cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 09/04/2015
Heure de l'examen: 20:13:17
Fichier journal: rapport malwarebytse.txt
Administrateur: Oui

Version: 2.01.4.1018
Base de donn�es Malveillants: v2015.04.09.06
Base de donn�es Rootkits: v2015.03.31.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: corentin

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 350930
Temps �coul�: 25 min, 58 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 2
Trojan.Agent.SPV, C:\Users\corentin\AppData\Roaming\wjh1nWK7GVq5LgDV\RAOAbV8m5mCK.exe, 3348, Supprim�-au-red�marrage, [a1e9dd8dd8b268ce59c993b236cc41bf]
Trojan.Agent.SPV, C:\Users\corentin\AppData\Roaming\wjh1nWK7GVq5LgDV\RAOAbV8m5mCK.exe, 3308, Supprim�-au-red�marrage, [a1e9dd8dd8b268ce59c993b236cc41bf]

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 19
PUP.Optional.Multiplug, HKU\S-1-5-21-4258198708-1539581375-631302309-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, Mis en quarantaine, [701a412984062016f0343bfc53b0d927],
PUP.Optional.Multiplug, HKU\S-1-5-21-4258198708-1539581375-631302309-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, Mis en quarantaine, [701a412984062016f0343bfc53b0d927],
PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar-nv-ie, Mis en quarantaine, [19712248692158de2ec9e7e0a55e0000],
PUP.Optional.SensePlus.A, HKLM\SOFTWARE\WOW6432NODE\SensePlus-nv, Mis en quarantaine, [0387fa706c1e0e28b6cdecd6748f3cc4],
PUP.Optional.SensePlus.A, HKLM\SOFTWARE\WOW6432NODE\SensePlus-nv-ie, Mis en quarantaine, [8ffb690152384de9c2c1d4ee4db66f91],
PUP.Optional.SmartSaver.A, HKLM\SOFTWARE\WOW6432NODE\SmartSaver+ 15-nv, Mis en quarantaine, [39515e0c4941c571bf1925e1d43001ff],
PUP.Optional.SmartSaver.A, HKLM\SOFTWARE\WOW6432NODE\SmartSaver+ 15-nv-ie, Mis en quarantaine, [0684402ab9d172c4bf1922e4bd472fd1],
PUP.Optional.iWebar.A, HKU\S-1-5-18\SOFTWARE\iWebar-nv, Mis en quarantaine, [5d2d72f80f7b88aed424ecdb679c0ff1],
PUP.Optional.iWebar.A, HKU\S-1-5-18\SOFTWARE\iWebar-nv-ie, Mis en quarantaine, [94f6ee7c1d6ddb5ba256d4f38d760000],
PUP.Optional.SensePlus.A, HKU\S-1-5-18\SOFTWARE\SensePlus-nv, Mis en quarantaine, [8efc3e2cccbe350134509d25f1122fd1],
PUP.Optional.SensePlus.A, HKU\S-1-5-18\SOFTWARE\SensePlus-nv-ie, Mis en quarantaine, [fc8ee585bbcf4ceae4a09032a95a669a],
PUP.Optional.SmartSaver.A, HKU\S-1-5-18\SOFTWARE\SmartSaver+ 15-nv, Mis en quarantaine, [cfbb1d4d7e0c7fb79146f412d232b44c],
PUP.Optional.SmartSaver.A, HKU\S-1-5-18\SOFTWARE\SmartSaver+ 15-nv-ie, Mis en quarantaine, [6d1d125828621224993e8a7c9f654cb4],
Malware.Trace, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\DC3_FEXEC, Mis en quarantaine, [13779eccb8d2ca6c72c3812ea361a25e],
PUP.Optional.iWebar.A, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\iWebar-nv-ie, Mis en quarantaine, [fb8ffb6f137742f4ed0bfbccb84bc838],
PUP.Optional.SensePlus.A, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\SensePlus-nv, Mis en quarantaine, [7416303a8bff5fd7176d487a18eb7e82],
PUP.Optional.SensePlus.A, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\SensePlus-nv-ie, Mis en quarantaine, [8ffbb7b3b0da1422c7bdb80a07fcd927],
PUP.Optional.SmartSaver.A, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\SmartSaver+ 15-nv, Mis en quarantaine, [62288cde800a310500d7c046719356aa],
PUP.Optional.SmartSaver.A, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\SmartSaver+ 15-nv-ie, Mis en quarantaine, [464483e7e1a9171f06d151b532d2b749],

Valeurs du Registre: 1
Hijack.ShellA.Gen, HKU\S-1-5-21-4258198708-1539581375-631302309-1000\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell, "C:\Users\corentin\AppData\Roaming\wjh1nWK7GVq5LgDV\RAOAbV8m5mCK.exe",explorer.exe, Mis en quarantaine, [f3970e5c4446ba7cec02c402eb18966a]

Donn�es du Registre: 0
(Aucun �l�ment malicieux d�tect�)

Dossiers: 1
Stolen.Data, C:\Users\corentin\AppData\Roaming\dclogs, Mis en quarantaine, [cac03b2f46442d09834aa439e81cc33d],

Fichiers: 6
Trojan.Agent.SPV, C:\Users\corentin\AppData\Roaming\wjh1nWK7GVq5LgDV\RAOAbV8m5mCK.exe, Supprim�-au-red�marrage, [a1e9dd8dd8b268ce59c993b236cc41bf],
PUP.Optional.Multiplug, C:\Users\corentin\AppData\Local\Temp\2C20\temp\Panda Express! - Don.exe, Mis en quarantaine, [701a412984062016f0343bfc53b0d927],
Trojan.Agent.SPV, C:\Users\corentin\Downloads\code dofus.com, Mis en quarantaine, [e3a76efcf991d4625ec4df66946eaa56],
Stolen.Data, C:\Users\corentin\AppData\Roaming\dclogs\2015-02-17-3.dc, Mis en quarantaine, [cac03b2f46442d09834aa439e81cc33d],
Stolen.Data, C:\Users\corentin\AppData\Roaming\dclogs\2015-02-18-4.dc, Mis en quarantaine, [cac03b2f46442d09834aa439e81cc33d],
Stolen.Data, C:\Users\corentin\AppData\Roaming\dclogs\2015-02-19-5.dc, Mis en quarantaine, [cac03b2f46442d09834aa439e81cc33d],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité