Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 06/07/2016
Heure de l'analyse: 17:38
Fichier journal: mbam.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.07.06.05
Base de données de rootkits: v2016.05.27.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Cerbe

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 300721
Temps écoulé: 5 min, 42 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 4
PUP.Optional.PriceFountain, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C89D51E0-4A16-42D2-9BFD-504EB787EECD}, Supprimer au redémarrage, [dfeef927c5d55cda04868a6660a32ed2], 
PUP.Optional.InstallCore, HKU\S-1-5-21-404557889-3068280646-1896445870-1001\SOFTWARE\ICSW1.22, En quarantaine, [c508dc4455459a9c386925825aa943bd], 
PUP.Optional.PriceFountain, HKU\S-1-5-21-404557889-3068280646-1896445870-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\EXCLAIMERSOVERSPENDING, En quarantaine, [9e2f041c6634b87e1e4a7b8535cffd03], 
PUP.Optional.PriceFountain, HKU\S-1-5-21-404557889-3068280646-1896445870-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4534C96C-8A97-834B-9050-66E37F6A46F9}, En quarantaine, [4a83829eaeec61d572f6b74944c030d0], 

Valeurs du Registre: 3
PUP.Optional.PriceFountain, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C89D51E0-4A16-42D2-9BFD-504EB787EECD}|Path, \CerbeExclaimersOverspendingV2, Supprimer au redémarrage, [dfeef927c5d55cda04868a6660a32ed2]
PUP.Optional.PriceFountain, HKU\S-1-5-21-404557889-3068280646-1896445870-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ExclaimersOverspending|DisplayName, PriceFountain, En quarantaine, [9e2f041c6634b87e1e4a7b8535cffd03]
PUP.Optional.PriceFountain, HKU\S-1-5-21-404557889-3068280646-1896445870-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4534C96C-8A97-834B-9050-66E37F6A46F9}|DisplayName, Update for PriceFountain, En quarantaine, [4a83829eaeec61d572f6b74944c030d0]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 2
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Roaming\PriceFountainUpdateVer, En quarantaine, [d2fb3be52f6b1521e02e21a6c240d729], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending, En quarantaine, [8d40b868891105319728207c00046f91], 

Fichiers: 25
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Local\Temp\ClassifiedShotgunned.dll, En quarantaine, [f2dbc7592575e25420749b027e8328d8], 
PUP.Optional.InstallCore, C:\Users\Cerbe\Downloads\vlc_setup.exe, En quarantaine, [24a98b95e0ba9d99b0d36dce9d64df21], 
PUP.Optional.PriceFountain, C:\Windows\System32\Tasks\CerbeExclaimersOverspendingV2, En quarantaine, [527bc060ebaf05319cf940a3af54df21], 
PUP.Optional.HijackedShortCuts, C:\Users\Cerbe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\amazon.fr .lnk, En quarantaine, [fad367b948523303f4718d6ebb48c23e], 
PUP.Optional.HijackedShortCuts, C:\Users\Cerbe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\amazon.fr.lnk, En quarantaine, [38952ef22c6e51e57ceb51aadc272fd1], 
PUP.Optional.HijackedShortCuts, C:\Users\Cerbe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Booking.lnk, En quarantaine, [329baa769208b77f5216d427ed1652ae], 
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Roaming\PriceFountainUpdateVer\config.dat, En quarantaine, [d2fb3be52f6b1521e02e21a6c240d729], 
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Roaming\PriceFountainUpdateVer\info.dat, En quarantaine, [d2fb3be52f6b1521e02e21a6c240d729], 
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Roaming\PriceFountainUpdateVer\STTL.DAT, En quarantaine, [d2fb3be52f6b1521e02e21a6c240d729], 
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Roaming\PriceFountainUpdateVer\SyncVersion.exe, En quarantaine, [d2fb3be52f6b1521e02e21a6c240d729], 
PUP.Optional.PriceFountain, C:\Users\Cerbe\AppData\Roaming\PriceFountainUpdateVer\TTL.DAT, En quarantaine, [d2fb3be52f6b1521e02e21a6c240d729], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\Rkey.dat, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\amazon.fr .lnk, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\amazon.fr.ico, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\amazon.fr.lnk, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\amazon.fr.smenu.URL, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\amazon.fr.tbar.URL, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\BarbellDimmers.dat, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\Booking .lnk, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\Booking.ico, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\Booking.lnk, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\Booking.smenu.URL, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\Booking.tbar.URL, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.PriceFountain.Gen, C:\Users\Cerbe\AppData\Local\ExclaimersOverspending\ChamoisingKetches.exe, En quarantaine, [8d40b868891105319728207c00046f91], 
PUP.Optional.ShortcutHijack, C:\Users\Cerbe\Desktop\amazon.fr.URL, En quarantaine, [0dc0a9778c0e85b167689904788c8b75], 

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)