Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 23/07/2019
Heure de l'analyse: 17:20
Fichier journal: 69e4da4a-ad5d-11e9-9137-b888e34f2b2e.json
-Informations du logiciel-
Version: 3.8.3.2965
Version de composants: 1.0.613
Version de pack de mise à jour: 1.0.11686
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10 (Build 18362.239)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-6N4RTIV\Acer
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 275583
Menaces détectées: 39
Menaces mises en quarantaine: 39
Temps écoulé: 4 min, 0 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [241], [254683],1.0.11686
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En quarantaine, [241], [254683],1.0.11686
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire0, En quarantaine, [3893], [597957],1.0.11686
PUP.Optional.PCVARK, HKLM\SOFTWARE\ZHJpdmVydG9uaWNzLmNvbQ==, En quarantaine, [468], [706567],1.0.11686
Valeur du registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [241], [254683],1.0.11686
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [241], [254683],1.0.11686
Adware.SearchEngineHijack, HKU\S-1-5-21-1788168121-4240513500-3771779065-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|cgnhhaeibaikooonokhpmolpnddcmngl, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, HKU\S-1-5-21-1788168121-4240513500-3771779065-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|lofbbniamlfkiaokmndjecfhmnekgmfl, En quarantaine, [373], [460701],1.0.11686
Données du registre: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1788168121-4240513500-3771779065-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [241], [707485],1.0.11686
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [241], [707490],1.0.11686
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 3
PUP.Optional.Segurazo, C:\USERS\ACER\APPDATA\ROAMING\SEGURAZOUNINSTALLER, En quarantaine, [1511], [711380],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl, En quarantaine, [373], [460701],1.0.11686
Fichier: 26
PUP.Optional.InstallCore.Generic, C:\$RECYCLE.BIN\S-1-5-21-1788168121-4240513500-3771779065-1001\$RFZTNSP.EXE, En quarantaine, [563], [512142],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (3).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (1).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (2).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER.EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (5).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (4).EXE, En quarantaine, [2761], [122326],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\000003.log, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\CURRENT, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\LOCK, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\LOG, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\LOG.old, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\MANIFEST-000001, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\000003.log, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\CURRENT, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\LOCK, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\LOG, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\LOG.old, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\MANIFEST-000001, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Secteur physique: 0
(Aucun élément malveillant détecté)
WMI: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.com
-Détails du journal-
Date de l'analyse: 23/07/2019
Heure de l'analyse: 17:20
Fichier journal: 69e4da4a-ad5d-11e9-9137-b888e34f2b2e.json
-Informations du logiciel-
Version: 3.8.3.2965
Version de composants: 1.0.613
Version de pack de mise à jour: 1.0.11686
Licence: Gratuit
-Informations système-
Système d'exploitation: Windows 10 (Build 18362.239)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: DESKTOP-6N4RTIV\Acer
-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 275583
Menaces détectées: 39
Menaces mises en quarantaine: 39
Temps écoulé: 4 min, 0 s
-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Détection
PUM: Détection
-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)
Module: 0
(Aucun élément malveillant détecté)
Clé du registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [241], [254683],1.0.11686
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En quarantaine, [241], [254683],1.0.11686
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire0, En quarantaine, [3893], [597957],1.0.11686
PUP.Optional.PCVARK, HKLM\SOFTWARE\ZHJpdmVydG9uaWNzLmNvbQ==, En quarantaine, [468], [706567],1.0.11686
Valeur du registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [241], [254683],1.0.11686
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [241], [254683],1.0.11686
Adware.SearchEngineHijack, HKU\S-1-5-21-1788168121-4240513500-3771779065-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|cgnhhaeibaikooonokhpmolpnddcmngl, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, HKU\S-1-5-21-1788168121-4240513500-3771779065-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|lofbbniamlfkiaokmndjecfhmnekgmfl, En quarantaine, [373], [460701],1.0.11686
Données du registre: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1788168121-4240513500-3771779065-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [241], [707485],1.0.11686
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Remplacé, [241], [707490],1.0.11686
Flux de données: 0
(Aucun élément malveillant détecté)
Dossier: 3
PUP.Optional.Segurazo, C:\USERS\ACER\APPDATA\ROAMING\SEGURAZOUNINSTALLER, En quarantaine, [1511], [711380],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl, En quarantaine, [373], [460701],1.0.11686
Fichier: 26
PUP.Optional.InstallCore.Generic, C:\$RECYCLE.BIN\S-1-5-21-1788168121-4240513500-3771779065-1001\$RFZTNSP.EXE, En quarantaine, [563], [512142],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (3).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (1).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (2).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER.EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (5).EXE, En quarantaine, [2761], [122326],1.0.11686
PUP.Optional.OneSafePCCleaner, C:\USERS\ACER\DOWNLOADS\ONESAFE_PC_CLEANER (4).EXE, En quarantaine, [2761], [122326],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\000003.log, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\CURRENT, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\LOCK, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\LOG, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\LOG.old, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\cgnhhaeibaikooonokhpmolpnddcmngl\MANIFEST-000001, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\000003.log, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\CURRENT, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\LOCK, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\LOG, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\LOG.old, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\lofbbniamlfkiaokmndjecfhmnekgmfl\MANIFEST-000001, En quarantaine, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Adware.SearchEngineHijack, C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Remplacé, [373], [460701],1.0.11686
Secteur physique: 0
(Aucun élément malveillant détecté)
WMI: 0
(Aucun élément malveillant détecté)
(end)