cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 02/10/2019
Heure de l'analyse: 16:46
Fichier journal: b061e36a-e4e8-11e9-9caf-448a5b8a8463.json

-Informations du logiciel-
Version: 3.8.3.2965
Version de composants: 1.0.627
Version de pack de mise à jour: 1.0.12731
Licence: Gratuit

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: mimy-PC\mimy

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 249034
Menaces détectées: 72
Menaces mises en quarantaine: 72
Temps écoulé: 2 min, 48 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 21
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [2954], [260247],1.0.12731
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\AppoxinloK.exe, En quarantaine, [844], [629221],1.0.12731
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\83D53E60-330B-74AD-A01F-731408CFB2F5, En quarantaine, [3754], [702566],1.0.12731
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FFA52BCA-7FE6-4552-B97D-1B62560FE3FC}, En quarantaine, [3754], [702566],1.0.12731
Adware.Adposhel.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{FFA52BCA-7FE6-4552-B97D-1B62560FE3FC}, En quarantaine, [3754], [702566],1.0.12731
Adware.NetAdapter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NATIVEDESKTOPMEDIASERVICE, En quarantaine, [1068], [683133],1.0.12731
PUP.Optional.PCVARK, HKLM\SOFTWARE\QWRyb2l0IFN5c3RlbSBDYXJl, En quarantaine, [475], [702107],1.0.12731
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [2954], [260247],1.0.12731
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\bestavicampaign563, En quarantaine, [479], [584322],1.0.12731
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, En quarantaine, [479], [518478],1.0.12731
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, En quarantaine, [479], [518476],1.0.12731
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtAppoxinloK, En quarantaine, [844], [629224],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{C423C7AF-EB8A-4B06-917F-732063CC037C}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5002D3F9-4D47-474B-BC88-92A76D1ED86F}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5002D3F9-4D47-474B-BC88-92A76D1ED86F}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{099A689E-7640-4B7A-B473-FCCD4AF93244}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3EB54183-F7E0-4017-ACE7-4D108D669599}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{3EB54183-F7E0-4017-ACE7-4D108D669599}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{067E1A8D-4D45-47C0-A2DB-BE66DB28F7B2}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5567AB30-8015-4187-A720-560BDC82A2BA}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{5567AB30-8015-4187-A720-560BDC82A2BA}, En quarantaine, [1068], [683129],1.0.12731

Valeur du registre: 8
Adware.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [844], [-1],0.0.0
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, En quarantaine, [844], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-2029272635-3143883451-3429156010-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, En quarantaine, [862], [259988],1.0.12731
Adware.NetAdapter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NATIVEDESKTOPMEDIASERVICE|IMAGEPATH, En quarantaine, [1068], [683133],1.0.12731
Adware.NetAdapter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{22B53ED4-E30B-4D09-B19D-85BC40F41299}, En quarantaine, [1068], [683134],1.0.12731
Adware.NetAdapter, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{26F49244-CDF2-40F8-8555-A9A66C97030F}, En quarantaine, [1068], [683134],1.0.12731
Rootkit.Agent, HKLM\SOFTWARE\MICROSOFT|MSVER1, En quarantaine, [448], [678869],1.0.12731
PUM.Optional.MSExclusion, HKLM\SOFTWARE\MICROSOFT\WINDOWS DEFENDER\EXCLUSIONS\PATHS|C:\WINDOWS\SYSWOW64\EKUDRPCY, En quarantaine, [7041], [692398],1.0.12731

Données du registre: 14
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{04FFBECE-D42E-4306-83B6-DD8B979F6741}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0D97A994-79E8-4C11-981C-A1BB6E95CE95}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{52EBE0C2-CA77-4B97-BBC9-A048423CACAA}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7361F937-C506-4ED0-817F-0C2DD71149AD}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{792FC989-3E63-4325-9ED8-CF54E2C365D6}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8E224690-52F7-49F2-9DF7-A6E4CF68FC06}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B822C819-4A62-47D3-8466-41B300C5128A}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B822C819-4A62-47D3-8466-41B300C5128A}|DhcpNameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{BAF9A6B5-0E32-4390-9B34-1F3AF40718A7}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C4A3051D-5DD2-4E31-98E6-CEE959083437}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{D99CFC29-2E28-4A45-AA38-F5BC84AFF16F}|NameServer, Remplacé, [2954], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{F0771BB5-08E7-4E82-93D0-157E6571D22E}|NameServer, Remplacé, [2954], [-1],0.0.0

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 4
Adware.Adposhel.Generic, C:\PROGRAMDATA\7C04BC5C-32E8-7449-8EDE-864C56CE3F45, En quarantaine, [3754], [702566],1.0.12731
Adware.Csdimonetize, C:\PROGRAM FILES (X86)\TOGTOG, En quarantaine, [2927], [631610],1.0.12731
PUP.Optional.WhiteClick, C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WhiteClick\v4.0_3.0.0.0__57272e7a64c25751, En quarantaine, [3689], [674071],1.0.12731
PUP.Optional.WhiteClick, C:\WINDOWS\MICROSOFT.NET\ASSEMBLY\GAC_MSIL\WHITECLICK, En quarantaine, [3689], [674071],1.0.12731

Fichier: 25
Adware.Linkury.Generic, C:\USERS\MIMY\APPDATA\LOCAL\SHAM.DB, En quarantaine, [3743], [516191],1.0.12731
Adware.Linkury.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\SHAM.DB, En quarantaine, [3743], [516189],1.0.12731
Adware.Adposhel.Generic, C:\WINDOWS\SYSTEM32\TASKS\83D53E60-330B-74AD-A01F-731408CFB2F5, En quarantaine, [3754], [702566],1.0.12731
Adware.Adposhel.Generic, C:\PROGRAMDATA\7C04BC5C-32E8-7449-8EDE-864C56CE3F45\{BBE8FD4E-3259-443A-1241-ECC7B1007330}, En quarantaine, [3754], [702566],1.0.12731
Adware.Linkury, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\installer.dat, En quarantaine, [393], [715618],1.0.12731
Adware.Linkury, C:\USERS\MIMY\APPDATA\LOCAL\installer.dat, En quarantaine, [393], [715618],1.0.12731
Adware.Csdimonetize, C:\Program Files (x86)\TogTog\496101999.exe.config, En quarantaine, [2927], [631610],1.0.12731
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, En quarantaine, [14698], [444922],1.0.12731
Adware.NetAdapter, C:\WINDOWS\SYSTEM32\TASKS\{C423C7AF-EB8A-4B06-917F-732063CC037C}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, C:\WINDOWS\SYSTEM32\TASKS\{099A689E-7640-4B7A-B473-FCCD4AF93244}, En quarantaine, [1068], [683129],1.0.12731
Adware.NetAdapter, C:\WINDOWS\SYSTEM32\TASKS\{067E1A8D-4D45-47C0-A2DB-BE66DB28F7B2}, En quarantaine, [1068], [683129],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\1007090221584837924\DESKTOP_MEDIA_SERVICE.EXE, En quarantaine, [499], [714582],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\1007090221584837924\WATCHDOG.EXE, En quarantaine, [499], [714589],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\6006932095928748539\WATCHDOG.EXE, En quarantaine, [499], [689623],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\6006932095928748539\DESKTOP_MEDIA_SERVICE.EXE, En quarantaine, [499], [689760],1.0.12731
Generic.Malware/Suspicious, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE15___O0EUIM951Y1V56.EXE, En quarantaine, [0], [392686],1.0.12731
Adware.Agent, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE12___271A.TMP.EXE, En quarantaine, [93], [561867],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE16___ONESYSTEMCARE.EXE, En quarantaine, [499], [630303],1.0.12731
Adware.Csdimonetize, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE17___SPEEDYCAR.EXE, En quarantaine, [2927], [631606],1.0.12731
Trojan.MalPack, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE19___TSTP.EXE, En quarantaine, [564], [641164],1.0.12731
Trojan.MalPack, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE13___BRWFLF.EXE, En quarantaine, [564], [641164],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPFIX\FILE\FILE14___FASTDATAX.EXE, En quarantaine, [499], [632068],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\LOCAL\TEMP\{61DF86AC-091B-8AB8-143C-5A0E95BF1E5A}\NA.EXE, En quarantaine, [499], [688270],1.0.12731
Adware.Adposhel, C:\USERS\MIMY\APPDATA\LOCAL\TEMP\{F08B3A3E-8BDA-3DE5-D785-C755FFFDFBF1}\NA.EXE, En quarantaine, [499], [714605],1.0.12731
Adware.WhiteClick, C:\WINDOWS\ASSEMBLY\TEMP\9GH3PUXDOU\WHITECLICK.DLL, En quarantaine, [1257], [556015],1.0.12731

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité