Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 21/05/2016
Heure de l'analyse: 01:49
Fichier journal: exam malwarebytes.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.05.20.08
Base de données de rootkits: v2016.05.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Thibaut
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 392400
Temps écoulé: 26 min, 41 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 3
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [d058dbfdb2e7fc3ac52f60f1e51db050],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, , [d058dbfdb2e7fc3ac52f60f1e51db050],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D181FE83}, , [9a8e9b3d6b2e78be8b3491454cb7c040],
Valeurs du Registre: 5
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{d181fe83}|1, 1458227415, , [9a8e9b3d6b2e78be8b3491454cb7c040]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{bf97633a-1bab-4b29-a33a-af8447efdd7e}|NameServer, 82.163.142.7 95.211.158.134, , [8b9d30a876235fd74067ffd7be45a060]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{c0459912-802e-4847-9ebd-4af00f5b8f0e}|NameServer, 82.163.142.7 95.211.158.134, , [899f37a16b2e7db9b2f5379f36cde31d]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{e1d101d0-5198-4689-8356-0776ac11fdad}|NameServer, 82.163.142.7 95.211.158.134, , [67c19a3eddbc290dbdea12c409fa7c84]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{ef3275c1-2d1a-47d9-a05f-42ab41654489}|NameServer, 82.163.142.7 95.211.158.134, , [85a310c818811e18ccdb1fb731d20df3]
Données du Registre: 1
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Bon : (8.8.8.8), Mauvais : (82.163.142.7 95.211.158.134),,[a4845385930652e43ef9aea1c044b34d]
Dossiers: 4
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.OneSafePCCleaner, C:\Users\Thibaut\Documents\OneSafe PC Cleaner, , [43e53f991980bf77f1b765353bc74bb5],
Fichiers: 40
PUP.Optional.DailyWiki, C:\Users\Thibaut\AppData\Roaming\ZHP\Quarantine\DailyWiki.5.2.0tr.exe, , [43e54f89079266d07ecc6705857c52ae],
PUP.Optional.InstallCore, C:\Users\Thibaut\AppData\Roaming\ZHP\Quarantine\ICReinstall_installcore, , [0c1ccb0d574283b302b0df477789bb45],
PUP.Optional.InstallCore, C:\Users\Thibaut\AppData\Local\Temp\VhA83wR\1\installcore, , [84a4be1af2a7fa3c981abd69f50b12ee],
PUP.Optional.OneSystemCare, C:\Users\Thibaut\AppData\Local\Temp\VhA83wR\251\OneSystemCare.exe, , [9d8bcc0cc6d31422278b633321e024dc],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\config.ini, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\everything.dll, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\everything.exe, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\helper.dll, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\Patch.dll, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\SearchBase.exe, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\uninst.exe, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search\bing.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search\google.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search\search_config.ini, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search\SFK.ini, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search\SFKEX.ini, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\net_search\yahoo.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\bing.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\caret.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\FileListItem.xml, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\FileListItem_bing.xml, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\FileListItem_google.xml, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\frame.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\frame2.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\google.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\guide.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\icon_search.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\mainpanel.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\MainPannel.xml, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\panel_base.xml, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\search_content_list.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\WndMask.xml, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.Everything, C:\Users\Thibaut\AppData\Everything\skin\yahoo.png, , [d1576c6cfd9c3cfa1133364ad033af51],
PUP.Optional.UTop, C:\Users\Thibaut\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, , [ad7bffd93c5db086d189fcd4828124dc],
PUP.Optional.UTop, C:\Users\Thibaut\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, , [29ff38a05247d1655dfdaa2658aba858],
PUP.Optional.Yontoo, C:\Users\Thibaut\AppData\Roaming\Mozilla\Firefox\Profiles\5fyuq26f.default\extensions\{1e5a3a42-3eec-4940-b277-f29e9d2514dd}.xpi, , [78b01cbc0a8f4beb6faef1e0b44fba46],
PUP.Optional.OneSafePCCleaner, C:\Users\Thibaut\Documents\OneSafe PC Cleaner\CookieExclusions.txt, , [43e53f991980bf77f1b765353bc74bb5],
PUP.Optional.OneSafePCCleaner, C:\Users\Thibaut\Documents\OneSafe PC Cleaner\img1.png, , [43e53f991980bf77f1b765353bc74bb5],
PUP.Optional.OneSafePCCleaner, C:\Users\Thibaut\Documents\OneSafe PC Cleaner\img2.png, , [43e53f991980bf77f1b765353bc74bb5],
PUM.Optional.FireFoxSearchOverride, C:\Users\Thibaut\AppData\Roaming\Mozilla\Firefox\Profiles\5fyuq26f.default\user.js, , [f335e6f28019c67053c8d39c7094649c],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)