cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 07/12/2014
Heure de l'examen: 19:14:38
Fichier journal: MBAW.txt
Administrateur: Oui

Version: 2.00.4.1028
Base de donn�es Malveillants: v2014.12.07.09
Base de donn�es Rootkits: v2014.12.03.01
Licence: Essai
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: Jeanne

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 322396
Temps �coul�: 27 min, 52 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 1
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\ColorMedia.exe, 1552, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719]

Modules: 8
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\ColorMediaCrt.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\freebl3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\libnspr4.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\libplc4.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\libplds4.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\nss3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\nssutil3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\smime3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],

Cl�s du Registre: 19
PUP.Optional.LANDisabler.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cmwd, Supprim�-au-red�marrage, [62a391cfe4988fa761c2f7ed7b861ee2],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Mis en quarantaine, [be474a164b310c2a219e1bb22bd7b44c],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Mis en quarantaine, [be474a164b310c2a219e1bb22bd7b44c],
PUP.Optional.Cinema.A, HKLM\SOFTWARE\CinemaP-1.3cV26.11, Mis en quarantaine, [34d1560ad1abe74f034bde7a3cc709f7],
PUP.Optional.Cinema.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinemaP-1.3cV21.11, Mis en quarantaine, [6e97352bf686b97d1f3183d56e95a55b],
PUP.Optional.Cinema.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinemaP-1.3cV22.11, Mis en quarantaine, [ae575907ff7df5417ed23622c43f23dd],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQuality-v1.3V21.11, Mis en quarantaine, [45c0bda3f389a88e486080d0ba498d73],
PUP.Optional.Cinema.A, HKU\S-1-5-21-392878044-3938468273-473731853-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\CinemaP-1.3cV26.11, Mis en quarantaine, [41c4451bee8e74c25bf535237c871ee2],
PUP.Optional.FastStart.A, HKU\S-1-5-21-392878044-3938468273-473731853-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Mis en quarantaine, [de27abb59ae29d99f06972e444bf8e72],
PUP.Optional.PicColor.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ColorMedia, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B8D1E62C-5D04-4AB0-A09E-688FF75743EF}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B0071C9-831E-43DD-9EFE-722D8AEB9E2E}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5217E897-1728-4B11-BC9D-5405AD551BEF}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6073385E-A128-4464-9DFD-C7CF0F39A492}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{81E47395-D310-4064-B963-844C4088AB76}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{83E41C3D-190A-4052-A046-269722F3B4FD}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D1C116A0-DC17-4257-9190-033AE10F90B9}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{ED5B55CA-994B-42B9-93B6-1FD306925967}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FB7F9DF6-2A66-444F-BA5D-2F221F1B1AC8}, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],

Valeurs du Registre: 3
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, Mis en quarantaine, [35d08fd1f488082e7ff6675b59ab32ce]
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-392878044-3938468273-473731853-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, Mis en quarantaine, [986d6ef2601ca59120b4ddcf966e639d]
PUP.Optional.FastStart.A, HKU\S-1-5-21-392878044-3938468273-473731853-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Mis en quarantaine, [de27abb59ae29d99f06972e444bf8e72]

Donn�es du Registre: 0
(Aucun �l�ment malicieux detect�)

Dossiers: 5
Rogue.Multiple, C:\ProgramData\3222621244, Mis en quarantaine, [788d431dc5b7a393fbd8bf4758ab25db],
Rogue.Multiple, C:\ProgramData\4001812108, Mis en quarantaine, [8f76560ad7a55adc993a39cd24dfdc24],
PUP.Optional.ValueApps.A, C:\Users\Jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\zn758imq.default\valueApps, Mis en quarantaine, [24e1cf9185f70f2773b75bc19a6939c7],
PUP.Optional.ValueApps.A, C:\Users\Jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\zn758imq.default\valueApps\CT3009663, Mis en quarantaine, [24e1cf9185f70f2773b75bc19a6939c7],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],

Fichiers: 42
PUP.Optional.LANDisabler.A, C:\Windows\System32\drivers\cmwd.sys, Supprim�-au-red�marrage, [62a391cfe4988fa761c2f7ed7b861ee2],
PUP.Optional.PicColor.A, C:\ProgramData\SafeUpdater\SafeUpdater.exe, Mis en quarantaine, [9471a1bf67153ff78f2d6d72a65b35cb],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\BOGBBM.exe, Mis en quarantaine, [5da887d9126a82b42547732522e3dd23],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\CFTNKY.exe, Mis en quarantaine, [a263b9a7215b4aecbce6197de12420e0],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\DCQOUO.exe, Mis en quarantaine, [3acbf36d5725dc5a00a22c6aff06ab55],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\HSMDKMXX.exe, Mis en quarantaine, [0ef7223e0c70290ddec482145fa6ab55],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\LZEZ.exe, Mis en quarantaine, [bd487fe13f3de056ffa30591b05506fa],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\SRNEFJ.exe, Mis en quarantaine, [ef1676eafa821d199bd181178a7bf709],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\TOPUEWT.exe, Mis en quarantaine, [877e4e12fb8177bf831fa0f6e3226d93],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\TQWYCX.exe, Mis en quarantaine, [bd48c19f027afb3b732fd5c18f7634cc],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\YAFSU.exe, Mis en quarantaine, [0df893cd9ae275c18b1770264db8f20e],
PUP.Optional.CrossRider.A, C:\Users\Jeanne\AppData\Roaming\ZGXRZFW.exe, Mis en quarantaine, [5ca9b6aa65179c9a039ff79fd92cc13f],
PUP.Optional.SkyTech.A, C:\Users\Jeanne\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG\{04D869EB-6589-40DA-B27C-97899FC49AA5}_XIAZAI\a.zip, Mis en quarantaine, [7d88f967f58784b224e3a1516b9658a8],
PUP.Optional.StartPage.A, C:\Users\Jeanne\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG\{2E089831-61B1-4CF2-8553-300574316F09}_DIYIGE\BaofengUpdate.exe, Mis en quarantaine, [55b0a9b705770a2c5b9444adec15b64a],
PUP.Optional.SkyTech.A, C:\Users\Jeanne\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG\{2E089831-61B1-4CF2-8553-300574316F09}_DIYIGE\BFVUpdateM.dll, Mis en quarantaine, [ca3bb9a7c2bace684dba13dff40dc838],
PUP.Optional.MultiPlug.A, C:\Users\Jeanne\AppData\Local\Temp\A99687884\temp\hpds_setup.exe, Mis en quarantaine, [30d50060641876c077751de445bd8080],
PUP.Optional.MyStartSearch.A, C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml, Mis en quarantaine, [c93c510f84f83ef86ec5ec5f24df08f8],
PUP.Optional.ISearch.A, C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml, Mis en quarantaine, [788d63fd700cf44206d71f8eea1ac937],
PUP.Optional.ColorMedia.A, C:\Windows\System32\ColorMedia.ini, Mis en quarantaine, [aa5b2739b0cc2214e146f6ce808433cd],
PUP.Optional.ColorMedia.A, C:\Windows\System32\ColorMediaOff.ini, Mis en quarantaine, [52b396cab7c562d4b771dbe94cb83dc3],
Rogue.Multiple, C:\ProgramData\3222621244\BITB947.tmp, Mis en quarantaine, [788d431dc5b7a393fbd8bf4758ab25db],
PUP.Optional.ValueApps.A, C:\Users\Jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\zn758imq.default\valueApps\CT3009663\mam_gk_appsConfig.txt, Mis en quarantaine, [24e1cf9185f70f2773b75bc19a6939c7],
PUP.Optional.ValueApps.A, C:\Users\Jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\zn758imq.default\valueApps\CT3009663\mam_gk_eventsCache.txt, Mis en quarantaine, [24e1cf9185f70f2773b75bc19a6939c7],
PUP.Optional.ValueApps.A, C:\Users\Jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\zn758imq.default\valueApps\CT3009663\mam_gk_localization.txt, Mis en quarantaine, [24e1cf9185f70f2773b75bc19a6939c7],
PUP.Optional.ValueApps.A, C:\Users\Jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\zn758imq.default\valueApps\CT3009663\mam_gk_settings1.13.0.17.txt, Mis en quarantaine, [24e1cf9185f70f2773b75bc19a6939c7],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\ColorMedia.exe, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\ColorMedia.tlb, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\ColorMediaCrt.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\freebl3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\libnspr4.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\libplc4.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\libplds4.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\nss3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\nssckbi.dll, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\nssdbm3.dll, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\nssutil3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\PicColor.exe, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\RfndNSIS.dll, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\smime3.dll, Supprim�-au-red�marrage, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\softokn3.dll, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\sqlite3.dll, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],
PUP.Optional.PicColor.A, C:\ProgramData\PicColor Utility\ssl3.dll, Mis en quarantaine, [1bea045cb6c640f6ea421d21f60de719],

Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité