cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 28/05/2016
Heure de l'analyse: 10:45
Fichier journal: malware.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.05.28.03
Base de données de rootkits: v2016.05.27.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: User

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 410803
Temps écoulé: 7 min, 29 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Avertir
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 3
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [42013f9ca4f57cba3e22417539c91be5],
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\UNINSTALL DAM, , [6ed515c63d5cfa3c0904a63a19ea6799],
PUP.Optional.GoHD, HKU\S-1-5-21-525173809-1253020421-1266078678-1000\SOFTWARE\---Max--- Development, , [5de6defd168333038174becb748f1fe1],

Valeurs du Registre: 5
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpC3EtAXYkB0..&v=20160315&uid=96BA8D79EC163A03505A5EB6D5855D9D&ptid=dam&mode=ffsengext, , [42013f9ca4f57cba3e22417539c91be5]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpC3EtAXYkB0..&v=20160315&uid=96BA8D79EC163A03505A5EB6D5855D9D&ptid=dam&mode=ffsengext, , [8cb7f8e304955ed84b15b9fd8b77b44c]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?uid=96BA8D79EC163A03505A5EB6D5855D9D&ptid=dam&q={searchTerms}&ts=AHEpC3EtAXYkB0..&v=20160315&mode=ffsengext, , [241fb6251c7d082eb0b0d4e228dabe42]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?uid=96BA8D79EC163A03505A5EB6D5855D9D&ptid=dam&ts=AHEpC3EtAXYkB0..&v=20160315&mode=ffexttoolbar&q=, , [9ba8409be7b254e2461a5f57c73b3dc3]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Uninstall dam|DisplayName, yessearches Uninstall, , [6ed515c63d5cfa3c0904a63a19ea6799]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 15
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\adblockplus, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\crashes, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\crashes\events, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\persistent, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\persistent\moz-safe-about+home, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\persistent\moz-safe-about+home\idb, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\persistent\moz-safe-about+home\idb\818200132aebmoouht, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webapps, , [f152f5e6e0b962d499971663ae5636ca],

Fichiers: 50
PUP.Optional.CrossAd.Gen, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi, , [98ab8d4e2871df57ecc82c88ed152bd5],
PUP.Optional.CrossAd.Gen, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi, , [7ec522b9544579bd6153bafab74b837d],
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Bon : (), Mauvais : (user_pref("browser.newtab.url", "http://www.yessearches.com/?ts=AHEpC3EtAXYkB0..&v=20160315&uid=96BA8D79EC163A03505A5EB6D5855D9D&ptid=dam&mode=ffseng");), ,[aa99716adabf0d29e5ef98e16f9546ba]
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Bon : (), Mauvais : (rwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/

user_pref("accessibility.typeaheadfind"), ,[ea5937a4cecb1b1b617393e6e61e1be5]
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Bon : (), Mauvais : (hile the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/

user_), ,[043fd8030d8c340217bd8deca95bff01]
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Bon : (), Mauvais : (nning,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/

user_pref("accessibility.typeahe), ,[f44ffedd62374ee8fcd8caafbd4741bf]
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Bon : (), Mauvais : (s, you can visit the URL about:config
*/

user_pref("accessibility.typeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.ena), ,[024128b38514c96de8ec44355aaa817f]
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Bon : (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (user_pref("browser.startup.homepage", "http://www.yessearches.com), ,[0c378655c1d87bbbb23e4d2c659f52ae]
PUP.Optional.YesSearches, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\DD1B66D4.xml, , [2e15cc0f9dfc6fc71d49b9bf93710af6],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\addons.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\blocklist.xml, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\cert8.db, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\compatibility.ini, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\content-prefs.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\cookies.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions.ini, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\formhistory.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\hotfix.v20140527.01.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\key3.db, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\localstore.rdf, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\mimeTypes.rdf, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\parent.lock, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\permissions.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\places.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\pluginreg.dat, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\search-metadata.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\secmod.db, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\signons.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\times.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webappsstore.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\adblockplus\elemhide.css, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\adblockplus\elemhide.css.tmp, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\adblockplus\patterns-backup1.ini, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\adblockplus\patterns-backup2.ini, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\adblockplus\patterns.ini, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2014-07-17_516.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\bookmarkbackups\bookmarks-2014-08-29_516.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\crashes\store.json.mozlz4, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\{8c30bc99-b293-4d07-b4d1-d64a338c2f6f}.xpi, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\healthreport\state.json, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\8695deaa-675e-4a3e-8fa1-1a6d03219719.dmp, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\minidumps\f8182901-2206-4efa-bcc6-336ff9962f27.dmp, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\google-avast.xml, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\persistent\moz-safe-about+home\.metadata, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\storage\persistent\moz-safe-about+home\idb\818200132aebmoouht.sqlite, , [f152f5e6e0b962d499971663ae5636ca],
PUP.Optional.FakeFFProfile, C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\webapps\webapps.json, , [f152f5e6e0b962d499971663ae5636ca],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité