cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 03/02/2017
Heure de l'analyse: 15:42
Fichier journal: malware.txt
Administrateur: Oui

-Informations du logiciel-
Version: 3.0.6.1469
Version de composants: 1.0.50
Version de pack de mise à jour: 1.0.1172
Licence: Essai

-Informations système-
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Nicolas-PC\Nicolas

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 560911
Temps écoulé: 3 min, 31 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 33
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, En quarantaine, [191], [169264],1.0.1172
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, En quarantaine, [3626], [168097],1.0.1172
PUP.Optional.SnapDo, HKU\S-1-5-21-3070062895-870700222-24161379-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, En quarantaine, [3205], [167608],1.0.1172
PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, En quarantaine, [3626], [168092],1.0.1172
PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [12754], [167933],1.0.1172
PUP.Optional.Muvic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C8428739-5207-4817-9F19-69FA77018633}, En quarantaine, [14336], [240998],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C154871-1781-444C-AA8A-91B7F31642FE}, En quarantaine, [307], [237488],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F54DBA2-4B90-415C-BDC4-5454EDDCD6B1}, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{572EFFFA-31A4-42D4-BDFD-2D3A7FCA8A99}, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D783D7DD-3B8F-4A5D-ADC3-D9A34236A7AE}, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9D65C79-65ED-4F06-BC6F-641FEBD46D14}, En quarantaine, [307], [237488],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE4BE448-BA09-412A-8A8B-8F9D6D8DBACC}, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.GenericAddon, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, En quarantaine, [16963], [238680],1.0.1172
PUP.Optional.AmazonTB, HKU\S-1-5-21-3070062895-870700222-24161379-501\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, En quarantaine, [12685], [235409],1.0.1172
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [17875], [252393],1.0.1172
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{5eeb83d0-96ea-4249-942c-beead6847053}Gw64, En quarantaine, [2958], [242520],1.0.1172
PUP.Optional.GenericAddon, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, En quarantaine, [16963], [238680],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\HQCinema Pro 2.1V03.02-nv-ie, En quarantaine, [307], [237351],1.0.1172
PUP.Optional.ProPCCleaner, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\ProPCCleanerLanguage, En quarantaine, [438], [242064],1.0.1172
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\SearchProtectIN4T, En quarantaine, [2570], [253637],1.0.1172
PUP.Optional.BrowsersApp, HKLM\SOFTWARE\WOW6432NODE\Browsers Apps-nv, En quarantaine, [8637], [236254],1.0.1172
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\Internet Speed Checker-nv, En quarantaine, [15212], [187399],1.0.1172
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [15212], [-1],0.0.0
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [17875], [252393],1.0.1172

Valeur du registre: 16
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C154871-1781-444C-AA8A-91B7F31642FE}|APPNAME, En quarantaine, [307], [237488],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F54DBA2-4B90-415C-BDC4-5454EDDCD6B1}|APPNAME, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{572EFFFA-31A4-42D4-BDFD-2D3A7FCA8A99}|APPNAME, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D783D7DD-3B8F-4A5D-ADC3-D9A34236A7AE}|APPNAME, En quarantaine, [307], [237487],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9D65C79-65ED-4F06-BC6F-641FEBD46D14}|APPNAME, En quarantaine, [307], [237488],1.0.1172
PUP.Optional.CrossRider, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE4BE448-BA09-412A-8A8B-8F9D6D8DBACC}|APPNAME, En quarantaine, [307], [237487],1.0.1172
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En quarantaine, [17875], [252393],1.0.1172
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [2570], [-1],0.0.0
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [2570], [-1],0.0.0
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [15212], [-1],0.0.0
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [15212], [-1],0.0.0
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKU\S-1-5-21-3070062895-870700222-24161379-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [15212], [-1],0.0.0
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKU\S-1-5-21-3070062895-870700222-24161379-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [15212], [-1],0.0.0
PUP.Optional.InternetSpeedChecker.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [15212], [-1],0.0.0
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, En quarantaine, [17875], [252393],1.0.1172
PUP.Optional.FirstSeenToday, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FST_FR_350, En quarantaine, [6688], [238391],1.0.1172

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 2
Rogue.Multiple, C:\PROGRAMDATA\374311380, En quarantaine, [4600], [170100],1.0.1172
PUP.Optional.GenesisOffers, C:\USERS\NICOLAS\APPDATA\LOCAL\Genesis_10150905, En quarantaine, [2622], [174350],1.0.1172

Fichier: 15
PUP.Optional.BrowsersApp, C:\USERS\NICOLAS\APPDATA\ROAMING\WNYGNX.EXE, En quarantaine, [8637], [299066],1.0.1172
PUP.Optional.BrowsersApp, C:\USERS\NICOLAS\APPDATA\ROAMING\DS.EXE, En quarantaine, [8637], [299066],1.0.1172
PUP.Optional.CrossRider, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [307], [301531],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Iminent, C:\USERS\NICOLAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TV4B85D.DEFAULT\PREFS.JS, Remplacé, [3626], [301714],1.0.1172
PUP.Optional.Pinwid, C:\WINDOWS\INSTALLER\3E537281.MSI, En quarantaine, [19153], [278300],1.0.1172
PUP.Optional.SmartBar, C:\WINDOWS\INSTALLER\MSI78FE.TMP-\SMARTBAR.INSTALLER.CUSTOMACTIONS.DLL, En quarantaine, [1906], [3446],1.0.1172
PUP.Optional.SnapDo, C:\WINDOWS\INSTALLER\3E53727C.MSI, En quarantaine, [3205], [77242],1.0.1172
PUP.Optional.SmartBar, C:\WINDOWS\INSTALLER\MSICBFF.TMP-\SMARTBAR.INSTALLER.CUSTOMACTIONS.DLL, En quarantaine, [1906], [3446],1.0.1172
PUP.Optional.Sanbreel, C:\WINDOWS\SYSTEM32\DRIVERS\{5EEB83D0-96EA-4249-942C-BEEAD6847053}GW64.SYS, En quarantaine, [2958], [242520],1.0.1172

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité