Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 11/05/2017
Heure de l'analyse: 10:28
Fichier journal: malwarebyte.txt
Administrateur: Oui
-Informations du logiciel-
Version: 3.1.2.1733
Version de composants: 1.0.122
Version de pack de mise à jour: 1.0.1906
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: sylvain\pro
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 413854
Menaces détectées: 29
Menaces mises en quarantaine: 29
Temps écoulé: 2 min, 49 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 6
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En quarantaine, [51], [160141],1.0.1906
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER, En quarantaine, [965], [252826],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [28], [260247],1.0.1906
PUP.Optional.Conduit, HKU\S-1-5-21-1817580383-1317029755-1127610557-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DEDDEE94-6A63-4F71-82D9-96B379CB641B}, En quarantaine, [563], [236867],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [28], [260247],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{157f284c}, En quarantaine, [28], [260250],1.0.1906
Valeur du registre: 6
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER|HOMEPAGE, En quarantaine, [965], [252826],1.0.1906
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER|CARTURL, En quarantaine, [965], [261796],1.0.1906
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER|SUPPORTPAGE, En quarantaine, [965], [252826],1.0.1906
PUP.Optional.Conduit, HKU\S-1-5-21-1817580383-1317029755-1127610557-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DEDDEE94-6A63-4F71-82D9-96B379CB641B}|SUGGESTIONSURL_JSON, En quarantaine, [563], [236867],1.0.1906
PUP.Optional.Conduit, HKU\S-1-5-21-1817580383-1317029755-1127610557-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DEDDEE94-6A63-4F71-82D9-96B379CB641B}|URL, En quarantaine, [563], [236865],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{157f284c}|1, En quarantaine, [28], [260250],1.0.1906
Données du registre: 11
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4305725e-f403-4f58-947a-4703c11a4d1b}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4305725e-f403-4f58-947a-4703c11a4d1b}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4d0f7fd9-d0af-42cf-9080-5b1196abd89f}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4d0f7fd9-d0af-42cf-9080-5b1196abd89f}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{75a896d7-422f-4df6-b95a-a7a2c2603649}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{75a896d7-422f-4df6-b95a-a7a2c2603649}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aae812a5-844f-4309-8c15-1ec4a40b9553}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aae812a5-844f-4309-8c15-1ec4a40b9553}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 0
(Aucun élément malveillant détecté)
Fichier: 6
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, En quarantaine, [51], [-1],0.0.0
PUP.Optional.WinYahoo, C:\USERS\PRO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\WINCY.ICO, En quarantaine, [88], [246865],1.0.1906
PUP.Optional.Pakilan, C:\USERS\PRO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\GO_PALIKAN.ICO, En quarantaine, [12905], [246369],1.0.1906
PUP.Optional.Palikan, C:\USERS\PRO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En quarantaine, [1709], [255721],1.0.1906
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS_MIGRATED\ByteFence, En quarantaine, [616], [391769],1.0.1906
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS_MIGRATED\ByteFence Scan, En quarantaine, [616], [391769],1.0.1906
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 11/05/2017
Heure de l'analyse: 10:28
Fichier journal: malwarebyte.txt
Administrateur: Oui
-Informations du logiciel-
Version: 3.1.2.1733
Version de composants: 1.0.122
Version de pack de mise à jour: 1.0.1906
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: sylvain\pro
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 413854
Menaces détectées: 29
Menaces mises en quarantaine: 29
Temps écoulé: 2 min, 49 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 6
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En quarantaine, [51], [160141],1.0.1906
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER, En quarantaine, [965], [252826],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [28], [260247],1.0.1906
PUP.Optional.Conduit, HKU\S-1-5-21-1817580383-1317029755-1127610557-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DEDDEE94-6A63-4F71-82D9-96B379CB641B}, En quarantaine, [563], [236867],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [28], [260247],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{157f284c}, En quarantaine, [28], [260250],1.0.1906
Valeur du registre: 6
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER|HOMEPAGE, En quarantaine, [965], [252826],1.0.1906
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER|CARTURL, En quarantaine, [965], [261796],1.0.1906
PUP.Optional.SystemHealer, HKU\S-1-5-21-1817580383-1317029755-1127610557-500\SOFTWARE\SYSTEM HEALER|SUPPORTPAGE, En quarantaine, [965], [252826],1.0.1906
PUP.Optional.Conduit, HKU\S-1-5-21-1817580383-1317029755-1127610557-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DEDDEE94-6A63-4F71-82D9-96B379CB641B}|SUGGESTIONSURL_JSON, En quarantaine, [563], [236867],1.0.1906
PUP.Optional.Conduit, HKU\S-1-5-21-1817580383-1317029755-1127610557-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DEDDEE94-6A63-4F71-82D9-96B379CB641B}|URL, En quarantaine, [563], [236865],1.0.1906
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{157f284c}|1, En quarantaine, [28], [260250],1.0.1906
Données du registre: 11
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4305725e-f403-4f58-947a-4703c11a4d1b}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4305725e-f403-4f58-947a-4703c11a4d1b}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4d0f7fd9-d0af-42cf-9080-5b1196abd89f}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4d0f7fd9-d0af-42cf-9080-5b1196abd89f}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{75a896d7-422f-4df6-b95a-a7a2c2603649}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{75a896d7-422f-4df6-b95a-a7a2c2603649}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aae812a5-844f-4309-8c15-1ec4a40b9553}|NameServer, Remplacé, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{aae812a5-844f-4309-8c15-1ec4a40b9553}|DhcpNameServer, Remplacé, [28], [-1],0.0.0
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 0
(Aucun élément malveillant détecté)
Fichier: 6
PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, En quarantaine, [51], [-1],0.0.0
PUP.Optional.WinYahoo, C:\USERS\PRO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\WINCY.ICO, En quarantaine, [88], [246865],1.0.1906
PUP.Optional.Pakilan, C:\USERS\PRO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\GO_PALIKAN.ICO, En quarantaine, [12905], [246369],1.0.1906
PUP.Optional.Palikan, C:\USERS\PRO\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En quarantaine, [1709], [255721],1.0.1906
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS_MIGRATED\ByteFence, En quarantaine, [616], [391769],1.0.1906
PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS_MIGRATED\ByteFence Scan, En quarantaine, [616], [391769],1.0.1906
Secteur physique: 0
(Aucun élément malveillant détecté)
(end)