cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 18/08/2016
Heure de l'analyse: 21:25
Fichier journal: Analyse Malwa.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.08.18.08
Base de données de rootkits: v2016.08.15.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Philippe

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 399047
Temps écoulé: 26 min, 34 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 7
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En quarantaine, [662aef5de8b2b482d5e6fefc986ba15f],
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En quarantaine, [8e02a5a74a50c37372496793897a4fb1],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3EBF921F}, En quarantaine, [c1cf73d96d2df6400adf7c7b37cc0ff1],
PUP.Optional.WinZipMalwareProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WinZip Malware Protector, En quarantaine, [eaa64dff2575f83e5ec38a5b04ff4fb1],
PUP.Optional.SearchManager, HKU\S-1-5-21-825696182-2048373221-2051185864-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, En quarantaine, [2868103c831756e00ebec6050ef402fe],
PUP.Optional.WinYahoo, HKU\S-1-5-21-825696182-2048373221-2051185864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, En quarantaine, [cfc10745dac077bf5d102ad2788bfd03],
PUP.Optional.SystemHealer, HKU\S-1-5-21-825696182-2048373221-2051185864-1002\SOFTWARE\SYSTEM HEALER, En quarantaine, [612f4dff8614e84ef5067f5ba65dd62a],

Valeurs du Registre: 8
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3ebf921f}|1, 1466756117, En quarantaine, [c1cf73d96d2df6400adf7c7b37cc0ff1]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{b394a987-3901-46a6-8b5b-dab1e1c3fe84}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [dbb589c318821a1c41943eb917ec6b95]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{e7a05bc2-972d-4a06-8a89-9dad5811f862}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [b1df6fdd841680b6706611e67093f50b]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{ee7ff19c-7573-4641-9a84-4eaea384cd7f}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [c2ce55f72674ee4829acae4960a3d828]
PUP.Optional.WinYahoo, HKU\S-1-5-21-825696182-2048373221-2051185864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|filename, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\uninstall.exe, En quarantaine, [cfc10745dac077bf5d102ad2788bfd03]
PUP.Optional.SystemHealer, HKU\S-1-5-21-825696182-2048373221-2051185864-1002\SOFTWARE\SYSTEM HEALER|HomePage, http://systemhealer.com/, En quarantaine, [612f4dff8614e84ef5067f5ba65dd62a]
PUP.Optional.SystemHealer, HKU\S-1-5-21-825696182-2048373221-2051185864-1002\SOFTWARE\SYSTEM HEALER|CartURL, http://gen.securedshopgate.com/?t=01&b=35&tid=351002282-IL-318_BCBB0B09-76B2-409E-AA8A-9C0653102F46&clb=1, En quarantaine, [efa1054722782f07fddca75605fee917]
PUP.Optional.SystemHealer, HKU\S-1-5-21-825696182-2048373221-2051185864-1002\SOFTWARE\SYSTEM HEALER|SupportPage, http://systemhealer.com/support/#contact, En quarantaine, [860a212b2d6d5dd9b942a63410f341bf]

Données du Registre: 1
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Bon : (8.8.8.8), Mauvais : (82.163.142.7 95.211.158.134),Remplacé,[f19f2c20faa010261485e990fd07e41c]

Dossiers: 2
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],

Fichiers: 22
PUP.Optional.UTop, C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, En quarantaine, [96fa95b73b5f41f5e6af2dc422e119e7],
PUP.Optional.UTop, C:\Users\Philippe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, En quarantaine, [226eb399f3a751e5761fb938986bc63a],
PUP.Optional.SearchManager, C:\Users\Philippe\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage, En quarantaine, [3b55d07ca6f4082e7346ec0e22e1748c],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\HowToRemove.html, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\chromium-min.jpg, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\control panel-min-min.JPG, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\down.png, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\ff menu.JPG, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\ff search engine-min.png, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\hp-min ff.png, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\hp-min ie.png, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\search engine.gif, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\setup pages.gif, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\sp-min.png, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\start-min.jpg, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\HowToRemove\up.png, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\bapi.dat, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\dere, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\fame, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\info.dat, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\install.log, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],
PUP.Optional.WinYahoo, C:\Users\Philippe\AppData\Local\{CD42FB1E-E9EA-97A6-8472-B24EA01A4ED6}\uninst.dat, En quarantaine, [414f1e2ea3f757df4d42118c50b425db],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité