Emsisoft Anti-Malware - Version 2018.5
Dernière mise à jour : 01/06/2018 09:45:08
Compte utilisateur : DESKTOP-E0TVBPT\SCIERIE RAT
Nom de l'ordinateur : DESKTOP-E0TVBPT
Version du système d'exploitation : Windows 10x64 

Paramètres d'analyse :

Type d'analyse : Analyse anti-malware
Éléments : Rootkits, Mémoire, Traces, Fichiers

Détecter des PUP : Activé
Archives d'analyse : Désactivé
Analyser les e-mails archivés : Désactivé
Analyse ADS : Activé
Filtre d'extensions de fichier : Désactivé
Accès direct au disque : Désactivé

Début d'analyse :	01/06/2018 09:50:18
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVK.EXE -> DEBUGGER 	 SecHijack (A) [258385]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVKPROXY.EXE -> DEBUGGER 	 SecHijack (A) [258387]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVKTRAY.EXE -> DEBUGGER 	 SecHijack (A) [258390]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BULLGUARD.EXE -> DEBUGGER 	 SecHijack (A) [258451]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CLAMTRAY.EXE -> DEBUGGER 	 SecHijack (A) [258494]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CLAMWIN.EXE -> DEBUGGER 	 SecHijack (A) [258495]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EMLPROXY.EXE -> DEBUGGER 	 SecHijack (A) [258566]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FPAVSERVER.EXE -> DEBUGGER 	 SecHijack (A) [258606]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FPROTTRAY.EXE -> DEBUGGER 	 SecHijack (A) [258608]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FPWIN.EXE -> DEBUGGER 	 SecHijack (A) [258610]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FSSM32.EXE -> DEBUGGER 	 SecHijack (A) [258630]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GUARDXSERVICE.EXE -> DEBUGGER 	 SecHijack (A) [258656]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAM.EXE -> DEBUGGER 	 SecHijack (A) [258809]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MBAMSERVICE.EXE -> DEBUGGER 	 SecHijack (A) [258811]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPCMDRUN.EXE -> DEBUGGER 	 SecHijack (A) [258848]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSMPENG.EXE -> DEBUGGER 	 SecHijack (A) [258865]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\NBROWSER.EXE -> DEBUGGER 	 SecHijack (A) [258896]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\NPROSEC.EXE -> DEBUGGER 	 SecHijack (A) [258927]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\NVCOD.EXE -> DEBUGGER 	 SecHijack (A) [258940]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ONLINENT.EXE -> DEBUGGER 	 SecHijack (A) [258955]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\QUHLPSVC.EXE -> DEBUGGER 	 SecHijack (A) [259054]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SCANNER.EXE -> DEBUGGER 	 SecHijack (A) [259137]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SCANWSCS.EXE -> DEBUGGER 	 SecHijack (A) [259139]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE -> DEBUGGER 	 SecHijack (A) [259208]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\USERACCOUNTCONTROLSETTINGS.EXE -> DEBUGGER 	 SecHijack (A) [259317]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VIRUSUTILITIES.EXE -> DEBUGGER 	 SecHijack (A) [259337]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZANDA.EXE -> DEBUGGER 	 SecHijack (A) [259398]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ZLH.EXE -> DEBUGGER 	 SecHijack (A) [259411]
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MPUXSRV.EXE -> DEBUGGER 	 SecHijack (A) [270317]

Analysés	73075
Trouvés	29

Fin de l'analyse :	01/06/2018 09:52:15
Durée de l'analyse :	0:01:57