDFEbIQ0IUg0VFQRGeB9aFQQTSEcFME0FCFwEURNNfWpdAEsSSXhMMlxzD1YG&q={searchTerms}, En quarantaine, [cad861d42970ae883ffc7966d231c33d]
PUP.Optional.Yontoo.ChrPRST, HKU\S-1-5-21-993825181-1441406120-3915584159-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DoNotAskAgain, searchinterneat-a.akamaihd.net, En quarantaine, [acf676bfd1c87fb788d3a43ce81b59a7]

Données du Registre: 1
PUP.Optional.Yontoo, HKU\S-1-5-21-993825181-1441406120-3915584159-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWeAsKAFwXEhgbdloOTA0XE1QOeFsOURQVGVQXcAoMBQ1ARA0FIk0FA1ADB0VXfVBdFElXTwhwJVhKAlE8TkdGC1dXFg==, Bon : (www.google.com), Mauvais : (http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWeAsKAFwXEhgbdloOTA0XE1QOeFsOURQVGVQXcAoMBQ1ARA0FIk0FA1ADB0VXfVBdFElXTwhwJVhKAlE8TkdGC1dXFg==),Remplacé,[bae840f5fd9c80b6e3374958cb39e51b]

Dossiers: 34
PUP.Optional.MindSpark, C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\kpkhufef.default\DownSpeedTest_dq, En quarantaine, [3b67db5a1e7b2412c4a26d4b818233cd],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugincontainer, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\10bak, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\2, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7bak, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\Program Files (x86)\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1, En quarantaine, [02a0300544552313fea3792ba85add23],
PUP.Optional.MagicalFind, C:\Program Files (x86)\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\updater, En quarantaine, [02a0300544552313fea3792ba85add23],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugincontainer, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\10, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\2, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\3, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\5, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\6, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\7, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\7\resources, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\8, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\3a08aecf-996c-434c-872d-c3768a6d9134, En quarantaine, [059d0035badf171f53913287a260a060],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\3a08aecf-996c-434c-872d-c3768a6d9134\updater, En quarantaine, [059d0035badf171f53913287a260a060],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\PluginContainer, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\10, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\12, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\12\resources, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\2, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\3, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\5, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\7, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\7\resources, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\8, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],

Fichiers: 33
PUP.Optional.Yontoo, C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe, En quarantaine, [1290b184fe9b11251cb5182ca161eb15],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugincontainer.bak, En quarantaine, [eab8c66f663342f4ce1c96b0cf3214ec],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\10\Plugin.exe, En quarantaine, [0c96f63fc6d3b87e414b39650df459a7],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\2\Plugin.exe, En quarantaine, [8b1755e06a2f033353398e1059a84db3],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\3\Plugin.exe, En quarantaine, [5c4614219900fc3a7e0e148a12ef748c],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\5\Plugin.exe, En quarantaine, [49593ef7efaa5dd9addf336bdb26f10f],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\6\Plugin.exe, En quarantaine, [475bab8ae3b687af0686a1fd0ff24bb5],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\7\resources\38.0.5.dll, En quarantaine, [0999d75e217859dd2765227c897832ce],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\7\resources\39.0.0.dll, En quarantaine, [188a80b50495191d7319d1cd837e936d],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\7\resources\40.0.0.dll, En quarantaine, [9909b4819405d066117b910d05fc09f7],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\plugins\8\Plugin.exe, En quarantaine, [d1d1f0457821d36398f46836b54ce818],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\12\Plugin.exe, En quarantaine, [fba778bd5445bf7769b73c7ef60bd828],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\12\resources\plugin.dll, En quarantaine, [485a66cf900975c18997625818e9649c],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\2\Plugin.exe, En quarantaine, [9e046acb97026acc30f07149df2233cd],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\3\Plugin.exe, En quarantaine, [f2b0290c930638feee32605a976a1fe1],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\5\Plugin.exe, En quarantaine, [d5cd092c8c0d16203fe115a5e021bd43],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\7\resources\38.0.5.dll, En quarantaine, [dbc76ec74950e94d160af5c50ff27789],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\7\resources\39.0.0.dll, En quarantaine, [089af3427e1bda5cce52566450b17d83],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\7\resources\40.0.0.dll, En quarantaine, [c5dd34016e2b0a2c7da397235ba6e51b],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\plugins\8\Plugin.exe, En quarantaine, [aff3fd38c7d256e061bf4278f20ff10f],
PUP.Optional.Yontoo, C:\Users\JB\AppData\Roaming\ZHP\Quarantine\RPEng\84E97FE0F0984AEA8D6D8068CB400AC2\setup.exe, En quarantaine, [148e033212871a1ce6a6aaf4de237888],
PUP.Optional.Yontoo, C:\Users\JB\AppData\Roaming\ZHP\Quarantine\RPEng\C885713337D44BB6B5D8884A99F62CED\setup.exe, En quarantaine, [732fc0757f1a330379a7eeccfe039e62],
PUP.Optional.MindSpark, C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\kpkhufef.default\DownSpeedTest_dq\6EB3ACF8-1E16-4859-BFA6-9EC8AD717B39.sqlite, En quarantaine, [3b67db5a1e7b2412c4a26d4b818233cd],
PUP.Optional.Yontoo, C:\ods.exe.config, En quarantaine, [b2f05fd6118854e241cb0714cf35ad53],
PUP.Optional.Palikan, C:\Users\JB\AppData\LocalLow\Microsoft\Internet Explorer\Services\Palikan.ico, En quarantaine, [aff390a53b5ecf67e561988651b38c74],
PUP.Optional.Yontoo, C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\kpkhufef.default\extensions\{04a8167f-a37d-4da1-be2d-b06fa34e5ff6}.xpi, En quarantaine, [a002b2838a0ff73f343bb06e3aca24dc],
PUP.Optional.MagicalFind, C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\temp, En quarantaine, [0d95e64f2772d0667a26aef6a65cc53b],
PUP.Optional.MagicalFind, C:\Program Files (x86)\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\updater(85).exe, En quarantaine, [02a0300544552313fea3792ba85add23],
PUP.Optional.MagicalFind, C:\Program Files (x86)\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\updater.bak, En quarantaine, [02a0300544552313fea3792ba85add23],
PUP.Optional.Yontoo, C:\ProgramData\3a08aecf-996c-434c-872d-c3768a6d9134\temp, En quarantaine, [90122b0a14851d1970728d2c13ef45bb],
PUP.Optional.Yontoo, C:\ProgramData\dc7f92b9-bbae-4a98-8d52-722397ce851b\temp, En quarantaine, [d7cb1f169cfd092d5f0f7646818128d8],
PUP.Optional.Yontoo, C:\Users\JB\AppData\Roaming\Mozilla\Firefox\Profiles\kpkhufef.default\searchplugins\default.xml, En quarantaine, [3a68f3426a2f87afab5026a43cc88f71],
PUP.Optional.Palikan, C:\Users\VV\AppData\Roaming\Mozilla\Firefox\Profiles\mwxvxkrx.default-1423734583051\prefs.js, Bon : (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (user_pref("browser.startup.homepage", "http://www.palikan.com), Remplacé,[a8fadc59cacf78bea12d11bb63a17090]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité