Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 16/09/2014
Heure de l'examen: 09:22:27
Fichier journal:
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.09.16.02
Base de donn�es Rootkits: v2014.09.15.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows Vista Service Pack 2
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: luc
Type d'examen: Examen "Personnalis�"
R�sultat: Termin�
Objets analys�s: 491592
Temps �coul�: 2 h, 5 min, 58 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: Activ�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Cl�s du Registre: 14
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [ec066a83ef8c5bdbae7029954ab8bb45],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, , [ec066a83ef8c5bdbae7029954ab8bb45],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [ec066a83ef8c5bdbae7029954ab8bb45],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [fff3688532498caa45c3b9097e84fb05],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [fff3688532498caa45c3b9097e84fb05],
PUP.Optional.Babylon.A, HKU\S-1-5-21-785947824-1382047164-2322900056-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [10e25e8fec8fe94de63b6b1a877b45bb],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{5eeb83d0-96ea-4249-942c-beead6847053}Gt, , [e1114da066158fa7ec85b9500cf73dc3],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, , [f0021ecfe794e650b62bd538778c768a],
PUP.Optional.SmarterPower.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update SmarterPower, , [32c0ed000972c6705124d52f9f6447b9],
PUP.Optional.SmarterPower.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util SmarterPower, , [26cc48a51f5c37ffabcbfe062fd4669a],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [d919b13caecdbb7b47ea949ff3102dd3],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [15dd8568ef8c2313e5a7470218ecdf21],
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, , [1fd33fae4f2cbc7a0288956f09fa1fe1],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [0de5e706d5a612244997ee1fe1227789],
Valeurs du Registre: 3
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [05edb73688f365d1f6f3926f3fc4c63a]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R0DtO0U1C1S1U1StR0J1Q2P1J1K1I2R, , [15dd8568ef8c2313e5a7470218ecdf21]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, IrsSF, , [1fd33fae4f2cbc7a0288956f09fa1fe1]
Donn�es du Registre: 5
PUP.Optional.EasySearch.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.easysear.ch/, Bon: (www.google.com), Mauvais: (www.easysear.ch/),,[f200faf3ff7c43f3cafcf400e420b749]
PUP.Optional.EasySearch.A, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.easysear.ch/, Bon: (www.google.com), Mauvais: (www.easysear.ch/),,[8171915c97e43204eadcf0047c886997]
PUP.Optional.EasySearch.A, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.easysear.ch/, Bon: (www.google.com), Mauvais: (www.easysear.ch/),,[2ac8c12c2f4c092d7e48589cc2423cc4]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}),,[876bbd30176487af43f827cdb25220e0]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}),,[f002e10cb6c5eb4b003cf40030d4ec14]
Dossiers: 1
PUP.Optional.SystemSpeedup, C:\Users\luc\AppData\Roaming\Systweak\ssd, , [60929f4e2f4c1f170db117d3ec167789],
Fichiers: 8
PUP.Optional.ToolBarInstaller, C:\$RECYCLE.BIN\S-1-5-21-785947824-1382047164-2322900056-1000\$RWJIAKF.exe, , [10e2e20bf6853ff72a6f9d015ea39a66],
PUP.Optional.SmarterPower.A, C:\Users\luc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C01SRZKQ\SmarterPower[1].dll, , [5e949c51ff7cbf77b519901f59a8ed13],
PUP.Optional.SmartBar, C:\Users\luc\AppData\Local\Temp\MSI2C4F.tmp-\Smartbar.Installer.CustomActions.dll, , [935fa548c9b24de95df1ca6423dd15eb],
PUP.Optional.SmartBar, C:\Users\luc\AppData\Local\Temp\MSI6D52.tmp-\Smartbar.Installer.CustomActions.dll, , [836f06e755266fc73618c569de22a45c],
PUP.Optional.SmartBar, C:\Users\luc\AppData\Local\Temp\MSIB9AF.tmp-\Smartbar.Installer.CustomActions.dll, , [39b9698437440234a0aea9854cb47090],
PUP.Optional.SafeFinder.A, C:\Users\luc\AppData\Roaming\Mozilla\Firefox\Profiles\munkazkl.default-1387398013230\searchplugins\SafeFinder Search.xml, , [b53d7a731665bf7726612cd8887bc33d],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt.sys, , [1a2028b011c8fe5cdf130996387b5bd7],
PUP.Optional.SystemSpeedup, C:\Users\luc\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, , [60929f4e2f4c1f170db117d3ec167789],
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 16/09/2014
Heure de l'examen: 09:22:27
Fichier journal:
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.09.16.02
Base de donn�es Rootkits: v2014.09.15.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows Vista Service Pack 2
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: luc
Type d'examen: Examen "Personnalis�"
R�sultat: Termin�
Objets analys�s: 491592
Temps �coul�: 2 h, 5 min, 58 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: Activ�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Cl�s du Registre: 14
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [ec066a83ef8c5bdbae7029954ab8bb45],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, , [ec066a83ef8c5bdbae7029954ab8bb45],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [ec066a83ef8c5bdbae7029954ab8bb45],
PUP.Optional.Snapdo.T, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [fff3688532498caa45c3b9097e84fb05],
PUP.Optional.Snapdo.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [fff3688532498caa45c3b9097e84fb05],
PUP.Optional.Babylon.A, HKU\S-1-5-21-785947824-1382047164-2322900056-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [10e25e8fec8fe94de63b6b1a877b45bb],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{5eeb83d0-96ea-4249-942c-beead6847053}Gt, , [e1114da066158fa7ec85b9500cf73dc3],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\SYSTWEAK\ssd, , [f0021ecfe794e650b62bd538778c768a],
PUP.Optional.SmarterPower.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update SmarterPower, , [32c0ed000972c6705124d52f9f6447b9],
PUP.Optional.SmarterPower.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util SmarterPower, , [26cc48a51f5c37ffabcbfe062fd4669a],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [d919b13caecdbb7b47ea949ff3102dd3],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [15dd8568ef8c2313e5a7470218ecdf21],
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, , [1fd33fae4f2cbc7a0288956f09fa1fe1],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, , [0de5e706d5a612244997ee1fe1227789],
Valeurs du Registre: 3
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [05edb73688f365d1f6f3926f3fc4c63a]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R0DtO0U1C1S1U1StR0J1Q2P1J1K1I2R, , [15dd8568ef8c2313e5a7470218ecdf21]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, IrsSF, , [1fd33fae4f2cbc7a0288956f09fa1fe1]
Donn�es du Registre: 5
PUP.Optional.EasySearch.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.easysear.ch/, Bon: (www.google.com), Mauvais: (www.easysear.ch/),,[f200faf3ff7c43f3cafcf400e420b749]
PUP.Optional.EasySearch.A, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.easysear.ch/, Bon: (www.google.com), Mauvais: (www.easysear.ch/),,[8171915c97e43204eadcf0047c886997]
PUP.Optional.EasySearch.A, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.easysear.ch/, Bon: (www.google.com), Mauvais: (www.easysear.ch/),,[2ac8c12c2f4c092d7e48589cc2423cc4]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}),,[876bbd30176487af43f827cdb25220e0]
PUP.Optional.SafeFinder.A, HKU\S-1-5-21-785947824-1382047164-2322900056-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880HBZWL86X-Vffvs7FE2ait4cB63t9PBUUWfVZj0jLyD5JGjfK2Aa4NLTyrEI2996NWC-hJA27OzNG-FQ6tFCwfRghpV0pttMv8un-fYheIWXn1OqcUYtsotStqGJmsnWV2DCX9d86nb84xEB0c_Onq3VGWCXx1Gkv7EY7WQgg,,&q={searchTerms}),,[f002e10cb6c5eb4b003cf40030d4ec14]
Dossiers: 1
PUP.Optional.SystemSpeedup, C:\Users\luc\AppData\Roaming\Systweak\ssd, , [60929f4e2f4c1f170db117d3ec167789],
Fichiers: 8
PUP.Optional.ToolBarInstaller, C:\$RECYCLE.BIN\S-1-5-21-785947824-1382047164-2322900056-1000\$RWJIAKF.exe, , [10e2e20bf6853ff72a6f9d015ea39a66],
PUP.Optional.SmarterPower.A, C:\Users\luc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C01SRZKQ\SmarterPower[1].dll, , [5e949c51ff7cbf77b519901f59a8ed13],
PUP.Optional.SmartBar, C:\Users\luc\AppData\Local\Temp\MSI2C4F.tmp-\Smartbar.Installer.CustomActions.dll, , [935fa548c9b24de95df1ca6423dd15eb],
PUP.Optional.SmartBar, C:\Users\luc\AppData\Local\Temp\MSI6D52.tmp-\Smartbar.Installer.CustomActions.dll, , [836f06e755266fc73618c569de22a45c],
PUP.Optional.SmartBar, C:\Users\luc\AppData\Local\Temp\MSIB9AF.tmp-\Smartbar.Installer.CustomActions.dll, , [39b9698437440234a0aea9854cb47090],
PUP.Optional.SafeFinder.A, C:\Users\luc\AppData\Roaming\Mozilla\Firefox\Profiles\munkazkl.default-1387398013230\searchplugins\SafeFinder Search.xml, , [b53d7a731665bf7726612cd8887bc33d],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt.sys, , [1a2028b011c8fe5cdf130996387b5bd7],
PUP.Optional.SystemSpeedup, C:\Users\luc\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, , [60929f4e2f4c1f170db117d3ec167789],
Secteurs physiques: 0
(No malicious items detected)
(end)