Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 10/04/2019
Heure de l'analyse: 18:27
Fichier journal: 86548313-5bad-11e9-a032-00ff7a534bbf.json

-Informations du logiciel-
Version: 3.7.1.2839
Version de composants: 1.0.563
Version de pack de mise à jour: 1.0.10086
Licence: Essai

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: majid-PC\majid

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Analyse lancée par: Manuel
Résultat: Terminé
Objets analysés: 267212
Menaces détectées: 47
Menaces mises en quarantaine: 47
Temps écoulé: 29 min, 5 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Détection
PUM: Détection

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 30
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, En quarantaine, [340], [327193],1.0.10086
PUP.Optional.Reimage, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., En quarantaine, [340], [327203],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, En quarantaine, [340], [327197],1.0.10086
PUP.Optional.DriverPack, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\drp.su, En quarantaine, [546], [472298],1.0.10086
PUP.Optional.DriverPack, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, En quarantaine, [546], [472299],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, En quarantaine, [340], [327193],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, En quarantaine, [340], [327193],1.0.10086
PUP.Optional.Reimage, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\REIMAGE\PC REPAIR, En quarantaine, [340], [327204],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, En quarantaine, [340], [336077],1.0.10086
PUP.Optional.Reimage, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\Reimage, En quarantaine, [340], [357494],1.0.10086
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [211], [236865],1.0.10086
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [211], [236865],1.0.10086
PUP.Optional.Conduit, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En quarantaine, [211], [236865],1.0.10086
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU, En quarantaine, [546], [472300],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, En quarantaine, [340], [327206],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En quarantaine, [340], [332494],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En quarantaine, [340], [332494],1.0.10086
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, En quarantaine, [340], [332494],1.0.10086

Valeur du registre: 4
PUP.Optional.Reimage, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, En quarantaine, [340], [327204],1.0.10086
PUP.Optional.Conduit, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En quarantaine, [211], [236865],1.0.10086
PUP.Optional.Conduit, HKU\S-1-5-21-615469864-77158853-2971214898-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, En quarantaine, [211], [236865],1.0.10086
PUP.Optional.DriverPack, HKLM\SOFTWARE\WOW6432NODE\DRPSU|CLIENTID, En quarantaine, [546], [472300],1.0.10086

Données du registre: 0
(Aucun élément malveillant détecté)

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 0
(Aucun élément malveillant détecté)

Fichier: 13
PUP.Optional.ForcedInstalledExtensionFF, C:\USERS\MAJID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DF7SXGUV.DEFAULT-1512737111096\EXTENSIONS\{4CBEF3F0-4205-4165-8871-2844F9737602}.XPI, En quarantaine, [1725], [486482],1.0.10086
PUP.Optional.ForcedInstalledExtensionFF, C:\USERS\MAJID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5FXM2Q6T.DEFAULT\EXTENSIONS\{8886A262-1C25-490B-B797-2E750DD9F36B}.XPI, En quarantaine, [1725], [486525],1.0.10086
PUP.Optional.Conduit, C:\USERS\MAJID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IQ88W04K.DEFAULT-1519224692248\PREFS.JS, Remplacé, [211], [301520],1.0.10086
PUP.Optional.Conduit, C:\USERS\MAJID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IQ88W04K.DEFAULT-1519224692248\PREFS.JS, Remplacé, [211], [303091],1.0.10086
PUP.Optional.Reimage, C:\WINDOWS\REIMAGE.INI, En quarantaine, [340], [412667],1.0.10086
PUP.Optional.Conduit, C:\USERS\MAJID\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DF7SXGUV.DEFAULT-1512737111096\PREFS.JS, Remplacé, [211], [301520],1.0.10086
PUP.Optional.InstallCore.Generic, C:\USERS\MAJID\DOWNLOADS\BLUESTACKS_2693452520.EXE, En quarantaine, [548], [573207],1.0.10086
PUP.Optional.Reimage, C:\USERS\MAJID\DOWNLOADS\REIMAGEREPAIR.EXE, En quarantaine, [340], [331559],1.0.10086
PUP.Optional.DriverPack, C:\USERS\MAJID\DOWNLOADS\DRIVERPACK-17-ONLINE_965623494.1509902432.EXE, En quarantaine, [546], [663640],1.0.10086
PUP.Optional.DriverToolkit, C:\USERS\MAJID\DOWNLOADS\DRIVERTOOLKITINSTALLER.EXE.PART, En quarantaine, [1000], [512879],1.0.10086
PUP.Optional.DriverToolkit, C:\USERS\MAJID\DOWNLOADS\DRIVERTOOLKITINSTALLER.EXE, En quarantaine, [1000], [512879],1.0.10086
HackTool.FilePatch, C:\USERS\MAJID\DESKTOP\SONY VEGAS PRO 13\PATCH\VEGAS.PRO.13.0.(64-BIT)-PATCH.EXE, En quarantaine, [7750], [281135],1.0.10086
MachineLearning/Anomalous.94%, C:\USERS\MAJID\DESKTOP\SONY VEGAS PRO 13\SAPPHIRE OFX 6.10 CRACK [BY PUREJOKER & KHG TEAM]\PATCH\SAPPHIRE.OFX.6.10-PATCH64.EXE, En quarantaine, [0], [392687],1.0.10086

Secteur physique: 0
(Aucun élément malveillant détecté)

WMI: 0
(Aucun élément malveillant détecté)


(end)