cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 22/12/2014
Heure de l'examen: 13:50:57
Fichier journal: MBAM221214.txt
Administrateur: Oui

Version: 2.00.4.1028
Base de donn�es Malveillants: v2014.12.22.03
Base de donn�es Rootkits: v2014.12.14.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows XP Service Pack 3
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: Dominique PORTMANN

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 301295
Temps �coul�: 21 min, 17 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux detect�)

Modules: 0
(Aucun �l�ment malicieux detect�)

Cl�s du Registre: 17
PUP.Optional.DigiHelp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update DigiHelp, Mis en quarantaine, [ffdcc2a32755af873b61ce248a7707f9],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\CLASSES\CLSID\{5bee7be9-df29-4c14-a18e-2bdd06205e29}, Mis en quarantaine, [8f4c68fd6418aa8c6c2fe50d61a0669a],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{9459a73c-257d-4f67-b275-eb27e9837748}, Mis en quarantaine, [8f4c68fd6418aa8c6c2fe50d61a0669a],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D7590AF8-610C-4E1E-9FBD-56F023613929}, Mis en quarantaine, [8f4c68fd6418aa8c6c2fe50d61a0669a],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5BEE7BE9-DF29-4C14-A18E-2BDD06205E29}, Mis en quarantaine, [8f4c68fd6418aa8c6c2fe50d61a0669a],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\CLASSES\CLSID\{5BEE7BE9-DF29-4C14-A18E-2BDD06205E29}\INPROCSERVER32, Mis en quarantaine, [8f4c68fd6418aa8c6c2fe50d61a0669a],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Mis en quarantaine, [1fbccd9887f53df9b41417f712f18e72],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\DigiHelp, Mis en quarantaine, [ab307de82755c274de114b0efa0948b8],
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Mis en quarantaine, [7f5cf372e09c79bd31104810c1429b65],
PUP.Optional.InstallCore.A, HKLM\SOFTWARE\INSTALLCORE\WSE_Vosteran, Mis en quarantaine, [716abbaa6319f93dbcf8f270a1629070],
PUP.Optional.DigiHelp.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DigiHelp, Mis en quarantaine, [ad2e8fd60f6d1b1bc22eed6c83809070],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_vosteran, Mis en quarantaine, [8e4dd98cafcd80b6d4fd8652e123e51b],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Mis en quarantaine, [9f3c76ef4d2f59dd9da52e2a1ee59c64],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Mis en quarantaine, [756671f437451a1c20cc5a3f986bfa06],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Mis en quarantaine, [f3e82a3bdba191a51dec951b0202f60a],
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE_Vosteran, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.DigiHelp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DigiHelp, Mis en quarantaine, [6c6f1b4a36468ea877408fc3e3209e62],

Valeurs du Registre: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Z1B1L2Z1S, Mis en quarantaine, [f3e82a3bdba191a51dec951b0202f60a]
PUP.Optional.Updater.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|DigitalSites, wscript /E:vbscript /B "H:\DOCUME~1\DOMINI~1\APPLIC~1\DigitalSites\UpdateProc\bkup.dat", Mis en quarantaine, [7e5ded78cbb1de584f8eb28d61a260a0]

Donn�es du Registre: 2
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://Vosteran.com/?f=2&a=vst_ggfc_14_51_ff&cd=2XzuyEtN2Y1L1QzutDtDtD0F0E0AyEtA0AyByEtCyDyDtDtCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDtD0BtD0B0EzytCtGyByEzz0DtGtAyDyE0FtGtB0AzytAtGtAyC0DzztD0E0B0F0D0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtDyCzz0EtA0F0DtGtBtAzzzztGyE0C0A0EtG0B0AtByEtG0A0F0ByCyC0BtCtBtDtCtByD2Q&cr=81295216&ir=, Bon: (www.google.com), Mauvais: (http://Vosteran.com/?f=2&a=vst_ggfc_14_51_ff&cd=2XzuyEtN2Y1L1QzutDtDtD0F0E0AyEtA0AyByEtCyDyDtDtCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDtD0BtD0B0EzytCtGyByEzz0DtGtAyDyE0FtGtB0AzytAtGtAyC0DzztD0E0B0F0D0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtDyCzz0EtA0F0DtGtBtAzzzztGyE0C0A0EtG0B0AtByEtG0A0F0ByCyC0BtCtBtDtCtByD2Q&cr=81295216&ir=),Remplac�,[9b406302126a340240b71960a65feb15]
PUP.Optional.Vosteran.A, HKU\S-1-5-21-73586283-57989841-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://Vosteran.com/?f=1&a=vst_ggfc_14_51_ff&cd=2XzuyEtN2Y1L1QzutDtDtD0F0E0AyEtA0AyByEtCyDyDtDtCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDtD0BtD0B0EzytCtGyByEzz0DtGtAyDyE0FtGtB0AzytAtGtAyC0DzztD0E0B0F0D0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtDyCzz0EtA0F0DtGtBtAzzzztGyE0C0A0EtG0B0AtByEtG0A0F0ByCyC0BtCtBtDtCtByD2Q&cr=81295216&ir=, Bon: (www.google.com), Mauvais: (http://Vosteran.com/?f=1&a=vst_ggfc_14_51_ff&cd=2XzuyEtN2Y1L1QzutDtDtD0F0E0AyEtA0AyByEtCyDyDtDtCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDtD0BtD0B0EzytCtGyByEzz0DtGtAyDyE0FtGtB0AzytAtGtAyC0DzztD0E0B0F0D0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtDyCzz0EtA0F0DtGtBtAzzzztGyE0C0A0EtG0B0AtByEtG0A0F0ByCyC0BtCtBtDtCtByD2Q&cr=81295216&ir=),Remplac�,[9744085d07754beb20d6b6c393727d83]

Dossiers: 6
PUP.Optional.Updater.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\DigitalSites\UpdateProc, Mis en quarantaine, [7e5ded78cbb1de584f8eb28d61a260a0],
PUP.Optional.Vosteran.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\WSE_Vosteran, Mis en quarantaine, [d00b2e37b2cab581360f8bc662a13cc4],
PUP.Optional.Vosteran.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\WSE_Vosteran\icons_3.6.10.7, Mis en quarantaine, [d00b2e37b2cab581360f8bc662a13cc4],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran\bh, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp, Mis en quarantaine, [6c6f1b4a36468ea877408fc3e3209e62],

Fichiers: 21
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp\updateDigiHelp.exe, Mis en quarantaine, [ffdcc2a32755af873b61ce248a7707f9],
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp\DigiHelpbho.dll, Mis en quarantaine, [8f4c68fd6418aa8c6c2fe50d61a0669a],
PUP.Optional.InstallCore, H:\Documents and Settings\Dominique PORTMANN\Application Data\1H1Q1V1N1N1O1R\Image Resizer Packages\uninstaller.exe, Mis en quarantaine, [8d4e095cb7c5979fc14d42ba9d644db3],
PUP.Optional.Nova.A, h:\program files\adobe\a7373408-015c-48cf-b020-a51b8f08e04c.dll, Mis en quarantaine, [2fac5c09d7a58aac8af949b2fc059d63],
PUP.Optional.DigiHelp.A, H:\Documents and Settings\Dominique PORTMANN\Local Settings\Temporary Internet Files\Content.IE5\02SS49I3\DigiHelp[1].dll, Mis en quarantaine, [7368b8ade79588aef3a8f3ff0af738c8],
PUP.Optional.Vosteran.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\Mozilla\Firefox\Profiles\34ptqylg.default-1395091837240\searchplugins\Vosteran.xml, Mis en quarantaine, [65765c09106c0f276a6a2fa90ef604fc],
PUP.Optional.Updater.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\DigitalSites\UpdateProc\bkup.dat, Mis en quarantaine, [7e5ded78cbb1de584f8eb28d61a260a0],
PUP.Optional.Updater.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\DigitalSites\UpdateProc\config.dat, Mis en quarantaine, [7e5ded78cbb1de584f8eb28d61a260a0],
PUP.Optional.Updater.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\DigitalSites\UpdateProc\info.dat, Mis en quarantaine, [7e5ded78cbb1de584f8eb28d61a260a0],
PUP.Optional.Updater.A, H:\Documents and Settings\Dominique PORTMANN\Application Data\DigitalSites\UpdateProc\prod.dat, Mis en quarantaine, [7e5ded78cbb1de584f8eb28d61a260a0],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran\astcnfg.dat, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran\FavIcon.ico, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran\Sqlite3.dll, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran\uninst.dat, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.Vosteran.A, H:\Program Files\WSE_Vosteran\uninstall.exe, Mis en quarantaine, [36a50d582e4e2a0cb592d978719251af],
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp\DigiHelp.ico, Mis en quarantaine, [6c6f1b4a36468ea877408fc3e3209e62],
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp\DigiHelpUninstall.exe, Mis en quarantaine, [6c6f1b4a36468ea877408fc3e3209e62],
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp\error, Mis en quarantaine, [6c6f1b4a36468ea877408fc3e3209e62],
PUP.Optional.DigiHelp.A, H:\Program Files\DigiHelp\updateDigiHelp.InstallState, Mis en quarantaine, [6c6f1b4a36468ea877408fc3e3209e62],
PUP.Optional.Trovi.A, H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls" : ["http://Vosteran.com/?f=7&a=vst_ggfc_14_51_ff&cd=2XzuyEtN2Y1L1QzutDtDtD0F0E0AyEtA0AyByEtCyDyDtDtCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDtD0BtD0B0EzytCtGyByEzz0DtGtAyDyE0FtGtB0AzytAtGtAyC0DzztD0E0B0F0D0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtDyCzz0EtA0F0DtGtBtAzzzztGyE0C0A0EtG0B0AtByEtG0A0F0ByCyC0BtCtBtDtCtByD2Q&cr=81295216&ir=","http://www.trovi.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=M46376097-A40C-436C-8882-91CD441C1AEC&SearchSource=55&CUI=&UM=6&UP=SPA6BC2482-07DD-45D4-A465-B1B5F5B989AB&SSPV="],), Remplac�,[9c3f1c49df9dc472dad60fa1b74eb44c]
PUP.Optional.Vosteran.A, H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage":"http://Vosteran.com/?f=1&a=vst_ggfc_14_51_ff&cd=2XzuyEtN2Y1L1QzutDtDtD0F0E0AyEtA0AyByEtCyDyDtDtCtN0D0Tzu0StCtDzztAtN1L2XzutAtFyCtFtCtDtFyBtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDtD0BtD0B0EzytCtGyByEzz0DtGtAyDyE0FtGtB0AzytAtGtAyC0DzztD0E0B0F0D0F0AyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDtDyCzz0EtA0F0DtGtBtAzzzztGyE0C0A0EtG0B0AtByEtG0A0F0ByCyC0BtCtBtDtCtByD2Q&cr=81295216&ir="), Remplac�,[f9e231345a2247ef7d938231d233a759]

Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité