cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 23/01/2016
Heure de l'analyse: 20:16
Fichier journal:
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.23.04
Base de données de rootkits: v2016.01.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Vincent

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 355225
Temps écoulé: 7 min, 41 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 67
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\APPID\{01994268-3C10-4044-A1EA-7A9C1B739A11}, En quarantaine, [3bd5380551484beb2a0b5b25e91908f8],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{01994268-3C10-4044-A1EA-7A9C1B739A11}, En quarantaine, [3bd5380551484beb2a0b5b25e91908f8],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{01994268-3C10-4044-A1EA-7A9C1B739A11}, En quarantaine, [3bd5380551484beb2a0b5b25e91908f8],
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, En quarantaine, [87898ab3504979bd9d7af39413ef8d73],
PUP.Optional.WinManger, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, En quarantaine, [87898ab3504979bd9d7af39413ef8d73],
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, En quarantaine, [87898ab3504979bd9d7af39413ef8d73],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\CLASSES\APPID\{ef494946-9425-4a5c-b373-74ccd38e8c48}, En quarantaine, [f21ebc81aeebde58a06d1473b44ea15f],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{EF494946-9425-4A5C-B373-74CCD38E8C48}, En quarantaine, [f21ebc81aeebde58a06d1473b44ea15f],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{EF494946-9425-4A5C-B373-74CCD38E8C48}, En quarantaine, [f21ebc81aeebde58a06d1473b44ea15f],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\IminentWebBooster.BrowserHelperObject, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\IminentWebBooster.BrowserHelperObject.1, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, En quarantaine, [15fbbc819108e650350ad6aaf80a9769],
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [917fe15c5e3b1c1acf6e95ebac567a86],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [917fe15c5e3b1c1acf6e95ebac567a86],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, En quarantaine, [5cb4b38a2376f244f14b77096e94e020],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, En quarantaine, [e12f192443568caa51f04b3552b0a957],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, En quarantaine, [9e720b322b6ee4522a16621e6a9816ea],
PUP.Optional.Iminent, HKLM\SOFTWARE\Iminent, En quarantaine, [759b27160e8b0531972cfbd19a69f010],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\Iminent, En quarantaine, [18f82d10108946f06648428a0af938c8],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, En quarantaine, [5eb2d766861382b4e7cbf3d93dc63dc3],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, En quarantaine, [b957a8950f8a171fae04a329ff04629e],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, En quarantaine, [bb55073621785ed88923c60660a3df21],
PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\Iminent.WebBooster.InternetExplorer.DLL, En quarantaine, [16fa300de9b0191d7438b418a36036ca],
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}, En quarantaine, [0907f8457524a78f8d4b65caa3615ba5],
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}, En quarantaine, [15fbc37a3c5ddf570fb46e4a000354ac],
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Cassiopesa tadi, Supprimer au redémarrage, [89874cf1c7d2e2541ba9a7119c677987],
PUP.Optional.SwiftSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SwiftSearch Auto Updater 1.10.0.25 Core, Supprimer au redémarrage, [51bf40fdc4d557df9a41a75351b27d83],
PUP.Optional.SwiftSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SwiftSearch Auto Updater 1.10.0.25 Pending Update, Supprimer au redémarrage, [46ca5be2534682b4a13a44b6956e14ec],
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Tny_Cassiopesa, Supprimer au redémarrage, [f61a300d7e1bb1855f65fcbc877cb24e],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\ihpmserver, En quarantaine, [fe12ee4f2970ec4ad9d41cde0af9728e],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\Iminent, En quarantaine, [030d84b91980d2649f2487454fb442be],
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, En quarantaine, [cb45e459bedb1e1841303ce322e241bf],
PUP.Optional.SwiftSearch, HKLM\SOFTWARE\WOW6432NODE\SwiftSearch_1.10.0.25, En quarantaine, [7e9282bb83167fb73727fced17ec8878],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, En quarantaine, [cb45a6979801d85e634bb91360a36898],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, En quarantaine, [48c865d8cccd59dd6f430dbf33d01fe1],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, En quarantaine, [64ac93aaecad79bde5cdad1f47bc8779],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, En quarantaine, [e030fd406b2e0c2a08a4bc10f70cb34d],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ehhlaekjfiiojlddgndcnefflngfmhen, En quarantaine, [d53bef4ec2d7191d7349f4d8f60d4fb1],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nociobghckdhokecfeajdpimjeapnopn, En quarantaine, [51bf3ffec1d868ce6b56389449ba8878],
PUP.Optional.IMGUpdater, HKLM\SOFTWARE\WOW6432NODE\IMGUPDATER, En quarantaine, [25eb043918813501187d58744ab9d927],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SwiftSearchAutoUpdateClient_RASAPI32, En quarantaine, [20f080bde0b9b87ecb113fbb2bd8728e],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SwiftSearchAutoUpdateClient_RASMANCS, En quarantaine, [44ccb6870396e056c5177486bd46bb45],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, En quarantaine, [0a065ae3138688aeb813a62649ba30d0],
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, En quarantaine, [8987d469a1f8cd695973705c24dfb947],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SwiftSearch_1.10.0.25, En quarantaine, [ca465fde762385b11d97c96b39cbe719],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD, En quarantaine, [c44c9e9f782169cdacb63f9dce34946c],
PUP.Optional.SoundPlus, HKLM\SOFTWARE\WOW6432NODE\SOUNDPLUS, En quarantaine, [3cd452eb0c8d82b4f2d6230c84801ae6],
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, En quarantaine, [9c7405384d4c87af8a0a08e4788b669a],
PUP.Optional.Umbrella, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, En quarantaine, [1ef22b12dbbe4beb9b5739b343c0b947],
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\Iminent, En quarantaine, [97795edf7b1eae887c38527aec17a759],
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\tny_cassiopesa, En quarantaine, [ef214eeff9a0063010b0eace867d11ef],
PUP.Optional.Tuto4PC, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\TutoTag, En quarantaine, [19f793aa4455a195dbb5f1fb0ef5ae52],
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, En quarantaine, [789859e434650333417629a337cc42be],
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}, En quarantaine, [789871cc504987af8abd4ce4b54f7e82],
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}, En quarantaine, [f81889b41e7bdc5a1ea32a8e3ac942be],
PUP.Optional.CrossRider, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9563BC59-9556-4805-8CD4-886781779D8D}, En quarantaine, [cd430d30188161d5d7fc6abe6c98847c],
PUP.Optional.SpaceSound, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\SPACEPLUS, En quarantaine, [68a8102d03967eb881def53eff05ba46],

Valeurs du Registre: 26
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [917fe15c5e3b1c1acf6e95ebac567a86],
PUP.Optional.Iminent, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [18f8c07de2b77db954e9621e1de530d0],
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|URL, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto16_15_47&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyDyD0C0BtCzyyByBtAyBtAtN0D0Tzu0StCyEtBtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0ByE0CyEtD0CtDtGtCyEzzyCtG0BtCyCzytGyB0DyDzytG0FtBtC0AyEtDyBtA0Ezzzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0BtAzz0FtAtCtG0EyCyEyCtGyE0DtCtBtG0A0DyC0DtGtBtCzytDzzyDtAtCtAyC0CtC2QtN0A0LzuyE&cr=1096896345&ir=, En quarantaine, [15fbc37a3c5ddf570fb46e4a000354ac]
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|TopResultURLFallback, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto16_15_47&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyDyD0C0BtCzyyByBtAyBtAtN0D0Tzu0StCyEtBtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0ByE0CyEtD0CtDtGtCyEzzyCtG0BtCyCzytGyB0DyDzytG0FtBtC0AyEtDyBtA0Ezzzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0BtAzz0FtAtCtG0EyCyEyCtGyE0DtCtBtG0A0DyC0DtGtBtCzytDzzyDtAtCtAyC0CtC2QtN0A0LzuyE&cr=1096896345&ir=, En quarantaine, [b65ad16ca5f4b581883bfdbbde25e719]
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|FaviconPath, C:\Users\Vincent\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, En quarantaine, [dd339ba2b1e87cba9f24f6c2ca39c43c]
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}, Cassiopesa, En quarantaine, [f61af04d2178bc7a1da64375659edb25]
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|DisplayName, Cassiopesa, En quarantaine, [fa165edfe2b713236e5525932cd7936d]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|DisplayName, istartsurf, En quarantaine, [db3579c44b4e40f6af7c337411f201ff]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|URL, http://www.istartsurf.com/web/?type=ds&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx&q={searchTerms}, En quarantaine, [aa666cd12b6ea3930d1ef4b3ba4939c7]
PUP.Optional.IMGUpdater, HKLM\SOFTWARE\WOW6432NODE\IMGUPDATER|ConfigBlockJSN, {
"MAIN_SWITCH" : true,
"UPDATABLE" : {
"064A36CC-4404-42F9-B26E-3BFD515F2447" : {
"lastupdated" : 0,
"mindeltatime" : 259200
},
"2C200CBA-D536-40C8-902D-9C34FD10AD85" : {
"lastupdated" : 0,
"localversion" : "0",
"mindeltatime" : 259200
},
"4C973056-22D8-488C-A358-AEA00CC2EC7D" : {
"lastupdated" : 0,
"mindeltatime" : 259200
}
}
}
, En quarantaine, [25eb043918813501187d58744ab9d927]
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}|Url, http://start.iminent.com/?appId=23d9ca3f-50d7-4f15-8ab7-03b9d12100f9&ref=toolbox&q={searchTerms}, En quarantaine, [ba56bb82badf112500c510bc49ba7c84]
PUP.Optional.MobilePCStarterKit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mpck_en_004090153, En quarantaine, [29e7a29b39604cea95721cbac63d52ae],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD|dir, C:\Program Files (x86)\RayDld, En quarantaine, [c44c9e9f782169cdacb63f9dce34946c]
PUP.Optional.SoundPlus, HKLM\SOFTWARE\WOW6432NODE\SOUNDPLUS|Path, C:\Program Files (x86)\spaceeplus, En quarantaine, [3cd452eb0c8d82b4f2d6230c84801ae6]
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, E4272D3D-57AB-4D29-9910-6AD37FF0DF17, En quarantaine, [9c7405384d4c87af8a0a08e4788b669a]
PUP.Optional.Umbrella, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|ConfigBlockJSN, { "CGN" : 3, "CONUP_LAZARUS" : 1, "CR_SETTINGS" : 3, "EXT_PROT" : { "CHR" : [ { "EC" : 0, "UID" : "aaaaadgepjkdffhjbkfjgnnffnfcffbg" }, { "EC" : 0, "UID" : "aaaajccikcnncidhbokfncpooceanool" }, { "EC" : 0, "UID" : "aaaaaejaghnbcjilindpkgmcmdflpgjf" }, { "EC" : 0, "UID" : "aaaaaiabcopkplhgaedhbloeejhhankf" }, { "EC" : 0, "UID" : "aaaaaklkhfhdcchkljhckdbonpofmafb" } ], "CTRY" : [ "ALL" ], "ECI" : 999, "FFX" : [ { "EC" : 0, "UID" : "toolbar_OVO2V7C@apn.ask.com" }, { "EC" : 0, "UID" : "{86704f2e-2bf8-4bc9-84ee-8a791772f661}" }, { "EC" : 0, "UID" : "toolbar_SPC-SP@apn.ask.com" }, { "EC" : 0, "UID" : "searchengine@gmail.com" } ], "IE" : [ { "EC" : 0, "UID" : "IE_ASKBAR" }, { "EC" : 0, "UID" : "SEARCH_APP_BY_ASK" } ] }, "MS_STD_COMPLY" : 2, "UI_TRF_SRC" : 0, "add_sh_enabled" : 1, "metro_updated" : 10}, En quarantaine, [1ef22b12dbbe4beb9b5739b343c0b947]
PUP.Optional.WebBar, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|wb.exe, 11000, En quarantaine, [8987f7465d3c0432611f4ee6b64e7a86]
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|URL, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto16_15_47&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyDyD0C0BtCzyyByBtAyBtAtN0D0Tzu0StCyEtBtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0ByE0CyEtD0CtDtGtCyEzzyCtG0BtCyCzytGyB0DyDzytG0FtBtC0AyEtDyBtA0Ezzzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0BtAzz0FtAtCtG0EyCyEyCtGyE0DtCtBtG0A0DyC0DtGtBtCzytDzzyDtAtCtAyC0CtC2QtN0A0LzuyE&cr=1096896345&ir=, En quarantaine, [f81889b41e7bdc5a1ea32a8e3ac942be]
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|TopResultURLFallback, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tuto16_15_47&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyDyD0C0BtCzyyByBtAyBtAtN0D0Tzu0StCyEtBtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0ByE0CyEtD0CtDtGtCyEzzyCtG0BtCyCzytGyB0DyDzytG0FtBtC0AyEtDyBtA0Ezzzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0BtAzz0FtAtCtG0EyCyEyCtGyE0DtCtBtG0A0DyC0DtGtBtCzytDzzyDtAtCtAyC0CtC2QtN0A0LzuyE&cr=1096896345&ir=, En quarantaine, [4bc586b7158478be328f7a3e61a2847c]
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|FaviconPath, C:\Users\Vincent\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, En quarantaine, [2de3b28b069395a100c115a3f60dc937]
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}, Cassiopesa, En quarantaine, [7a9661dcd9c0c0766160b800ef1402fe]
PUP.Optional.Cassiopesa, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{460C3D19-B3D4-4964-A550-77D263B0CCCB}|DisplayName, Cassiopesa, En quarantaine, [90802617b7e2e353447d07b162a1fb05]
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|DisplayName, istartsurf, En quarantaine, [29e759e491084beb32f8e2c5788b32ce]
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|URL, http://www.istartsurf.com/web/?type=ds&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx&q={searchTerms}, En quarantaine, [ca46310c47528caa2802d4d3fd068a76]
PUP.Optional.NotChromeRun, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleChromeAutoLaunch_4988E43DC64FBD79F3EE8A6089E795ED, "C:\Users\Vincent\AppData\Local\Chromium\Application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session, En quarantaine, [f51b87b6c4d50135452dc612cb3848b8]
PUP.Optional.SpaceSound, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\SPACEPLUS|mj, 15.11.22.1, En quarantaine, [68a8102d03967eb881def53eff05ba46]

Données du Registre: 6
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.istartsurf.com/web/?type=ds&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx&q={searchTerms}),Remplacé,[080825185b3e280ec5f2bcfb9470a957]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx, Bon : (www.google.com), Mauvais : (http://www.istartsurf.com/?type=hp&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx),Remplacé,[19f761dc168387af42759c1b62a26e92]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.istartsurf.com/web/?type=ds&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx&q={searchTerms}),Remplacé,[ad63ba835b3e3cfa991e2790fc08d42c]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[2be586b737627abc570fae100afa4fb1]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[f818023b0f8a39fd1155ab13fb092dd3]
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-2971972502-2614698906-4200090456-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx, Bon : (www.google.com), Mauvais : (http://www.istartsurf.com/?type=hp&ts=1448191618&z=12f9dbb03640afca4489bf7g9z9z9bdgbt8g5qcg2b&from=tug1&uid=toshibaxdt01aca200_54ja3m4ksxx54ja3m4ksx),Remplacé,[23eda19c8811d85ebff6e2d5b15350b0]

Dossiers: 3
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\RPNLJH, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],

Fichiers: 19
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\Sqlite3.dll, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\aowLC, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\dExtent, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\extent, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\hdat1, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\hdat2, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Amonetize, C:\ProgramData\{3598DD5B-651A-0CDD-D49C-7C5F041EAFD1}\2.0.1.9\mito.txt, En quarantaine, [28e86dd0c2d7df57cec89b17dc27728e],
PUP.Optional.Cassiopesa, C:\Windows\System32\Tasks\Cassiopesa tadi, En quarantaine, [bc54ec516435d363b806ac0cb35057a9],
PUP.Optional.Cassiopesa, C:\Windows\System32\Tasks\Tny_Cassiopesa, En quarantaine, [e8284eef1188ea4c9c22fbbd14efaf51],
PUP.Optional.Cassiopesa, C:\Windows\Tasks\Tny_Cassiopesa.job, En quarantaine, [43cd9ba24851d95d07b82494e61d3dc3],
PUP.Optional.SwiftSearch, C:\Windows\System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core, En quarantaine, [58b847f6c3d6be78c81152a853b00ff1],
PUP.Optional.SwiftSearch, C:\Windows\System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update, En quarantaine, [2de32e0fa8f1d4626b6e8476a75ccc34],
PUP.Optional.Cassiopesa, C:\Users\Vincent\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, En quarantaine, [0a068eaf32671125a4c89e5df2116997],
PUP.Optional.Iminent, C:\Users\Vincent\AppData\Local\Chrome .lnk, En quarantaine, [d23e0e2f6d2c37ffba70a28754b0c23e],
PUP.Optional.Iminent, C:\Users\Vincent\AppData\Local\Firefox .lnk, En quarantaine, [c34db8852e6b63d39992e34632d2847c],
PUP.Optional.Iminent, C:\Users\Vincent\AppData\Local\Iexplore .lnk, En quarantaine, [da36e05d3366ea4cb07cc168d52f9769],
PUP.Optional.eShopComp, C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.eshopcomp.com_0.localstorage, En quarantaine, [828e1825079253e3f613d267d62ed729],
PUP.Optional.eShopComp, C:\Users\Vincent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.eshopcomp.com_0.localstorage-journal, En quarantaine, [ea2660dd4158a88e4cbd9e9b8f75c23e],
PUP.Optional.Cassiopesa, C:\Users\Vincent\AppData\Local\Chromium\User Data\Default\Secure Preferences, Bon : ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Mauvais : ("session":{"restore_on_startup":4,"startup_urls":["http://www.cassiopessa.com/?f=7&a=csp_tuto16_15_47&cd=2XzuyEtN2Y1L1QzuyByE0DyEtAyDyD0C0BtCzyyByBtAyBtAtN0D0Tzu0StCyEtBtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyD0ByE0CyEtD0CtDtGtCyEzzyCtG0BtCyCzytGyB0DyDzytG0FtBtC0AyEtDyBtA0Ezzzzzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0BtAzz0FtAtCtG0EyCyEyCtGyE0DtCtBtG0A0DyC0DtGtBtCzytDzzyDtAtCtAyC0CtC2QtN0A0LzuyE&cr=1096896345&ir=&uref=chmm"]},"software_reporter":{"prompt_reason":0,"prompt_version":"4.32.1"}}), Remplacé,[3ed2132aefaaec4a901b2dc03dc7de22]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité