cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 16/08/2014
Heure de l'examen: 15:50:54
Fichier journal: MBAM.txt
Administrateur: Oui

Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.08.16.06
Base de donn�es Rootkits: v2014.08.15.01
Licence: Premium
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Self-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: user

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 347215
Temps �coul�: 15 min, 44 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Cl�s du Registre: 22
PUP.Optional.SpeedDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}, Mis en quarantaine, [fd493b8ccdaefb3bb9897cf08b7743bd],
PUP.Optional.SpeedDial.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}, Mis en quarantaine, [fd493b8ccdaefb3bb9897cf08b7743bd],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Mis en quarantaine, [ac9a86412d4e61d55b80073d1ce8dd23],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Mis en quarantaine, [3412e0e7413a0036f4e91a2a956f43bd],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Mis en quarantaine, [8fb7ecdb42391026d40ca2a2fe0655ab],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Mis en quarantaine, [25214e798af1a294d011c97b36ce4bb5],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Mis en quarantaine, [0a3ccdfab9c2e551d1130242c341b848],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Mis en quarantaine, [71d55077196275c1ba2c80c4e1232cd4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Mis en quarantaine, [ad999a2d8af1d165984f9ca883816898],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Mis en quarantaine, [5fe76265daa185b15f89c87c6e96da26],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Mis en quarantaine, [073f10b7eb905bdb2ebb1e265ba952ae],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Mis en quarantaine, [de68b0171c5f69cdd506cd7724e0cf31],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Mis en quarantaine, [3511facd5a2169cd8a53083c22e22ad6],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Mis en quarantaine, [e2649235cdaed363dc048abaeb196a96],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Mis en quarantaine, [291d9136e497de5838a96ed6f80c6898],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\umbrella.exe, Mis en quarantaine, [321470571566b77fbc28251f3bc96997],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\volaro, Mis en quarantaine, [cf77aa1d5922f145f7efda6ab3519d63],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\vonteera, Mis en quarantaine, [48fe9037a2d9ac8a6483c480d92b738d],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroids.exe, Mis en quarantaine, [93b3c9fe4338a78f40a893b162a29a66],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\websteroidsservice.exe, Mis en quarantaine, [192d0fb89cdf86b057922e16c73d1ce4],
PUP.Optional.Spigot.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Mis en quarantaine, [cb7b5b6c473484b278f880c3db29956b],
PUP.Optional.Spigot.A, HKU\S-1-5-21-948750584-1004209625-3880535035-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Mis en quarantaine, [b393e1e6e299280e58184ff4b153e21e],

Valeurs du Registre: 1
PUP.Optional.ReMarkit.A, HKU\S-1-5-21-948750584-1004209625-3880535035-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{d97497ae-755d-453a-80bc-9d2460f183ce}, C:\Program Files (x86)\Re-markit\150.xpi, Mis en quarantaine, [f4522f980a71fa3c5eb1af3054ae01ff]

Donn�es du Registre: 0
(No malicious items detected)

Dossiers: 3
PUP.Optional.Spigot.A, C:\Users\Invité\AppData\LocalLow\Search Settings, Mis en quarantaine, [3f07a225daa14ee83d23923e31d14db3],
PUP.Optional.Spigot.A, C:\Users\Invité\AppData\LocalLow\Search Settings\res, Mis en quarantaine, [3f07a225daa14ee83d23923e31d14db3],
PUP.Optional.Spigot.A, C:\Users\Invité\AppData\LocalLow\Search Settings\temp, Mis en quarantaine, [3f07a225daa14ee83d23923e31d14db3],

Fichiers: 3
PUP.Optional.WebSearch.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\a73dsia7.default\searchplugins\Web Search.xml, Mis en quarantaine, [65e10abdf685fd390a415da6db284eb2],
PUP.Optional.SnapDo.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\a73dsia7.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.newtab.url", "http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=FR&userid=63d562a5-8f29-e547-858e-e008250ae4e9&searchtype=nt&installDate=09/11/2013");), Remplac�,[380ea22536455adcab56857f51b4f20e]
PUP.Optional.SnapDo.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\a73dsia7.default\prefs.js, Bon: (), Mauvais: (user_pref("keyword.URL", "http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=FR&userid=63d562a5-8f29-e547-858e-e008250ae4e9&searchtype=ds&installDate=09/11/2013&q=");), Remplac�,[e363ae19e299d06606fcb3512cd9f50b]

Secteurs physiques: 0
(No malicious items detected)


(end)

Publicité


Signaler le contenu de ce document

Publicité