cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 15/04/2017
Heure de l'analyse: 19:54
Fichier journal: Malwarebytes.txt
Administrateur: Oui

-Informations du logiciel-
Version: 3.0.6.1469
Version de composants: 1.0.103
Version de pack de mise à jour: 1.0.1735
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: user-PC\user

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 333003
Temps écoulé: 6 min, 50 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 12
PUP.Optional.MySearchTB, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0D4A4BC-F7CD-436E-B1FA-25637BA0F5BE}, En quarantaine, [10599], [168585],1.0.1735
PUP.Optional.MySearchTB, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0D4A4BC-F7CD-436E-B1FA-25637BA0F5BE}, En quarantaine, [10599], [168585],1.0.1735
PUP.Optional.TorrentSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F}, En quarantaine, [720], [169595],1.0.1735
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}, En quarantaine, [691], [169676],1.0.1735
PUP.Optional.MyStart, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2159D33-3CE2-401B-8967-1B270628A311}, En quarantaine, [1498], [387670],1.0.1735
PUP.Optional.MyStart, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2159D33-3CE2-401B-8967-1B270628A311}, En quarantaine, [1498], [387670],1.0.1735
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, En quarantaine, [319], [-1],0.0.0
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\FOLDER\SHELLEX\CONTEXTMENUHANDLERS\Advanced System Protector, En quarantaine, [255], [326803],1.0.1735
PUP.Optional.RestoreSearch.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, En quarantaine, [15246], [-1],0.0.0
PUP.Optional.RestoreSearch.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, En quarantaine, [15246], [-1],0.0.0
PUP.Optional.CrossRider, HKU\S-1-5-21-30214297-300164187-2463202489-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3601997B-97A3-4AEA-93C3-771F38975CF2}, En quarantaine, [222], [237487],1.0.1735
PUP.Optional.CrossRider, HKU\S-1-5-21-30214297-300164187-2463202489-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{360BF777-277B-450A-90F8-954EBEF03FB8}, En quarantaine, [222], [237488],1.0.1735

Valeur du registre: 9
PUP.Optional.Privoxy, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [319], [-1],0.0.0
PUP.Optional.Privoxy, HKU\S-1-5-21-30214297-300164187-2463202489-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Échec de la suppression, [319], [-1],0.0.0
PUP.Optional.Privoxy, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, En quarantaine, [319], [-1],0.0.0
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENAS\COMMAND|ADVANCED SYSTEM~PROTECTOR.BAK, En quarantaine, [255], [326805],1.0.1735
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\UNKNOWN\SHELL\OPENDLG\COMMAND|ADVANCED SYSTEM~PROTECTOR.BAK, En quarantaine, [255], [326808],1.0.1735
PUP.Optional.RestoreSearch.ChrPRST, HKU\S-1-5-21-30214297-300164187-2463202489-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|C, En quarantaine, [15246], [258570],1.0.1735
PUP.Optional.CrossRider, HKU\S-1-5-21-30214297-300164187-2463202489-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3601997B-97A3-4AEA-93C3-771F38975CF2}|APPNAME, En quarantaine, [222], [237487],1.0.1735
PUP.Optional.CrossRider, HKU\S-1-5-21-30214297-300164187-2463202489-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{360BF777-277B-450A-90F8-954EBEF03FB8}|APPNAME, En quarantaine, [222], [237488],1.0.1735
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\CLASSES\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{00212D92-C5D8-4FF4-AE50-B20F0F85C40A}, En quarantaine, [255], [326804],1.0.1735

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 3
PUP.Optional.BrowserManager, C:\Users\user\AppData\Local\Yandex\BrowserManager\data\SeederTasks, En quarantaine, [8766], [383595],1.0.1735
PUP.Optional.BrowserManager, C:\Users\user\AppData\Local\Yandex\BrowserManager\data, En quarantaine, [8766], [383595],1.0.1735
PUP.Optional.BrowserManager, C:\USERS\USER\APPDATA\LOCAL\Yandex\BrowserManager, En quarantaine, [8766], [383595],1.0.1735

Fichier: 21
PUP.Optional.BrowserManager, C:\Users\user\AppData\Local\Yandex\BrowserManager\data\SeederTasks\thumbsv1.json, En quarantaine, [8766], [383595],1.0.1735
PUP.Optional.InstallCore, C:\USERS\USER\APPDATA\ROAMING\ZHP\QUARANTINE\3E38D09D-145F-45DD-9A46-3D90F11D3039\6C20FAF7-53A8-48F6-854F-2551ECB12F77.DLL, En quarantaine, [2], [301067],1.0.1735
PUP.Optional.InstallCore, C:\PROGRAM FILES (X86)\COMMON FILES\3E38D09D-145F-45DD-9A46-3D90F11D3039.DLL, En quarantaine, [2], [301067],1.0.1735
PUP.Optional.GlobalUpdate, C:\USERS\USER\APPDATA\ROAMING\ZHP\QUARANTINE\69065_UPDATER.EXE, En quarantaine, [691], [306305],1.0.1735
PUP.Optional.InstallCore, C:\USERS\USER\APPDATA\ROAMING\ZHP\QUARANTINE\3E38D09D-145F-45DD-9A46-3D90F11D3039\45B5187B-A89F-4349-A3BD-BCDAD126A8B7.DLL, En quarantaine, [2], [301067],1.0.1735
PUP.Optional.InstallCore, C:\PROGRAM FILES (X86)\COMMON FILES\AB702502-E004-46D5-8D4F-160DA854373F.DLL, En quarantaine, [2], [301067],1.0.1735
PUP.Optional.GlobalUpdate, C:\USERS\USER\APPDATA\LOCAL\TEMP\69065_UPDATER.EXE, En quarantaine, [691], [306305],1.0.1735
PUP.Optional.SilentInstaller, C:\USERS\USER\APPDATA\LOCAL\TEMP\IPOBBC5.EXE, En quarantaine, [3870], [11846],1.0.1735
PUP.Optional.TorrentSearch, C:\USERS\USER\APPDATA\LOCAL\TEMP\7B3027A6-293B-46C7-843B-44F0A3E5ADF0\TS_10051.EXE, En quarantaine, [720], [113790],1.0.1735
PUP.Optional.Offerware, C:\USERS\USER\APPDATA\LOCAL\TEMP\F9626892-7A78-3199-ABD2-97BBCE96297B\EXTRACTED\ADV_109.EXE, En quarantaine, [8374], [100546],1.0.1735
PUP.Optional.TorrentSearch, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUDAINANCZ_1\CHROMIUM.DLL, En quarantaine, [720], [113790],1.0.1735
PUP.Optional.TorrentSearch, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUDAINANCZ_1\SQLITE3.DLL, En quarantaine, [720], [113790],1.0.1735
PUP.Optional.TorrentSearch, C:\USERS\USER\APPDATA\LOCAL\TEMP\XUDAINANCZ_1\POTEM93.DLL, En quarantaine, [720], [113790],1.0.1735
PUP.Optional.Privoxy, C:\USERS\USER\DOWNLOADS\THE_JUNGLE_BOOK_(2016)_NEW_-_720P_HDTS_-_900MB_-_SHAANIG.ZIP, En quarantaine, [319], [117653],1.0.1735
PUP.Optional.CrossRider, C:\WINDOWS\INSTALLER\243A4.MSI, En quarantaine, [222], [281756],1.0.1735
PUP.Optional.RestoreSearch.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Échec de la suppression, [15246], [-1],0.0.0
PUP.Optional.RestoreSearch.ChrPRST, C:\USERS\USER\NTUSER.POL, En quarantaine, [15246], [-1],0.0.0
PUP.Optional.RestoreSearch.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, En quarantaine, [15246], [-1],0.0.0
PUP.Optional.RestoreSearch.ChrPRST, C:\WINDOWS\SYSWOW64\GROUPPOLICY\USER\REGISTRY.POL, En quarantaine, [15246], [-1],0.0.0
PUP.Optional.RestoreSearch.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, En quarantaine, [15246], [-1],0.0.0
PUP.Optional.RestoreSearch.ChrPRST, C:\WINDOWS\SYSWOW64\GROUPPOLICY\MACHINE\REGISTRY.POL, En quarantaine, [15246], [-1],0.0.0

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité