Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 21/04/2014 Heure de l'examen: 23:49:04 Fichier journal: Administrateur: Oui Version: 2.00.1.1004 Base de données Malveillants: v2014.04.21.07 Base de données Rootkits: v2014.03.27.01 Licence: Premium Protection contre les malveillants: Activé(e) Protection contre les sites Web malveillants: Activé(e) Chameleon: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Mahdid Type d'examen: Examen "Menaces" Résultat: Annulé Objets analysés: 47614 Temps écoulé: 5 min, 27 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Shuriken: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 3 Adware.Adpeak, C:\Program Files\003\nuttkoqiez64.exe, 4684, Supprimé-au-redémarrage, [e11adf4d4a31e94dd966f32c08fcb24e] PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, 2256, Supprimé-au-redémarrage, [42b92b015328191d628528dab74a3ec2] PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, 4948, Supprimé-au-redémarrage, [42b92b015328191d628528dab74a3ec2] Modules: 0 (No malicious items detected) Clés du Registre: 20 Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nuttkoqiez64, Mis en quarantaine, [e11adf4d4a31e94dd966f32c08fcb24e], PUP.Optional.Iminent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SProtection, Mis en quarantaine, [42b92b015328191d628528dab74a3ec2], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, Mis en quarantaine, [05f66ebe116a290dc704958312f00cf4], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, Mis en quarantaine, [05f66ebe116a290dc704958312f00cf4], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15], PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{17734227-EAAA-4C5E-9AA3-036AD981B3A6}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8C973B84-E6DA-49D8-B786-9C93C2E587F5}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8C973B84-E6DA-49D8-B786-9C93C2E587F5}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{17734227-EAAA-4C5E-9AA3-036AD981B3A6}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{23AF19F7-1D5B-442C-B14C-3D1081953C94}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Mis en quarantaine, [2dce54d87704ce6863cdc18c03ff3bc5], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Mis en quarantaine, [906b0e1e2556f83e959c4c014cb63fc1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [c3381e0e81fa191d497c70dc5ea45aa6], PUP.Optional.BubbleDock.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Bubble Dock, Mis en quarantaine, [817ae4484536c2745c5065d0956c7d83], Valeurs du Registre: 2 PUP.Optional.Iminent.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [c3381e0e81fa191d497c70dc5ea45aa6], PUP.Optional.Iminent.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [3bc0d05c700b42f45e67103c2ad828d8], Données du Registre: 0 (No malicious items detected) Dossiers: 0 (No malicious items detected) Fichiers: 8 Adware.Adpeak, C:\Program Files\003\nuttkoqiez64.exe, Supprimé-au-redémarrage, [e11adf4d4a31e94dd966f32c08fcb24e], PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, Supprimé-au-redémarrage, [42b92b015328191d628528dab74a3ec2], PUP.Optional.AdPeak.A, C:\Program Files (x86)\SupraSavings\2rs3.dll, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15], PUP.Optional.BubbleDock.A, C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759], PUP.Optional.BubbleDock.A, C:\Users\Mahdid\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock Update.exe, Mis en quarantaine, [4eadef3deb906ec897153df8b74a01ff], PUP.Optional.BubbleDock.A, C:\Users\Mahdid\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe, Mis en quarantaine, [817ae4484536c2745c5065d0956c7d83], PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Mis en quarantaine, [af4c38f488f30234fa78ac91e41c37c9], PUP.Optional.SupraSavings.A, C:\temp\t.msi, Mis en quarantaine, [e5161913adce7bbbe808e4398a7a06fa], Secteurs physiques: 0 (No malicious items detected) (end)