cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 1/15/2016
Heure de l'analyse: 12:05 AM
Fichier journal: scanlog2.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.14.07
Base de données de rootkits: v2016.01.09.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: slessner

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 597295
Temps écoulé: 2 h, 45 min, 12 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 3
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64, En quarantaine, [e6a948f12574d75f0c3e5381f60de818],
PUP.Optional.BDYahoo, HKU\S-1-5-21-2695486334-1906627328-3932120828-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En quarantaine, [4a45de5b6f2a5bdbbd1092157192c13f],
PUP.Optional.RegCleanerPro, HKU\S-1-5-21-2695486334-1906627328-3932120828-1004\SOFTWARE\SYSTWEAK\RegClean Pro, En quarantaine, [127d84b56633c175e2c97e54976cb34d],

Valeurs du Registre: 1
PUP.Optional.BDYahoo, HKU\S-1-5-21-2695486334-1906627328-3932120828-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, http://fr.search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-00__alt__ddc_dss_bd_com&p={searchTerms}, En quarantaine, [4a45de5b6f2a5bdbbd1092157192c13f]

Données du Registre: 1
PUP.Optional.BDYahoo, HKU\S-1-5-21-2695486334-1906627328-3932120828-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-00__alt__ddc_dsssyc_bd_com, Bon : (www.google.com), Mauvais : (http://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bir-00__alt__ddc_dsssyc_bd_com),Remplacé,[018e87b233663402aa9ed9d71ee607f9]

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 47
PUP.Optional.Ilivid, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\iLividSetup (1).exe, En quarantaine, [741b93a69cfd8aac4df607ceac544db3],
PUP.Optional.Ilivid, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\iLividSetup (2).exe, En quarantaine, [0f80f544940577bfaa99e3f25aa629d7],
PUP.Optional.Ilivid, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\iLividSetup.exe, En quarantaine, [058a3affa1f82f07b78c05d0ef117789],
PUP.Optional.RegCleanerPro, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\rcpsetup_softonic_sd_new.exe, En quarantaine, [553ab3861584360031f3306baf5129d7],
PUP.Optional.SofTonic, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\SoftonicDownloader_pour_vlc-media-player-portable (1).exe, En quarantaine, [b4dbc7727821f343b4dd72bd9b66df21],
PUP.Optional.SofTonic, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\SoftonicDownloader_pour_vlc-media-player-portable.exe, En quarantaine, [652afd3c900996a05b366dc2a0618c74],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\updateClearThink.exe, En quarantaine, [b6d92d0c960393a31e1e85c302ff03fd],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\{bcd08fc8-cb56-41a3-8b19-3c556687a504}Gw64.sys, En quarantaine, [0b8492a7f4a5f640568213be8b797e82],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\ClearThinkUn.exe, En quarantaine, [e8a760d9c4d5ef4718243711eb166f91],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\updateClearThink.exe, En quarantaine, [5c33f940b0e9fd392d0f5cec1ae77888],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\bcd0.dll, En quarantaine, [4f400732821794a27e7ddbc328d922de],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\bcd064.dll, En quarantaine, [6827c376d7c2d165cc331f7f986942be],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\bcd08fc8cb.dll, En quarantaine, [f699ba7f9dfcde58a4713f607a8720e0],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\bcd08fc8cb64.dll, En quarantaine, [fc93c6739504f244ee3ee5bb7b86b848],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\ClearThink.BrowserAdapter.exe, En quarantaine, [424deb4ec9d0ec4ae2329609bc452ad6],
PUP.Optional.BrowseFox, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\ClearThink.BrowserAdapter64.exe, En quarantaine, [f99629105247d85ede4c17894fb2f20e],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\ClearThink.PurBrowse64.exe, En quarantaine, [0b843bfe8a0f8babcd6f3d0b649dff01],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmp4249.tmp, En quarantaine, [99f61e1be6b3d75f82ba9eaa2ad7f709],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmp43BF.tmp, En quarantaine, [f897c079edac8da9b68684c4f40dac54],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmp6239.tmp, En quarantaine, [583792a7dcbdcd69b68654f47b8653ad],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmp6DBF.tmp, En quarantaine, [9df26acfcdccf34349f3004838c99070],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmp943C.tmp, En quarantaine, [9bf43900881149edd468ae9afa0714ec],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmp972A.tmp, En quarantaine, [f996b3864b4ef244bc80ed5b1ae79b65],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmpDB07.tmp, En quarantaine, [a1ee40f93f5a7db96cd03216f908a858],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmpDBC8.tmp, En quarantaine, [bbd46ccdcacf2016c379bc8c68997d83],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmpE1F1.tmp, En quarantaine, [741b84b5b8e152e44def05435ca5f30d],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmpE890.tmp, En quarantaine, [56398aaf70291f17ed4f94b4e819df21],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmpF40E.tmp, En quarantaine, [8a05c376d7c269cd4bf1ec5c4eb3fd03],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\tmpFC92.tmp, En quarantaine, [e7a8e554f0a972c42b1151f737ca629e],
PUP.Optional.Yontoo, C:\Users\slessner\AppData\Roaming\ZHP\Quarantine\ClearThink.DIR\bin\utilClearThink.exe, En quarantaine, [7a15de5b06937eb887b5a1a7847d55ab],
PUP.Optional.SmileFiles, C:\Users\Bilal\Downloads\horrible-bosses-sub-ita.zip, En quarantaine, [5f303702a8f1f145ab1f10bd4cb8ae52],
PUP.Optional.IBryte, C:\Users\Bilal\Downloads\Flash_Player_Pro_Setup (1).exe, En quarantaine, [0a85c9701c7dc96d3932f6a4817f8c74],
PUP.Optional.IBryte, C:\Users\Bilal\Downloads\Flash_Player_Pro_Setup.exe, En quarantaine, [77183009e4b5cb6ba6c5306aab553cc4],
PUP.Optional.InstallCore, C:\Users\Bilal\Downloads\wlsetup-web.exe, En quarantaine, [7d129f9a9900d36308d2de545da4a65a],
PUP.Optional.InstallCore, C:\Users\Bilal\Downloads\ZipOpenerSetup.exe, En quarantaine, [0f800f2a3d5c1e18a668603cfb05b44c],
PUP.Optional.DownTango, C:\Users\Bilal\Downloads\Biggest_Salarymen_2_downloader.exe, En quarantaine, [e8a790a9d8c1a4924836d55c06fb6d93],
PUP.Optional.OpenCandy, C:\Users\Bilal\Downloads\daemon-tools-lite_4-49-1_fr_10729.exe, En quarantaine, [ace349f0c7d2ab8b07d714b2fb093bc5],
PUP.Optional.MSW, C:\Users\Bilal\Downloads\daemon-tools-lite_4-49_fr_10729.exe, En quarantaine, [f09f1227d9c0cb6b16ac26b2b44c1ee2],
PUP.Optional.OpenCandy, C:\Users\slessner\Downloads\daemon-tools-lite_4-49-1_fr_10729.exe, En quarantaine, [eea14eeb7227df57ac32edd945bfb14f],
PUP.Optional.Revizer, C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage, En quarantaine, [880768d15a3f6ec8b86fd05612f27987],
PUP.Optional.Revizer, C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage-journal, En quarantaine, [4f406bced0c94bebd651e4428f7519e7],
PUP.Optional.Revizer, C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage, En quarantaine, [602f7fba7e1bc373d453f036e71da957],
PUP.Optional.Revizer, C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_static.reklaam00.reklaam.co_0.localstorage-journal, En quarantaine, [c1ce5edb148585b1b67155d1996b55ab],
PUP.Optional.PriceMoon, C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, En quarantaine, [840b5bdececb83b36449bb6f887cb44c],
PUP.Optional.PriceMoon, C:\Users\Bilal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, En quarantaine, [127dbf7a7920fa3caffe74b6be46b64a],
PUP.Optional.PriceMoon, C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_pstatic.pricemoon.co_0.localstorage, En quarantaine, [a1ee2514683191a5c2ebc06a53b1639d],
PUP.Optional.PriceMoon, C:\Users\slessner\AppData\Local\Google\Chrome\User Data\default\Local Storage\http_pstatic.pricemoon.co_0.localstorage-journal, En quarantaine, [d8b78bae8217f93dd1dc84a60400b947],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité