Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 23/05/2014
Heure de l'examen: 23:24:42
Fichier journal: mam.txt
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.05.23.12
Base de donn�es Rootkits: v2014.05.21.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Naturi
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 330261
Temps �coul�: 55 min, 42 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Cl�s du Registre: 32
PUP.Optional.WebCake.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, Mis en quarantaine, [05d3ca8a66156fc704cace94bc462bd5],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{20ECF6B1-A008-4F5D-8DC9-590BB1858888}, Mis en quarantaine, [aa2e62f2e2998caa890fbba9da28817f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\TypeLib\{33B73813-5FF0-4351-AF44-D56DAEE2E434}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F465AFA-97C8-4186-B5C3-962C1B73E404}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{43D6CCFB-3DCD-4F2C-9559-7ADB60FC5B1D}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4DEE8805-DDE1-40DC-876B-91E7EAF2B66C}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6B2C191B-D11C-4174-B159-596C6AB37635}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{77251346-4728-49BE-9368-58D35749E4E3}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{779DA3F8-10A1-45DC-88CF-70090ADEAA5F}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{980BC6E0-A90A-4D68-9C71-86D31EDA7DDB}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A5E5D514-230F-464A-8E34-EFE88216C1EC}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C0990C7C-28EE-4B1E-95B9-5468269B4EAF}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D4DFDE4F-28C6-4EA1-9F16-4F32104E7146}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F7F8BE5E-5CE0-4EEC-9FA1-16ADF668A316}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{20ECF6B1-A008-4F5D-8DC9-590BB1858888}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F465AFA-97C8-4186-B5C3-962C1B73E404}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{43D6CCFB-3DCD-4F2C-9559-7ADB60FC5B1D}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4DEE8805-DDE1-40DC-876B-91E7EAF2B66C}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6B2C191B-D11C-4174-B159-596C6AB37635}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{77251346-4728-49BE-9368-58D35749E4E3}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{779DA3F8-10A1-45DC-88CF-70090ADEAA5F}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{980BC6E0-A90A-4D68-9C71-86D31EDA7DDB}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A5E5D514-230F-464A-8E34-EFE88216C1EC}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C0990C7C-28EE-4B1E-95B9-5468269B4EAF}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D4DFDE4F-28C6-4EA1-9F16-4F32104E7146}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F7F8BE5E-5CE0-4EEC-9FA1-16ADF668A316}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{33B73813-5FF0-4351-AF44-D56DAEE2E434}, Mis en quarantaine, [2cac62f2304bc96dd4c4560eb34f48b8],
PUP.Optional.MegaBrowse.A, HKLM\SOFTWARE\WOW6432NODE\Mega Browse, Mis en quarantaine, [8454292b5f1c90a687aba5f7907214ec],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, Mis en quarantaine, [28b0cf85e19a49ed6fc92a7ced1534cc],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial.com, Mis en quarantaine, [d008d57fb5c6be78d1812b91b54e1fe1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [5b7d76defb802a0c09c1834c30d3d52b],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-3.5, Mis en quarantaine, [11c700541863c37383d55345c939c33d],
Valeurs du Registre: 0
(No malicious items detected)
Donn�es du Registre: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplac�,[efe978dcb5c61c1a4adff75fb74d3fc1]
Dossiers: 0
(No malicious items detected)
Fichiers: 6
PUP.Optional.Iminent.A, C:\Users\Naturi\AppData\Roaming\ZHP\Quarantine\iminentsetup.exe.VIR, Mis en quarantaine, [498f6ee69edd78be63ac2b030ff28b75],
PUP.Optional.Softonic.A, C:\Users\Naturi\Downloads\SoftonicDownloader_for_pinnacle-studio-hd.exe, Mis en quarantaine, [76627cd81c5f3402a0e149d7758c24dc],
PUP.Optional.InstallCore, C:\Users\Naturi\Downloads\uTorrent-3.3.exe, Mis en quarantaine, [29af61f3f08b9f9792de958caa5626da],
PUP.Optional.BundleInstaller.A, C:\Users\Naturi\Downloads\QuickTimeInstaller.exe, Mis en quarantaine, [55838bc9c1ba4ceaa4a51d165aa68b75],
PUP.Optional.DefaultSearch.A, C:\Users\Naturi\AppData\Roaming\Mozilla\Firefox\Profiles\r549vd1m.default\searchplugins\default-search.xml, Mis en quarantaine, [9246fb59c0bb16204582c2d5fd05b947],
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, Mis en quarantaine, [597fd97bcab1e0561fa99205a65c03fd],
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 23/05/2014
Heure de l'examen: 23:24:42
Fichier journal: mam.txt
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.05.23.12
Base de donn�es Rootkits: v2014.05.21.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Naturi
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 330261
Temps �coul�: 55 min, 42 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Cl�s du Registre: 32
PUP.Optional.WebCake.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, Mis en quarantaine, [05d3ca8a66156fc704cace94bc462bd5],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{20ECF6B1-A008-4F5D-8DC9-590BB1858888}, Mis en quarantaine, [aa2e62f2e2998caa890fbba9da28817f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\TypeLib\{33B73813-5FF0-4351-AF44-D56DAEE2E434}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F465AFA-97C8-4186-B5C3-962C1B73E404}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{43D6CCFB-3DCD-4F2C-9559-7ADB60FC5B1D}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4DEE8805-DDE1-40DC-876B-91E7EAF2B66C}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6B2C191B-D11C-4174-B159-596C6AB37635}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{77251346-4728-49BE-9368-58D35749E4E3}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{779DA3F8-10A1-45DC-88CF-70090ADEAA5F}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{980BC6E0-A90A-4D68-9C71-86D31EDA7DDB}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A5E5D514-230F-464A-8E34-EFE88216C1EC}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C0990C7C-28EE-4B1E-95B9-5468269B4EAF}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D4DFDE4F-28C6-4EA1-9F16-4F32104E7146}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F7F8BE5E-5CE0-4EEC-9FA1-16ADF668A316}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{20ECF6B1-A008-4F5D-8DC9-590BB1858888}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F465AFA-97C8-4186-B5C3-962C1B73E404}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{43D6CCFB-3DCD-4F2C-9559-7ADB60FC5B1D}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4DEE8805-DDE1-40DC-876B-91E7EAF2B66C}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6B2C191B-D11C-4174-B159-596C6AB37635}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{77251346-4728-49BE-9368-58D35749E4E3}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{779DA3F8-10A1-45DC-88CF-70090ADEAA5F}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{980BC6E0-A90A-4D68-9C71-86D31EDA7DDB}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A5E5D514-230F-464A-8E34-EFE88216C1EC}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C0990C7C-28EE-4B1E-95B9-5468269B4EAF}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D4DFDE4F-28C6-4EA1-9F16-4F32104E7146}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F7F8BE5E-5CE0-4EEC-9FA1-16ADF668A316}, Mis en quarantaine, [14c43c184b3070c61d7b560e3ec4d12f],
PUP.Optional.DokoToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{33B73813-5FF0-4351-AF44-D56DAEE2E434}, Mis en quarantaine, [2cac62f2304bc96dd4c4560eb34f48b8],
PUP.Optional.MegaBrowse.A, HKLM\SOFTWARE\WOW6432NODE\Mega Browse, Mis en quarantaine, [8454292b5f1c90a687aba5f7907214ec],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, Mis en quarantaine, [28b0cf85e19a49ed6fc92a7ced1534cc],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial.com, Mis en quarantaine, [d008d57fb5c6be78d1812b91b54e1fe1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [5b7d76defb802a0c09c1834c30d3d52b],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1385283556-1998687792-779195733-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-3.5, Mis en quarantaine, [11c700541863c37383d55345c939c33d],
Valeurs du Registre: 0
(No malicious items detected)
Donn�es du Registre: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplac�,[efe978dcb5c61c1a4adff75fb74d3fc1]
Dossiers: 0
(No malicious items detected)
Fichiers: 6
PUP.Optional.Iminent.A, C:\Users\Naturi\AppData\Roaming\ZHP\Quarantine\iminentsetup.exe.VIR, Mis en quarantaine, [498f6ee69edd78be63ac2b030ff28b75],
PUP.Optional.Softonic.A, C:\Users\Naturi\Downloads\SoftonicDownloader_for_pinnacle-studio-hd.exe, Mis en quarantaine, [76627cd81c5f3402a0e149d7758c24dc],
PUP.Optional.InstallCore, C:\Users\Naturi\Downloads\uTorrent-3.3.exe, Mis en quarantaine, [29af61f3f08b9f9792de958caa5626da],
PUP.Optional.BundleInstaller.A, C:\Users\Naturi\Downloads\QuickTimeInstaller.exe, Mis en quarantaine, [55838bc9c1ba4ceaa4a51d165aa68b75],
PUP.Optional.DefaultSearch.A, C:\Users\Naturi\AppData\Roaming\Mozilla\Firefox\Profiles\r549vd1m.default\searchplugins\default-search.xml, Mis en quarantaine, [9246fb59c0bb16204582c2d5fd05b947],
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, Mis en quarantaine, [597fd97bcab1e0561fa99205a65c03fd],
Secteurs physiques: 0
(No malicious items detected)
(end)