Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 10/11/2014
Heure de l'examen: 18:40:04
Fichier journal: rapport malwarebytes.txt
Administrateur: Oui
Version: 2.00.3.1025
Base de donn�es Malveillants: v2014.11.10.07
Base de donn�es Rootkits: v2014.11.10.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: patou
Type d'examen: Examen "Personnalis�"
R�sultat: Termin�
Objets analys�s: 697629
Temps �coul�: 2 h, 20 min, 48 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: Activ�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 1
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\WRaNjR.exe, 3316, , [16097fbbb8c473c3e2d36051f70aa060]
Modules: 0
(Aucun �l�ment malicieux detect�)
Cl�s du Registre: 5
PUP.Optional.ShopSave.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{033BE5FC-ED4C-48A0-8F07-E0128384D828}, , [74abfa401c60e650606106abaf531ae6],
PUP.Optional.ShopSave.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, , [24fb2b0f6d0f9f9707b9d0e105fd04fc],
PUP.Optional.ShopSave.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, , [24fb2b0f6d0f9f9707b9d0e105fd04fc],
PUP.Optional.WordProser.A, HKLM\SOFTWARE\WOW6432NODE\WordProser_1.10.0.2, , [ed321525bbc1e2544749da57d033639d],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [72ada496d2aaa78fa313c285bf4428d8],
Valeurs du Registre: 2
PUP.Optional.ShopSave.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{033BE5FC-ED4C-48A0-8F07-E0128384D828}, ShopSave Toolbar, , [74abfa401c60e650606106abaf531ae6]
PUP.Optional.ShopSave.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{033BE5FC-ED4C-48A0-8F07-E0128384D828}, , [8e9168d2de9e39fd8140bff28b7744bc],
Donn�es du Registre: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1362153404718&tguid=41460-2938-1362153396793-718402&q=%s, Bon: (www.google.com), Mauvais: (http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1362153404718&tguid=41460-2938-1362153396793-718402&q=%s),,[a17e2416cbb1d066a96dcb78b154db25]
Dossiers: 8
PUP.Optional.ZombieNews.A, C:\Users\patou\AppData\Local\ZombieNews, , [b36c91a9a3d9a5915668021c748f37c9],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\plugins, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\AppsMetaData, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarHiddenSettings, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarSettings, , [b56a31094f2d191d422374b72dd6f808],
Fichiers: 22
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\WRaNjR.exe, , [16097fbbb8c473c3e2d36051f70aa060],
PUP.Optional.WordProser.A, C:\Users\patou\AppData\Roaming\ZHP\Quarantine\WordProser_1.10.0.2.DIR\Service\wpsvc.exe, , [bf6060da2557f2448232d205cc3539c7],
PUP.Optional.InstallCore.A, C:\Users\patou\Documents\Encodage\vobmerge-2-51-3860-fr-setup.exe, , [001f40fa4933a69051b409122dd8de22],
PUP.Optional.Amonetize, C:\Users\patou\Downloads\FlashPlayersetup__10907_i1400531727_il6.exe, , [ac73a595700cf640d330419d2bd69d63],
PUP.Optional.Amonetize, C:\Users\patou\Downloads\FlashPlayersetup__10907_i1400629693_il6.exe, , [e23df9419eded46211f2af2f9b662dd3],
PUP.Optional.Bestop, C:\Users\patou\Downloads\FlvPlayerSetup(1).exe, , [031c88b290ecef47cb3439fc7f8652ae],
PUP.Optional.Bestop, C:\Users\patou\Downloads\FlvPlayerSetup(2).exe, , [e23d88b2106c4fe7f708c5707590e719],
PUP.Optional.Bestop, C:\Users\patou\Downloads\FlvPlayerSetup.exe, , [6eb173c7bdbf43f33cc3e055798c8e72],
PUP.Optional.Bundle, C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe, , [fb2498a21468a096d933b2840bfa2cd4],
PUP.Optional.Bundle, C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe, , [fc231c1eb0cca98d8f82999d1ce9e61a],
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\dat\gEimcE.exe, , [d44bf5450379c670a213eec3ad54f10f],
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\dat\mlSoWVXMdO.exe, , [8d927dbd4b316ec81c9902af639eb24e],
PUP.Optional.SupraSavings.A, C:\Temp\t.msi, , [59c60a30700ca0965b1fe03216efee12],
PUP.Optional.Conduit.A, C:\Users\patou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage, , [e63960da304c7eb805453cfd2cd719e7],
PUP.Optional.ReMarkable.A, C:\Users\patou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, , [4fd04bef1b618bab0b671a8cd03429d7],
PUP.Optional.ReMarkable.A, C:\Users\patou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, , [e13e300a215b1b1b165c8c1a26dec937],
PUP.Optional.ZombieNews.A, C:\Users\patou\AppData\Local\ZombieNews\data2.dat, , [b36c91a9a3d9a5915668021c748f37c9],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\AppsMetaData\data.bck.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\AppsMetaData\data.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarHiddenSettings\data.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarSettings\data.bck.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarSettings\data.txt, , [b56a31094f2d191d422374b72dd6f808],
Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)
(end)
www.malwarebytes.org
Date de l'examen: 10/11/2014
Heure de l'examen: 18:40:04
Fichier journal: rapport malwarebytes.txt
Administrateur: Oui
Version: 2.00.3.1025
Base de donn�es Malveillants: v2014.11.10.07
Base de donn�es Rootkits: v2014.11.10.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: patou
Type d'examen: Examen "Personnalis�"
R�sultat: Termin�
Objets analys�s: 697629
Temps �coul�: 2 h, 20 min, 48 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: Activ�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 1
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\WRaNjR.exe, 3316, , [16097fbbb8c473c3e2d36051f70aa060]
Modules: 0
(Aucun �l�ment malicieux detect�)
Cl�s du Registre: 5
PUP.Optional.ShopSave.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{033BE5FC-ED4C-48A0-8F07-E0128384D828}, , [74abfa401c60e650606106abaf531ae6],
PUP.Optional.ShopSave.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, , [24fb2b0f6d0f9f9707b9d0e105fd04fc],
PUP.Optional.ShopSave.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6CC4BF79-7708-4ECB-8F2B-A11264A67989}, , [24fb2b0f6d0f9f9707b9d0e105fd04fc],
PUP.Optional.WordProser.A, HKLM\SOFTWARE\WOW6432NODE\WordProser_1.10.0.2, , [ed321525bbc1e2544749da57d033639d],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [72ada496d2aaa78fa313c285bf4428d8],
Valeurs du Registre: 2
PUP.Optional.ShopSave.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{033BE5FC-ED4C-48A0-8F07-E0128384D828}, ShopSave Toolbar, , [74abfa401c60e650606106abaf531ae6]
PUP.Optional.ShopSave.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{033BE5FC-ED4C-48A0-8F07-E0128384D828}, , [8e9168d2de9e39fd8140bff28b7744bc],
Donn�es du Registre: 1
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-3681399920-3762634642-1441022263-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1362153404718&tguid=41460-2938-1362153396793-718402&q=%s, Bon: (www.google.com), Mauvais: (http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1362153404718&tguid=41460-2938-1362153396793-718402&q=%s),,[a17e2416cbb1d066a96dcb78b154db25]
Dossiers: 8
PUP.Optional.ZombieNews.A, C:\Users\patou\AppData\Local\ZombieNews, , [b36c91a9a3d9a5915668021c748f37c9],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\plugins, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\AppsMetaData, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarHiddenSettings, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarSettings, , [b56a31094f2d191d422374b72dd6f808],
Fichiers: 22
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\WRaNjR.exe, , [16097fbbb8c473c3e2d36051f70aa060],
PUP.Optional.WordProser.A, C:\Users\patou\AppData\Roaming\ZHP\Quarantine\WordProser_1.10.0.2.DIR\Service\wpsvc.exe, , [bf6060da2557f2448232d205cc3539c7],
PUP.Optional.InstallCore.A, C:\Users\patou\Documents\Encodage\vobmerge-2-51-3860-fr-setup.exe, , [001f40fa4933a69051b409122dd8de22],
PUP.Optional.Amonetize, C:\Users\patou\Downloads\FlashPlayersetup__10907_i1400531727_il6.exe, , [ac73a595700cf640d330419d2bd69d63],
PUP.Optional.Amonetize, C:\Users\patou\Downloads\FlashPlayersetup__10907_i1400629693_il6.exe, , [e23df9419eded46211f2af2f9b662dd3],
PUP.Optional.Bestop, C:\Users\patou\Downloads\FlvPlayerSetup(1).exe, , [031c88b290ecef47cb3439fc7f8652ae],
PUP.Optional.Bestop, C:\Users\patou\Downloads\FlvPlayerSetup(2).exe, , [e23d88b2106c4fe7f708c5707590e719],
PUP.Optional.Bestop, C:\Users\patou\Downloads\FlvPlayerSetup.exe, , [6eb173c7bdbf43f33cc3e055798c8e72],
PUP.Optional.Bundle, C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe, , [fb2498a21468a096d933b2840bfa2cd4],
PUP.Optional.Bundle, C:\Program Files (x86)\0ca45c95134d\cf3e08d747e4.exe, , [fc231c1eb0cca98d8f82999d1ce9e61a],
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\dat\gEimcE.exe, , [d44bf5450379c670a213eec3ad54f10f],
PUP.Optional.ZombieNews.A, C:\ProgramData\qFcnNNlTwG\dat\mlSoWVXMdO.exe, , [8d927dbd4b316ec81c9902af639eb24e],
PUP.Optional.SupraSavings.A, C:\Temp\t.msi, , [59c60a30700ca0965b1fe03216efee12],
PUP.Optional.Conduit.A, C:\Users\patou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage, , [e63960da304c7eb805453cfd2cd719e7],
PUP.Optional.ReMarkable.A, C:\Users\patou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, , [4fd04bef1b618bab0b671a8cd03429d7],
PUP.Optional.ReMarkable.A, C:\Users\patou\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, , [e13e300a215b1b1b165c8c1a26dec937],
PUP.Optional.ZombieNews.A, C:\Users\patou\AppData\Local\ZombieNews\data2.dat, , [b36c91a9a3d9a5915668021c748f37c9],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\AppsMetaData\data.bck.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\AppsMetaData\data.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarHiddenSettings\data.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarSettings\data.bck.txt, , [b56a31094f2d191d422374b72dd6f808],
PUP.Optional.WhiteSmoke.A, C:\Users\patou\AppData\LocalLow\WhiteSmoke_B\Repository\conduit_CT3279141_CT3279141\ToolbarSettings\data.txt, , [b56a31094f2d191d422374b72dd6f808],
Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)
(end)