Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 24/04/2014 Heure de l'examen: 22:24:05 Fichier journal: Administrateur: Oui Version: 2.00.1.1004 Base de données Malveillants: v2014.03.04.09 Base de données Rootkits: v2014.03.27.01 Licence: Essai Protection contre les malveillants: Activé(e) Protection contre les sites Web malveillants: Activé(e) Chameleon: Désactivé(e) Système d'exploitation: Windows XP Service Pack 3 Processeur: x86 Système de fichiers: NTFS Utilisateur: ateliers du bocage Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 294443 Temps écoulé: 38 min, 51 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Shuriken: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 8 PUP.Optional.Datamngr.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}, , [718fc23e7789de2258cbe067da28de22], PUP.Optional.Datamngr.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F34C9277-6577-4DFF-B2D7-7D58092F272F}, , [db258b757d836e929f8565e29a688c74], PUP.Optional.Pricora.A, HKLM\SOFTWARE\Pricora 1.1, , [7b8559a74ab6ee126bda1a755ea4d12f], PUP.Optional.Pricora.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Pricora 1.1, , [90706e9257a94cb4222495fafc060bf5], PUP.Optional.Pricora.A, HKU\S-1-5-21-515967899-562591055-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Pricora 1.1, , [51af55ab0ff19d63380e315ec43eed13], PUP.Optional.CrossRider.A, HKU\S-1-5-21-515967899-562591055-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [9b65c04028d8f50b10ac0c9f7d86817f], PUP.Optional.Pricora.A, HKU\S-1-5-21-515967899-562591055-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Pricora 1.1, , [0af6be4211ef926eeb5b008f02000af6], PUP.Optional.CrossRider.A, HKU\S-1-5-21-515967899-562591055-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [02fe7e827e8219e7625a8328fa096d93], Valeurs du Registre: 2 PUP.Optional.CrossRider.A, HKU\S-1-5-21-515967899-562591055-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, ffff97918aa25b5767a8bf4faf95f2cd, , [9b65c04028d8f50b10ac0c9f7d86817f] PUP.Optional.CrossRider.A, HKU\S-1-5-21-515967899-562591055-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, ffff97918aa25b5767a8bf4faf95f2cd, , [02fe7e827e8219e7625a8328fa096d93] Données du Registre: 0 (No malicious items detected) Dossiers: 1 PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1, , [718f8b75619f6b952cc7c7c205fd55ab], Fichiers: 23 Trojan.Banker.Kreapixel, C:\Documents and Settings\ateliers du bocage\Application Data\~dowkeiy.exe, , [13ed9b65d52b17e92373b0ceba47c43c], Trojan.Banker.Kreapixel, C:\Documents and Settings\ateliers du bocage\Application Data\~ggdhttk.exe, , [9a662fd114ec79870e8880fe26db8b75], Trojan.Banker.Kreapixel, C:\Documents and Settings\ateliers du bocage\Application Data\~wwwdixg.exe, , [fb0514ecea1616ea6d29fb83659cc937], Trojan.ELEX, C:\Documents and Settings\ateliers du bocage\Mes documents\Downloads\yet_another_cleaner_reh (1).exe, , [7f81ba462dd3956b92568ffab15015eb], Trojan.ELEX, C:\Documents and Settings\ateliers du bocage\Mes documents\Downloads\yet_another_cleaner_reh (2).exe, , [b34d20e03fc1ac543aae3455926f7090], Trojan.ELEX, C:\Documents and Settings\ateliers du bocage\Mes documents\Downloads\yet_another_cleaner_reh (3).exe, , [c33db24e5aa668983cac0c7dd0317789], Trojan.ELEX, C:\Documents and Settings\ateliers du bocage\Mes documents\Downloads\yet_another_cleaner_reh (4).exe, , [fe0200007d83c93727c1ed9ce41de719], Trojan.ELEX, C:\Documents and Settings\ateliers du bocage\Mes documents\Downloads\yet_another_cleaner_reh (5).exe, , [fd032dd3e41c08f8e4048efb0ff27888], Trojan.ELEX, C:\Documents and Settings\ateliers du bocage\Mes documents\Downloads\yet_another_cleaner_reh.exe, , [07f932ce936d9868a543d7b2eb16a759], Trojan.Dropper.MST, C:\Documents and Settings\ateliers du bocage\Local Settings\Application Datatransition_d70dc5294a7154f3780d9e22eec8c8ef.ini, , [5da341bf53ad629e215bdbb5fe0456aa], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\131d9d6f-f780-4ee4-9650-d0a71410e93b-2.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\131d9d6f-f780-4ee4-9650-d0a71410e93b-3.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\131d9d6f-f780-4ee4-9650-d0a71410e93b-4.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\131d9d6f-f780-4ee4-9650-d0a71410e93b-5.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\35497.crx, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\35497.xpi, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\background.html, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\Pricora 1.1-bg.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\Pricora 1.1-bho.dll, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\Pricora 1.1-codedownloader.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\Pricora 1.1.ico, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\Uninstall.exe, , [718f8b75619f6b952cc7c7c205fd55ab], PUP.Optional.Pricora.A, C:\Program Files\Pricora 1.1\utils.exe, , [718f8b75619f6b952cc7c7c205fd55ab], Secteurs physiques: 0 (No malicious items detected) (end)