cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 09/04/2019
Heure de l'analyse: 13:56
Fichier journal: 71fe31e6-5abe-11e9-8e68-002421db1e30.json

-Informations du logiciel-
Version: 3.7.1.2839
Version de composants: 1.0.563
Version de pack de mise à jour: 1.0.10066
Licence: Essai

-Informations système-
Système d'exploitation: Windows 10 (Build 17763.379)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: claude-PC\claude

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 361038
Menaces détectées: 44
Menaces mises en quarantaine: 44
Temps écoulé: 29 min, 46 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 20
Trojan.Agent.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [3703], [353484],1.0.10066
Trojan.Agent.E, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, En quarantaine, [3703], [353484],1.0.10066
PUP.Optional.Pakilan, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, En quarantaine, [2459], [186516],1.0.10066
PUP.Optional.Pakilan, HKU\S-1-5-21-3076573596-196789805-4040178887-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\LJIBKIGJCCBEGNBEOJKOAFEJPOIACHEJ, En quarantaine, [2459], [186516],1.0.10066
PUP.Optional.Pakilan, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ljibkigjccbegnbeojkoafejpoiachej, En quarantaine, [2459], [186516],1.0.10066
Trojan.Agent.Trace, HKU\S-1-5-21-3076573596-196789805-4040178887-1000\SOFTWARE\VB AND VBA PROGRAM SETTINGS\SrvID, En quarantaine, [3516], [248432],1.0.10066
PUP.Optional.VideoAdBlocker.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BKNBNAPADDJDNBILPMLACDKJDKJMBJHD, En quarantaine, [2156], [307228],1.0.10066
PUP.Optional.VideoAdBlocker.ChrPRST, HKU\S-1-5-21-3076573596-196789805-4040178887-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bknbnapaddjdnbilpmlacdkjdkjmbjhd, En quarantaine, [2156], [307228],1.0.10066
PUP.Optional.WordAnchor, HKLM\SOFTWARE\WOW6432NODE\WordAnchor_1.10.0.20, En quarantaine, [722], [245076],1.0.10066
PUP.Optional.InstallCore, HKU\S-1-5-21-3076573596-196789805-4040178887-1000\SOFTWARE\ICSW1.14, En quarantaine, [427], [239562],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{221D13C7-05AE-412C-9CE2-FF1E7B13F195}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{403EE2E6-904E-45C1-BED1-2917021C8E5A}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{506DE271-571D-4AFB-B4C1-03C84BD622C4}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{513EB2BD-68EC-4B14-9D95-7536C9CFBD2E}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{547CEE74-984B-49FF-8AC4-90731700C917}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5EBCD524-89C8-4717-8D84-7A65188AF1C8}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6A817CDF-AFA5-4FAD-BBE6-70C873C0B312}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{78A64EDB-5605-42B6-8293-6B4A6744B222}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7D21FC54-0D08-4564-8835-3A5745E8746B}, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FormatFactory, En quarantaine, [427], [387418],1.0.10066

Valeur du registre: 10
PUP.Optional.PredictAd, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|SUPPORT@PREDICTAD.COM, En quarantaine, [1804], [246733],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{221D13C7-05AE-412C-9CE2-FF1E7B13F195}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{403EE2E6-904E-45C1-BED1-2917021C8E5A}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{506DE271-571D-4AFB-B4C1-03C84BD622C4}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{513EB2BD-68EC-4B14-9D95-7536C9CFBD2E}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{547CEE74-984B-49FF-8AC4-90731700C917}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5EBCD524-89C8-4717-8D84-7A65188AF1C8}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6A817CDF-AFA5-4FAD-BBE6-70C873C0B312}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{78A64EDB-5605-42B6-8293-6B4A6744B222}|PATH, En quarantaine, [432], [259199],1.0.10066
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7D21FC54-0D08-4564-8835-3A5745E8746B}|PATH, En quarantaine, [432], [259199],1.0.10066

Données du registre: 1
PUM.Optional.DisableTaskMgr, HKU\S-1-5-21-3076573596-196789805-4040178887-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DISABLETASKMGR, Remplacé, [13270], [293320],1.0.10066

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 0
(Aucun élément malveillant détecté)

Fichier: 13
PUP.Optional.Pakilan, C:\USERS\CLAUDE\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\GO_PALIKAN.ICO, En quarantaine, [2459], [246369],1.0.10066
PUP.Optional.Palikan, C:\USERS\CLAUDE\APPDATA\LOCALLOW\MICROSOFT\INTERNET EXPLORER\SERVICES\PALIKAN.ICO, En quarantaine, [334], [255721],1.0.10066
Trojan.Agent.E, C:\USERS\CLAUDE\APPDATA\ROAMING\svchost.exe, En quarantaine, [3703], [353484],1.0.10066
PUM.Optional.FireFoxSecurityOverride, C:\USERS\CLAUDE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IKXHJFN9.DEFAULT\USER.JS, En quarantaine, [14583], [302435],1.0.10066
PUP.Optional.NeroTuneItUp, C:\USERS\CLAUDE\APPDATA\ROAMING\NERO\NEROINSTALLER\2019-NBRTRIAL\FILES\NERO_TUNEITUP_FREE_2.8.0.84_SETUP.EXE, En quarantaine, [6966], [452415],1.0.10066
Generic.Malware/Suspicious, C:\USERS\CLAUDE\APPDATA\ROAMING\ZHP\QUARANTINE\00000000-1426951192-0000-0000-002421DB1E30.DIR\VNSG37F3.TMP, En quarantaine, [0], [392686],1.0.10066
Generic.Malware/Suspicious, C:\USERS\CLAUDE\APPDATA\ROAMING\ZHP\QUARANTINE\00000000-1426955007-0000-0000-002421DB1E30.DIR\PNSX767C.EXE, En quarantaine, [0], [392686],1.0.10066
PUP.Optional.InstallCore, C:\PROGRAM FILES (X86)\FORMATFACTORY\UNINST.EXE, En quarantaine, [427], [387418],1.0.10066
Adware.Elex.ShrtCln, C:\USERS\CLAUDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [272], [454693],1.0.10066
Adware.Elex.ShrtCln, C:\USERS\CLAUDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [272], [454693],1.0.10066
Adware.Elex.ShrtCln, C:\USERS\CLAUDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [272], [454693],1.0.10066
Adware.Elex.ShrtCln, C:\USERS\CLAUDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Remplacé, [272], [454711],1.0.10066
Adware.Elex.ShrtCln, C:\USERS\CLAUDE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Remplacé, [272], [454711],1.0.10066

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité