cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 20/07/2016
Heure de l'analyse: 18:11
Fichier journal: mbam.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.02.16.06
Base de données de rootkits: v2016.02.08.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: theo

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 544170
Temps écoulé: 1 h, 6 min, 3 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 4
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, En quarantaine, [6df9134e19804de9140bfef5bb47936d],
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\yessearchesSoftware, En quarantaine, [ed7977ea7920c4727f8d4611b74d6a96],
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, En quarantaine, [bea89cc59ffaed493fe07d761de5a45c],
PUP.Optional.YesSearches, HKU\S-1-5-21-2532391380-2442022221-794288624-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, En quarantaine, [4c1afa673762e551aa9ee478ea1a9769],

Valeurs du Registre: 12
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBnQtBn4mBE..&v=20160301&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&mode=ffsengext, En quarantaine, [6df9134e19804de9140bfef5bb47936d]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBnQtBn4mBE..&v=20160301&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&mode=ffsengext, En quarantaine, [580ef9682b6ec76f62bd06ed27dbfc04]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&q={searchTerms}&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffsengext, En quarantaine, [fd692e338d0c8fa7e7389261e02218e8]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffexttoolbar&q=, En quarantaine, [c79f6ff2aaef4bebfd22c13227db9a66]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBnQtBn4mBE..&v=20160301&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&mode=ffsengext, En quarantaine, [bea89cc59ffaed493fe07d761de5a45c]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBnQtBn4mBE..&v=20160301&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&mode=ffsengext, En quarantaine, [a5c1d68b15848da9eb34bc379a68bc44]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&q={searchTerms}&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffsengext, En quarantaine, [6bfb69f887122f07bc639f5429d9e61a]
PUP.Optional.YesSearches, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffexttoolbar&q=, En quarantaine, [372fa5bccdccec4a2bf45d96b54d04fc]
PUP.Optional.YesSearches, HKU\S-1-5-21-2532391380-2442022221-794288624-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.yessearches.com/?ts=AHEpBnQtBn4mBE..&v=20160301&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&mode=ffsengext, En quarantaine, [4c1afa673762e551aa9ee478ea1a9769]
PUP.Optional.YesSearches, HKU\S-1-5-21-2532391380-2442022221-794288624-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.yessearches.com/?ts=AHEpBnQtBn4mBE..&v=20160301&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&mode=ffsengext, En quarantaine, [20466bf66435c86e8dbb75e7b94bbd43]
PUP.Optional.YesSearches, HKU\S-1-5-21-2532391380-2442022221-794288624-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&q={searchTerms}&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffsengext, En quarantaine, [fe68d78a0198152166e2c29ae1230af6]
PUP.Optional.YesSearches, HKU\S-1-5-21-2532391380-2442022221-794288624-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffexttoolbar&q=, En quarantaine, [e284eb76f1a8ee485eeac5978f758779]

Données du Registre: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[03634a17b6e349edc51c4d9854b0a060]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[aeb84a177524fb3bf3eec3220ff54bb5]

Dossiers: 2
PUP.Optional.Elex, C:\Users\theo\AppData\Roaming\TSv, En quarantaine, [8fd73d24683149ed41428771857d0bf5],
PUP.Optional.YesSearches, C:\Users\theo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\YourGSearchFinder_br, En quarantaine, [c5a1e978badfc175149619d838cada26],

Fichiers: 7
PUP.Optional.Elex, C:\Users\theo\AppData\Roaming\TSv\TSvr.exe, En quarantaine, [8fd73d24683149ed41428771857d0bf5],
PUP.Optional.Elex, C:\Users\theo\AppData\Roaming\TSv\msvcp120.dll, En quarantaine, [8fd73d24683149ed41428771857d0bf5],
PUP.Optional.Elex, C:\Users\theo\AppData\Roaming\TSv\msvcr120.dll, En quarantaine, [8fd73d24683149ed41428771857d0bf5],
PUP.Optional.YesSearches, C:\Users\theo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml, En quarantaine, [d98d1c453c5db77f88e652c24fb6a060],
PUP.Optional.YesSearches, C:\Users\theo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "http://www.yessearches.com/chrome.php?uid=CBD5DCBBF51CDE119B2F62F2E996E82C&ptid=dam&ts=AHEpBnQtBn4mBE..&v=20160301&mode=ffexttoolbar&q=");), Remplacé,[ce98cf924f4af54121c7f22223e240c0]
PUP.Optional.YesSearches, C:\Users\theo\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Bon : (), Mauvais : (user_pref("browser.search.searchengine.url", "http://www.yessearches.com/chrome.php?mode=ffsengext&ptid=dam&q={searchTerms}&ts=AHEpBnQtBn4mBE..&uid=CBD5DCBBF51CDE119B2F62F2E996E82C&v=20160301");), Remplacé,[3e28342d326764d241a9f91b719433cd]
PUP.Optional.YesSearches, C:\Users\theo\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\DD1B66D4.xml, En quarantaine, [b4b2f46d6b2eea4cafbf5eb67f86817f],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité