cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 27/03/2015
Heure de l'examen: 09:06:01
Fichier journal: Malwarebytes Anti Malware.txt
Administrateur: Oui

Version: 2.01.4.1018
Base de donn�es Malveillants: v2015.03.27.04
Base de donn�es Rootkits: v2015.03.26.01
Licence: Premium
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: UTILISATEUR

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 328845
Temps �coul�: 34 min, 18 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Avertir
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux d�tect�)

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 5
PUP.Optional.Dregol.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [3b45f6546822db5ba314edc959aa758b],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Run_Dregol, Mis en quarantaine, [265aa8a25f2bcf6718a6694d36cd7987],
PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.9, Mis en quarantaine, [9fe173d791f985b122ab1be0818217e9],
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\run_dregol, Mis en quarantaine, [3a462b1f8802db5b3389e9cd7a8907f9],
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [750b6bdf7911b6806256585e52b116ea],

Valeurs du Registre: 10
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|URL, http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=, Mis en quarantaine, [7010381296f466d022dc56f62dd855ab]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|TopResultURLFallback, http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=, Mis en quarantaine, [156b28221f6bee48de20b795a065857b]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|FaviconPath, C:\Users\UTILISATEUR\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Mis en quarantaine, [245c2d1dbad09a9cf40a113be32217e9]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}, Dregol, Mis en quarantaine, [fe82d971731778be14eaa8a4af5616ea]
PUP.Optional.Dregol.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|DisplayName, Dregol, Mis en quarantaine, [b0d00b3fc0ca49ed699555f77c89f20e]
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|URL, http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=, Mis en quarantaine, [4d3325253753d4622cd187c537ce2fd1]
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|TopResultURLFallback, http://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=, Mis en quarantaine, [5d2390ba4f3bd5616a937cd048bdd62a]
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|FaviconPath, C:\Users\UTILISATEUR\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Mis en quarantaine, [760a86c495f5ef47be3f3b11db2afc04]
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}, Dregol, Mis en quarantaine, [602051f9e1a9af8757a6ea62e025dd23]
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|DisplayName, Dregol, Mis en quarantaine, [146c0d3dcfbbc67058a5dd6ff11445bb]

Donn�es du Registre: 1
PUP.Optional.Dregol.A, HKU\S-1-5-21-1814525148-191006704-1521922000-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.dregol.com/?f=1&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=, Bon: (www.google.com), Mauvais: (http://www.dregol.com/?f=1&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=),Remplac�,[e997202aee9cc5714bbc24c80ff6ac54]

Dossiers: 5
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0, Mis en quarantaine, [3e4297b3d4b67fb70d45e4a6f90afb05],
PUP.Optional.Dregol.A, C:\Users\UTILISATEUR\AppData\Roaming\Run_dregol, Mis en quarantaine, [9ee20743a6e456e07617eec4689b24dc],
PUP.Optional.Dregol.A, C:\Users\UTILISATEUR\AppData\Roaming\Run_dregol\UpdateProc, Mis en quarantaine, [9ee20743a6e456e07617eec4689b24dc],
PUP.Optional.Dregol.A, C:\Program Files\Run_Dregol, Mis en quarantaine, [89f757f38ffb71c54549e9c9b44f9967],

Fichiers: 18
PUP.Optional.Dregol.A, C:\Windows\System32\Tasks\Dregol lali, Mis en quarantaine, [a6da9ab06b1fcd697841b7ff50b3d52b],
PUP.Optional.Dregol.A, C:\Windows\Tasks\Run_dregol.job, Mis en quarantaine, [c7b98ebca4e6082ed1e99f172ed5aa56],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0.localstorage, Mis en quarantaine, [255ba4a60a802b0bc2308a6121e2916f],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\000292.ldb, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\000301.log, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\CURRENT, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\LOCK, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\LOG, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\LOG.old, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jjflmfkjppbmejlfbhlpgjnomdoefkfa\MANIFEST-000299, Mis en quarantaine, [631d5befd6b42d0958f9652513f0c838],
PUP.Optional.CrossRider.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jjflmfkjppbmejlfbhlpgjnomdoefkfa_0\1, Mis en quarantaine, [3e4297b3d4b67fb70d45e4a6f90afb05],
PUP.Optional.Dregol.A, C:\Users\UTILISATEUR\AppData\Roaming\Run_dregol\UpdateProc\bkup.dat, Mis en quarantaine, [9ee20743a6e456e07617eec4689b24dc],
PUP.Optional.Dregol.A, C:\Users\UTILISATEUR\AppData\Roaming\Run_dregol\UpdateProc\config.dat, Mis en quarantaine, [9ee20743a6e456e07617eec4689b24dc],
PUP.Optional.Dregol.A, C:\Program Files\Run_Dregol\config.dat, Mis en quarantaine, [89f757f38ffb71c54549e9c9b44f9967],
PUP.Optional.Dregol.A, C:\Program Files\Run_Dregol\Sqlite3.dll, Mis en quarantaine, [89f757f38ffb71c54549e9c9b44f9967],
PUP.Optional.Dregol.A, C:\Program Files\Run_Dregol\uninst.dat, Mis en quarantaine, [89f757f38ffb71c54549e9c9b44f9967],
PUP.Optional.Dregol.A, C:\Program Files\Run_Dregol\uninstall.exe, Mis en quarantaine, [89f757f38ffb71c54549e9c9b44f9967],
PUP.Optional.Dregol.A, C:\Users\UTILISATEUR\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Bon: (), Mauvais: ( "homepage": "http://www.dregol.com/?f=1&a=drg_ggbc_15_13&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzytD0D0C0DzzzztC0BzytAtN0D0Tzu0StCtCzztDtN1L2XzutAtFzytFyBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0AtDyByC0EyByEtGyCyDzztBtG0EtDyDtCtGtAyC0AzztGtCzzyEyC0EyB0FtB0CtCtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzy0EtAtDyC0F0CtGtDtB0EtAtGyE0B0E0DtG0ByB0DyEtG0F0CyBtBtCyD0A0A0D0C0AyB2QtN0A0LzuyE&cr=638161998&ir=",), Remplac�,[96ea1931622879bdf1d82111ec1a4fb1]

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité