cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 22/07/2016
Heure de l'analyse: 20:46
Fichier journal: Malware_1.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.07.22.13
Base de données de rootkits: v2016.05.27.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Maxtor

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 342475
Temps écoulé: 54 min, 32 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 1
Trojan.Startup, C:\Users\Maxtor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\services.exe, 5312, , [ee2749de1b7fa591104657a61ce625db]

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 6
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, , [28edd3541189fc3aa6f3782e8d76f808],
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, , [3adbdf48405afc3aaaf01393b44fab55],
PUP.Optional.Hosts, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater21810.exe, , [da3b7aad4b4f320475e921b8a45e32ce],
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E5192D70-5C6E-46F6-AF76-B3AD63EC831D}, , [68ad57d04753e74fc76c716d976c738d],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO, , [898c4ed90f8b01359efb089e4eb539c7],
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA, , [f32273b42179a294b1e96145e71ca759],

Valeurs du Registre: 6
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, , [28edd3541189fc3aa6f3782e8d76f808]
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, , [3adbdf48405afc3aaaf01393b44fab55]
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E5192D70-5C6E-46F6-AF76-B3AD63EC831D}|AppPath, C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar, , [68ad57d04753e74fc76c716d976c738d]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|Giant Savings Extension-bg.exe, 8000, , [be5766c1287238fe296902f5e81b659b]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOLARO|debugger, tasklist.exe, , [898c4ed90f8b01359efb089e4eb539c7]
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VONTEERA|debugger, tasklist.exe, , [f32273b42179a294b1e96145e71ca759]

Données du Registre: 1
Hijack.Search, HKU\S-1-5-21-1283236314-716489326-3204360187-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://accueil.midozik.com/, Bon : (http://www.google.com/), Mauvais : (http://accueil.midozik.com/),,[3adbba6d34663ef8300f77fd3dc72bd5]

Dossiers: 1
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config, , [23f2cd5ad8c287affc381599e41fe818],

Fichiers: 7
PUP.Optional.Hosts, C:\Windows\System32\Tasks\Updater21810.exe, , [9184de495347a88e7370b92da2606d93],
Trojan.Startup, C:\Users\Maxtor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\services.exe, , [ee2749de1b7fa591104657a61ce625db],
PUP.Optional.ExpressFind, C:\Users\Maxtor\AppData\Roaming\Mozilla\Firefox\Profiles\l09nglgv.default\extensions\{1fe073ff-4fbd-4f0e-9a39-1b65362500c6}.xpi, , [f22348df544676c05697980907fc6997],
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\ver.xml, , [23f2cd5ad8c287affc381599e41fe818],
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\data.xml, , [23f2cd5ad8c287affc381599e41fe818],
PUP.Optional.PCKeeper, C:\Users\Maxtor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.pckeeper.com_0.localstorage-journal, , [4acb58cf7f1b94a296fdce153fc46e92],
PUP.Optional.CrossRider, C:\Users\Maxtor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [ef268f98b1e98bab8b7f03e70df64ab6],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité