cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 03/04/2016
Heure de l'analyse: 17:47
Fichier journal: antimalware.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.04.03.04
Base de données de rootkits: v2016.04.03.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: arthur

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 403408
Temps écoulé: 28 min, 32 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 31
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{a5d4090c-09be-4404-8d1a-dc473bd42754}, En quarantaine, [1f51d4d65841c5717cbc6d77ea18cc34],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A5D4090C-09BE-4404-8D1A-DC473BD42754}, En quarantaine, [1f51d4d65841c5717cbc6d77ea18cc34],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A5D4090C-09BE-4404-8D1A-DC473BD42754}, En quarantaine, [1f51d4d65841c5717cbc6d77ea18cc34],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{c6f24c77-d9a8-4510-b48d-48ced471c7e1}, En quarantaine, [363ab2f83f5af541b188be267d85837d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C6F24C77-D9A8-4510-B48D-48CED471C7E1}, En quarantaine, [363ab2f83f5af541b188be267d85837d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C6F24C77-D9A8-4510-B48D-48CED471C7E1}, En quarantaine, [363ab2f83f5af541b188be267d85837d],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{e53a86d5-6dfa-4f48-b516-6c4bec64ef59}, En quarantaine, [aec21397158466d032d4129d7d85a858],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{E53A86D5-6DFA-4F48-B516-6C4BEC64EF59}, En quarantaine, [aec21397158466d032d4129d7d85a858],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{E53A86D5-6DFA-4F48-B516-6C4BEC64EF59}, En quarantaine, [aec21397158466d032d4129d7d85a858],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{ea2c41fe-e042-4eae-b522-336eddd8a43e}, En quarantaine, [f57b1d8dc7d29b9bb94e822dbb4724dc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{EA2C41FE-E042-4EAE-B522-336EDDD8A43E}, En quarantaine, [f57b1d8dc7d29b9bb94e822dbb4724dc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{EA2C41FE-E042-4EAE-B522-336EDDD8A43E}, En quarantaine, [f57b1d8dc7d29b9bb94e822dbb4724dc],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{292eca49-b475-4045-bad4-fe9e5d9cd084}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{7aeafc1f-ce49-45f8-b505-0407fe7cbda2}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BA5FEE9-B4C8-48CD-8331-513F9731B54F}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BA5FEE9-B4C8-48CD-8331-513F9731B54F}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0BA5FEE9-B4C8-48CD-8331-513F9731B54F}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7aeafc1f-ce49-45f8-b505-0407fe7cbda2}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7aeafc1f-ce49-45f8-b505-0407fe7cbda2}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{292ECA49-B475-4045-BAD4-FE9E5D9CD084}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{292ECA49-B475-4045-BAD4-FE9E5D9CD084}, En quarantaine, [2749139710895dd9d3637d67c14103fd],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4e31961d-e8c3-4ab0-9829-8e0f08f8dd01}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{300d6e0d-7a4b-459b-8416-f4ebc039a667}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{7DB5C882-E745-4F43-8FA8-DDDE9A63EC2F}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7DB5C882-E745-4F43-8FA8-DDDE9A63EC2F}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7DB5C882-E745-4F43-8FA8-DDDE9A63EC2F}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{300d6e0d-7a4b-459b-8416-f4ebc039a667}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{300d6e0d-7a4b-459b-8416-f4ebc039a667}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4E31961D-E8C3-4AB0-9829-8E0F08F8DD01}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4E31961D-E8C3-4AB0-9829-8E0F08F8DD01}, En quarantaine, [6709e6c4dabf1323887cc0ef1de5eb15],
PUP.Optional.Gameo, HKU\S-1-5-21-3615951399-2256687036-2206808425-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\E7A8C80F_0, En quarantaine, [f7797d2d36630234833b0f1ecf34619f],

Valeurs du Registre: 1
PUP.Optional.Gameo, HKU\S-1-5-21-3615951399-2256687036-2206808425-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\e7a8c80f_0, {2}.\\?\hdaudio#func_01&ven_14f1&dev_510f&subsys_1043178d&rev_1001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\rearlineouttopo/00010001|\Device\HarddiskVolume4\Users\arthur\AppData\Roaming\Gameo\gameo.exe%b{00000000-0000-0000-0000-000000000000}, En quarantaine, [f7797d2d36630234833b0f1ecf34619f]

Données du Registre: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[8ce4218962371d19614882a706ffef11]

Dossiers: 2
PUP.Optional.PullUpdate, C:\ProgramData\RMoHIT\dat, En quarantaine, [036d01a93f5a013563c4d5814bbaa759],
PUP.Optional.PullUpdate, C:\ProgramData\RMoHIT, En quarantaine, [036d01a93f5a013563c4d5814bbaa759],

Fichiers: 9
Adware.PullUpdate, C:\ProgramData\RMoHIT\dat\FGZCkQQ.dll, En quarantaine, [cda3406a9504ce687af3ce71c33e9769],
PUP.Optional.ZombieInvasion, C:\ProgramData\RMoHIT\dat\KUeBWXFxx.dll, En quarantaine, [a3cd3971dabf4aec51a58065768e619f],
PUP.Optional.WebShield, C:\Users\arthur\AppData\Roaming\ZHP\Quarantine\BrvobzlAf.exe, En quarantaine, [0a663f6bfb9e22146d8788c56d946a96],
PUP.Optional.WebShield, C:\Users\arthur\AppData\Roaming\ZHP\Quarantine\dZbKIz.exe, En quarantaine, [dc94a5057f1a0036c52f0c419d64936d],
PUP.Optional.WinYahoo, C:\Users\arthur\AppData\LocalLow\Microsoft\Internet Explorer\Services\Wincy.ico, En quarantaine, [81ef9d0dc9d02e08d9f258f854b0ba46],
PUP.Optional.PullUpdate, C:\ProgramData\RMoHIT\dat\BrvobzlAf.exe.config, En quarantaine, [036d01a93f5a013563c4d5814bbaa759],
PUP.Optional.PullUpdate, C:\ProgramData\RMoHIT\dat\dZbKIz.exe.config, En quarantaine, [036d01a93f5a013563c4d5814bbaa759],
PUP.Optional.PullUpdate, C:\ProgramData\RMoHIT\dat\FGZCkQQ.dll, En quarantaine, [036d01a93f5a013563c4d5814bbaa759],
PUP.Optional.PullUpdate, C:\ProgramData\RMoHIT\info.dat, En quarantaine, [036d01a93f5a013563c4d5814bbaa759],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité