cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 08/03/2015
Heure de l'examen: 10:01:34
Fichier journal: mbam.txt
Administrateur: Oui

Version: 2.00.4.1028
Base de donn�es Malveillants: v2015.03.08.04
Base de donn�es Rootkits: v2015.02.25.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows XP Service Pack 3
Processeur: x86
Syst�me de fichiers: NTFS
Utilisateur: Administrateur

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 313481
Temps �coul�: 20 min, 59 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 1
PUP.Optional.HealthAlert.A, C:\Documents and Settings\All Users\Application Data\vNeTSFECXgN\WqMIBdF.exe, 1748, Supprim�-au-red�marrage, [20f4251ea0ea39fd46f8857b6b977a86]

Modules: 0
(Aucun �l�ment malicieux detect�)

Cl�s du Registre: 2
PUP.Optional.HealthAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WqMIBdF, Mis en quarantaine, [20f4251ea0ea39fd46f8857b6b977a86],
PUP.Optional.Booster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{8df1bcd0}, Mis en quarantaine, [69ab5ce7404a5fd7b17d468aef14dd23],

Valeurs du Registre: 0
(Aucun �l�ment malicieux detect�)

Donn�es du Registre: 9
PUM.Hijack.StartMenu, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowHelp, 0, Bon: (1), Mauvais: (0),Remplac�,[f91b083ba1e9b77f540fac30bd48e21e]
PUM.Hijack.StartMenu, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowRun, 0, Bon: (1), Mauvais: (0),Remplac�,[5eb6c3806e1c9e98273fd50727dec739]
PUM.Hijack.Help, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp, 1, Bon: (0), Mauvais: (1),Remplac�,[9b7968db5832063055c06b703bcaf30d]
PUM.Hijack.StartMenu, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowHelp, 0, Bon: (1), Mauvais: (0),Remplac�,[2ce8af94f397b0869dc694482bda58a8]
PUM.Hijack.StartMenu, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowRun, 0, Bon: (1), Mauvais: (0),Remplac�,[e82c291a1e6c77bf5a0c26b6e61f748c]
PUM.Hijack.Help, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp, 1, Bon: (0), Mauvais: (1),Remplac�,[868e71d21b6f68ce1203cc0ff2132dd3]
PUM.Hijack.StartMenu, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowHelp, 0, Bon: (1), Mauvais: (0),Remplac�,[eb298cb73e4c78bee380538923e2b34d]
PUM.Hijack.StartMenu, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowRun, 0, Bon: (1), Mauvais: (0),Remplac�,[ce46fe45bbcfae889bcb11cbde2748b8]
PUM.Hijack.Help, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp, 1, Bon: (0), Mauvais: (1),Remplac�,[1ff59fa4b5d559dd4bca28b320e58a76]

Dossiers: 4
PUP.Optional.HealthAlert.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\HealthAlert, Mis en quarantaine, [888c142f9eec45f1e32ff8c225dec838],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\Service, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],

Fichiers: 15
PUP.Optional.HealthAlert.A, C:\Documents and Settings\All Users\Application Data\vNeTSFECXgN\WqMIBdF.exe, Supprim�-au-red�marrage, [20f4251ea0ea39fd46f8857b6b977a86],
PUP.Optional.HealthAlert.A, C:\Documents and Settings\All Users\Application Data\vNeTSFECXgN\dat\bjiShUck.exe, Supprim�-au-red�marrage, [8b896bd8ccbe2f07ee50936dba480cf4],
Adware.Clicker, C:\Program Files\Unlocker\eBay_shortcuts_1016.exe, Mis en quarantaine, [bc58f74c800a83b31fcca4d1f30fbc44],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\Uninstall.exe, Mis en quarantaine, [6aaa1b286426f04613dd24f034ceaf51],
PUP.Optional.WordProser.A, C:\WINDOWS\system32\drivers\wpnfd_1_10_0_9.sys, Mis en quarantaine, [53c1a99a701a9d99b44669aaec1afa06],
PUP.Optional.HealthAlert.A, C:\Documents and Settings\Administrateur\Local Settings\Application Data\HealthAlert\data2.dat, Mis en quarantaine, [888c142f9eec45f1e32ff8c225dec838],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\terms-of-service.rtf, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\buildcrx-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\Info-ZIP-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\JSON-simple-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\nsJSON-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\Nustache-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\TaskScheduler-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\3rd Party Licenses\UAC-license.txt, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],
PUP.Optional.WordProser.A, C:\Program Files\WordProser_1.10.0.9\Service\wpsvc.exe, Mis en quarantaine, [34e0063df6942313dec4deb4d330ce32],

Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité