Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 26/02/2017
Heure de l'analyse: 12:32
Fichier journal: diag.txt
Administrateur: Oui
Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.12.12.13
Base de données de rootkits: v2016.11.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 7
Processeur: x64
Système de fichiers: NTFS
Utilisateur: soukaina
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 325588
Temps écoulé: 27 min, 36 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 2
PUP.Optional.Ludashi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ComputerZLock, En quarantaine, [c3bad90da3f744f2dc2bcac09c64cc34],
PUP.Optional.Ludashi, HKU\S-1-5-21-3829267294-2102208263-1934626409-1000\SOFTWARE\LUDASHI, En quarantaine, [b1cc0dd91f7b61d57c2aed9e1ae6af51],
Valeurs du Registre: 3
PUP.Optional.Hao123, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.hao123.com/?tn=97634001_hao_pg, En quarantaine, [9fdee0069406a591ea53b5c6ec178f71]
PUP.Optional.Ludashi, HKU\S-1-5-21-3829267294-2102208263-1934626409-1000\SOFTWARE\LUDASHI|360lock, 0, En quarantaine, [b1cc0dd91f7b61d57c2aed9e1ae6af51]
PUP.Optional.Hao123, HKU\S-1-5-21-3829267294-2102208263-1934626409-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.hao123.com/?tn=97634001_hao_pg, En quarantaine, [e79638ae7d1df541eb51e09b9e655fa1]
Données du Registre: 0
(Aucun élément malveillant détecté)
Dossiers: 8
PUP.Optional.LockHomepage, C:\Users\soukaina\AppData\Roaming\lockhomepage, En quarantaine, [522b35b1b2e8ad89f737bf4141bf966a],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi, Supprimer au redémarrage, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\apk, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\mobile, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant, Supprimer au redémarrage, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI, Supprimer au redémarrage, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
Fichiers: 35
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\360bizhi\wallpaperhelper\ComputerZLock_x64.sys, En quarantaine, [c3bad90da3f744f2dc2bcac09c64cc34],
PUP.Optional.LockHomepage, C:\Users\soukaina\AppData\Roaming\lockhomepage\game.json, En quarantaine, [522b35b1b2e8ad89f737bf4141bf966a],
PUP.Optional.LockHomepage, C:\Users\soukaina\AppData\Roaming\lockhomepage\LockHomePage.ini, En quarantaine, [522b35b1b2e8ad89f737bf4141bf966a],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\ComputerZ.set, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\deviceid.ini, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\deviceidcache.ini, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\invalidhp.dat, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\wlist.db, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\apk\mobiledevicesrvcache_bizhi.dat, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\360Base.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\360Base64.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\360emu.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\aapt.exe, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\LDSGameAssistant.exe, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\360net.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\360NetBase.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\360P2SP.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\LiveUpd360.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\PDown.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\SoftMgrInst.exe, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\DownloadUI.xml, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\close.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\iconshadow.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\installing.gif, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\logo.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\minimize.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\pause.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\progress.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\resume.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\retry.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\shadow.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.search.searchengine.sp", "http://www.trotux.com/search/?from=icb&q={searchTerms}&type=sp&uid=WDCXWD10JPCX-24UE4T0_WD-WX81E73FKFM4FKFM4&z=d33f95e033c008bc33a8964g3z0m2mct8g8tdw5b5t");), Remplacé,[89f43aac8515ed49e50fa49545bb14ec]
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (e);
user_pref("browser.cache.disk.smart_size.use_old_max", false);
user_pref("browser.cache.frecency_experiment", 2);
user_pref("browser.customizemode.tip0.shown", true);
user_pref("browser.download), Remplacé,[760708de8812171fb73d59e0639d35cb]
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (he.disk.filesystem_reported", 1);
user_pref("browser), Remplacé,[6617d90d1b7fab8b44b01c1d926e8a76]
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (pref("browser.cache.disk.smart_size.use_old_max", false);
user_pref("browser.cache.frecency_experiment", 2);
user_pref("browser.customizemode.tip0.shown", true);
user_pr), Remplacé,[3d4020c6e2b8be785d9757e2aa56758b]
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 26/02/2017
Heure de l'analyse: 12:32
Fichier journal: diag.txt
Administrateur: Oui
Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.12.12.13
Base de données de rootkits: v2016.11.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 7
Processeur: x64
Système de fichiers: NTFS
Utilisateur: soukaina
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 325588
Temps écoulé: 27 min, 36 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 2
PUP.Optional.Ludashi, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ComputerZLock, En quarantaine, [c3bad90da3f744f2dc2bcac09c64cc34],
PUP.Optional.Ludashi, HKU\S-1-5-21-3829267294-2102208263-1934626409-1000\SOFTWARE\LUDASHI, En quarantaine, [b1cc0dd91f7b61d57c2aed9e1ae6af51],
Valeurs du Registre: 3
PUP.Optional.Hao123, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.hao123.com/?tn=97634001_hao_pg, En quarantaine, [9fdee0069406a591ea53b5c6ec178f71]
PUP.Optional.Ludashi, HKU\S-1-5-21-3829267294-2102208263-1934626409-1000\SOFTWARE\LUDASHI|360lock, 0, En quarantaine, [b1cc0dd91f7b61d57c2aed9e1ae6af51]
PUP.Optional.Hao123, HKU\S-1-5-21-3829267294-2102208263-1934626409-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.hao123.com/?tn=97634001_hao_pg, En quarantaine, [e79638ae7d1df541eb51e09b9e655fa1]
Données du Registre: 0
(Aucun élément malveillant détecté)
Dossiers: 8
PUP.Optional.LockHomepage, C:\Users\soukaina\AppData\Roaming\lockhomepage, En quarantaine, [522b35b1b2e8ad89f737bf4141bf966a],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi, Supprimer au redémarrage, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\apk, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\mobile, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant, Supprimer au redémarrage, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI, Supprimer au redémarrage, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
Fichiers: 35
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\360bizhi\wallpaperhelper\ComputerZLock_x64.sys, En quarantaine, [c3bad90da3f744f2dc2bcac09c64cc34],
PUP.Optional.LockHomepage, C:\Users\soukaina\AppData\Roaming\lockhomepage\game.json, En quarantaine, [522b35b1b2e8ad89f737bf4141bf966a],
PUP.Optional.LockHomepage, C:\Users\soukaina\AppData\Roaming\lockhomepage\LockHomePage.ini, En quarantaine, [522b35b1b2e8ad89f737bf4141bf966a],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\ComputerZ.set, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\deviceid.ini, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\deviceidcache.ini, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\invalidhp.dat, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\wlist.db, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\Ludashi\apk\mobiledevicesrvcache_bizhi.dat, En quarantaine, [1b6219cd7e1c181e1cdfdcad748c46ba],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\360Base.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\360Base64.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\360emu.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\aapt.exe, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\LDSGameAssistant.exe, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\360net.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\360NetBase.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\360P2SP.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\LiveUpd360.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\PDown.dll, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\softmgr\SoftMgrInst.exe, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\DownloadUI.xml, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\close.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\iconshadow.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\installing.gif, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\logo.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\minimize.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\pause.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\progress.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\resume.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\retry.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Ludashi, C:\Users\soukaina\AppData\Roaming\LDSGameAssistant\UI\Download\shadow.png, En quarantaine, [621bfde9415947ef494c8c1622de23dd],
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.search.searchengine.sp", "http://www.trotux.com/search/?from=icb&q={searchTerms}&type=sp&uid=WDCXWD10JPCX-24UE4T0_WD-WX81E73FKFM4FKFM4&z=d33f95e033c008bc33a8964g3z0m2mct8g8tdw5b5t");), Remplacé,[89f43aac8515ed49e50fa49545bb14ec]
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (e);
user_pref("browser.cache.disk.smart_size.use_old_max", false);
user_pref("browser.cache.frecency_experiment", 2);
user_pref("browser.customizemode.tip0.shown", true);
user_pref("browser.download), Remplacé,[760708de8812171fb73d59e0639d35cb]
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (he.disk.filesystem_reported", 1);
user_pref("browser), Remplacé,[6617d90d1b7fab8b44b01c1d926e8a76]
PUP.Optional.Trotux, C:\Users\soukaina\AppData\Roaming\Profiles\Vabuph.default\prefs.js, Bon : (), Mauvais : (pref("browser.cache.disk.smart_size.use_old_max", false);
user_pref("browser.cache.frecency_experiment", 2);
user_pref("browser.customizemode.tip0.shown", true);
user_pr), Remplacé,[3d4020c6e2b8be785d9757e2aa56758b]
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)