cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 27/07/2016
Heure de l'analyse: 12:25
Fichier journal: journal examen.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.07.27.03
Base de données de rootkits: v2016.05.27.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Anne

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 356270
Temps écoulé: 31 min, 0 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 9
PUP.Optional.WebBar, HKLM\SOFTWARE\MICROSOFT\TRACING\winwb_RASAPI32, En quarantaine, [916ecc5cdcbe4de9d82bd92754b0a759],
PUP.Optional.WebBar, HKLM\SOFTWARE\MICROSOFT\TRACING\winwb_RASMANCS, En quarantaine, [609f0b1d3f5b65d14ab944bcb25229d7],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{40923D65}, En quarantaine, [47b8e345a2f822147aa648b02ad9d62a],
PUP.Optional.OneSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\POWER\USER\POWERSCHEMES\04262113-2a31-48e1-b4bb-3b42174bea0f, Supprimer au redémarrage, [7b84dc4c8e0cf04688406952ce3640c0],
PUP.Optional.OneSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\POWER\USER\POWERSCHEMES\e24b7131-d039-43cb-9e6f-ad4be601ec1f, Supprimer au redémarrage, [f40b9593a2f85bdb28a19328ad5730d0],
PUP.Optional.InstallCore, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\csastats, En quarantaine, [42bd5bcd9efce05611e0eb0fe2215ca4],
PUP.Optional.InstallCore, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\ICSW1.22, En quarantaine, [38c748e096047abca7bb1a8ddf24619f],
PUP.Optional.ProductSetup, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\PRODUCTSETUP, En quarantaine, [7d824ade62389f9768af0ea3877c5da3],
PUP.Optional.SystemHealer, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\SYSTEM HEALER, En quarantaine, [04fb59cf6b2f4beb969a12c9e41f2dd3],

Valeurs du Registre: 10
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{40923d65}|1, 1469276566, En quarantaine, [47b8e345a2f822147aa648b02ad9d62a]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{2f93abf2-caaa-4fba-9dfa-4b05a62294a8}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [ae51a286cecc3cfa020a48b0c2417789]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{308d9493-e307-45ed-940e-d585aaec22c8}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [a45b0a1e89110c2a4bc13bbdd62daf51]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{6608337c-8f1e-4ecf-a59a-b47c71242ad3}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [c13edd4b3367082e41cb9a5efa09847c]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{f15bd6af-f734-42a3-8448-678096f790ec}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [1ee143e54a50aa8c66a60fe9b152857b]
PUP.Optional.WebBar, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|winwb.exe, 11000, En quarantaine, [59a69296bae0a78f3254e3195ea5629e]
PUP.Optional.ProductSetup, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\PRODUCTSETUP|tb, 0U1S1R0D, En quarantaine, [7d824ade62389f9768af0ea3877c5da3]
PUP.Optional.SystemHealer, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\SYSTEM HEALER|HomePage, http://systemhealer.com/, En quarantaine, [04fb59cf6b2f4beb969a12c9e41f2dd3]
PUP.Optional.SystemHealer, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\SYSTEM HEALER|CartURL, http://gen.securedshopgate.com/?t=01&b=35&tid=351002282-IL-318_CE3DBE6E-B935-42DA-9E91-E62B21813B14&clb=1, En quarantaine, [54abb1778e0c0e28cd4d9c629b681ee2]
PUP.Optional.SystemHealer, HKU\S-1-5-21-3205386391-1155823598-277329648-1001\SOFTWARE\SYSTEM HEALER|SupportPage, http://systemhealer.com/support/#contact, En quarantaine, [7b840127b8e22f07d45c4d8e5aa9ec14]

Données du Registre: 1
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Bon : (8.8.8.8), Mauvais : (82.163.142.7 95.211.158.134),Remplacé,[738ccf59d1c966d0f0f26712ed17ae52]

Dossiers: 15
PUP.Optional.PriceFountain, C:\Users\Anne\AppData\Roaming\PriceFountainUpdateVer, En quarantaine, [1de251d70a90a19533ab5a6c59a90bf5],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\9b75e099-5f57-1, En quarantaine, [6897b8702f6bfe3804cfeed9b949f60a],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\9b75e099-7a35-0, En quarantaine, [9f605bcdf6a4b58163703394f40e11ef],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-0c85-0, En quarantaine, [59a6af79faa0b87ed6fde0e7b949f709],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-0f87-0, En quarantaine, [6f90dd4b5f3b201602d1c20590727987],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-1063-0, En quarantaine, [847ba187c8d277bff2e18d3aa65c5ea2],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-11b1-1, En quarantaine, [e71835f3c8d2c4726b68d1f63ac8ba46],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-1a05-0, En quarantaine, [12ed1d0b9efce155fdd6d4f320e2a858],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-1c83-0, En quarantaine, [609f72b6bbdfaa8c82511aad0cf6f30d],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-6aa1-1, En quarantaine, [cd321a0eb3e7ce6805ce60674cb64db3],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-7115-0, En quarantaine, [2bd4a7815644ba7cf1e25a6d8a782ad6],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-72a7-1, En quarantaine, [24dbcd5bb2e8ee4820b31aadef1355ab],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\fbcecdb2-7d73-1, En quarantaine, [e51a4adee2b8bb7b359ea81f39c9fe02],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{01519ad6-512c-0}, En quarantaine, [c43b3fe92971a591e1f3b116f80a2dd3],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{068effb1-712c-1}, En quarantaine, [7c836ebad2c870c6f4e00dba15ed966a],

Fichiers: 17
PUP.Optional.MultiPlug, C:\ProgramData\40923d65\34b9595b.dll, En quarantaine, [16e9a5838a104de935278dec1ae728d8],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\9b75e099-5f57-1\9b75e099-5f57-1.d, En quarantaine, [3fc048e0207a2c0a86916f37c1438977],
PUP.Optional.PricePeep, C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, En quarantaine, [58a79098b7e386b0676b723ecd36e719],
PUP.Optional.PricePeep, C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, En quarantaine, [13ece4446e2c74c2fbd7169a56ad9967],
PUP.Optional.Amonetize.Gen, C:\ProgramData\fbcecdb2-0f87-0\BITFF40.tmp, En quarantaine, [24dbd454c3d73303908a2fc0f50e2dd3],
PUP.Optional.Amonetize.Gen, C:\ProgramData\fbcecdb2-7d73-1\BITFEA3.tmp, En quarantaine, [ae51b8700397c67051c90ee1b44f7f81],
PUP.Optional.UTop, C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, En quarantaine, [a6598f99e1b9e155725ab43de02350b0],
PUP.Optional.UTop, C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, En quarantaine, [b649d8508119aa8c3c90638e828151af],
PUP.Optional.Yontoo, C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage, En quarantaine, [9b642dfbbae0fc3a3fe52e76c93b7888],
PUP.Optional.Yontoo, C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal, En quarantaine, [59a623054258e74fa084267ea361837d],
PUP.Optional.PriceFountain, C:\Users\Anne\AppData\Roaming\PriceFountainUpdateVer\config.dat, En quarantaine, [1de251d70a90a19533ab5a6c59a90bf5],
PUP.Optional.PriceFountain, C:\Users\Anne\AppData\Roaming\PriceFountainUpdateVer\info.dat, En quarantaine, [1de251d70a90a19533ab5a6c59a90bf5],
PUP.Optional.PriceFountain, C:\Users\Anne\AppData\Roaming\PriceFountainUpdateVer\STTL.DAT, En quarantaine, [1de251d70a90a19533ab5a6c59a90bf5],
PUP.Optional.PriceFountain, C:\Users\Anne\AppData\Roaming\PriceFountainUpdateVer\TTL.DAT, En quarantaine, [1de251d70a90a19533ab5a6c59a90bf5],
PUP.Optional.PriceFountain, C:\Users\Anne\AppData\Roaming\PriceFountainUpdateVer\updatetask.exe, En quarantaine, [1de251d70a90a19533ab5a6c59a90bf5],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{01519ad6-512c-0}\BIT4761.tmp, En quarantaine, [c43b3fe92971a591e1f3b116f80a2dd3],
PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\{068effb1-712c-1}\BIT46D3.tmp, En quarantaine, [7c836ebad2c870c6f4e00dba15ed966a],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité