cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 19/04/2015
Heure de l'examen: 17:38:04
Fichier journal: 1.txt
Administrateur: Oui

Version: 2.01.4.1018
Base de donn�es Malveillants: v2015.04.19.03
Base de donn�es Rootkits: v2015.03.31.01
Licence: Gratuit
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: anana_000

Type d'examen: Examen "Personnalis�"
R�sultat: Termin�
Objets analys�s: 781511
Temps �coul�: 4 h, 36 min, 26 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: Activ�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 2
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\nsc8931.tmp, 2232, Supprim�-au-red�marrage, [5e11115d870342f4d9d2351d8c7959a7]
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\jnsv7150.tmp, 2068, Supprim�-au-red�marrage, [5e11115d870342f4d9d2351d8c7959a7]

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 6
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\moguzyvy, Mis en quarantaine, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\kunekiko, Mis en quarantaine, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.Infonaut.A, HKLM\SOFTWARE\WOW6432NODE\Infonaut_1.10.0.14, Mis en quarantaine, [8ee18be3c7c363d3a7cbc7f808fb9868],
PUP.Optional.LuckSearches.A, HKLM\SOFTWARE\WOW6432NODE\luckysearchesSoftware, Mis en quarantaine, [38372a44305a14222d0b744f30d353ad],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, Mis en quarantaine, [8ce30e6091f939fd52586ce5be4745bb],
PUP.Optional.Infonaut.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\innfd_1_10_0_14, Mis en quarantaine, [fd72f07e94f677bf2a4607b84fb4ae52],

Valeurs du Registre: 4
PUP.Optional.QuickSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_searchff@gmail.com, C:\Users\anana_000\AppData\Roaming\Mozilla\Firefox\Profiles\q1ftokyn.default-1426442307437\extensions\quick_searchff@gmail.com, Mis en quarantaine, [d39c0b63dfab0e287f322995649f738d]
PUP.Optional.SweetSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|sweetsearch@gmail.com, C:\Users\anana_000\AppData\Roaming\Mozilla\Firefox\Profiles\q1ftokyn.default-1426442307437\extensions\sweetsearch@gmail.com, Mis en quarantaine, [1b541c521773082e8b27e4da659e837d]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\kunekiko|ImagePath, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\jnsv7150.tmp, Mis en quarantaine, [9bd4422c2e5cd85e56d4133ea75e44bc]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\moguzyvy|ImagePath, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\nsc8931.tmp, Mis en quarantaine, [056a8fdf2b5f7eb8be6b94bd8f765ea2]

Donn�es du Registre: 3
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{A00C5272-29A5-4C0D-AD4C-800FA8F67C31}|NameServer, 31.168.228.251,82.166.96.251, Bon: (), Mauvais: (31.168.228.251,82.166.96.251),Remplac�,[4926313d32587db94c50c043dc2ac838]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B8271A9D-DBE8-498F-BC2C-325980260D50}|NameServer, 31.168.228.251,82.166.96.251, Bon: (), Mauvais: (31.168.228.251,82.166.96.251),Remplac�,[c2adef7f286288aef5a7cf34af57619f]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{E41A4C11-FDBC-4DF3-BD25-B72B33247D4A}|NameServer, 31.168.228.251,82.166.96.251, Bon: (), Mauvais: (31.168.228.251,82.166.96.251),Remplac�,[402fef7f91f915218f0d1fe419edb54b]

Dossiers: 9
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Local\875A0FA0-1429295603-81E3-3FAA-202564D312C0, Mis en quarantaine, [f778d797dcae74c27333034fc83ded13],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0, Supprim�-au-red�marrage, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.CloudScout.A, C:\Program Files (x86)\CloudScout Parental Control, Mis en quarantaine, [8be43d3144463105e14e972544bfb54b],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\installer, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\language, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\logs, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\scan_results, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\swf, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],

Fichiers: 28
Trojan.Downloader, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\C2YVNDUI\count_vn[1].htm, Mis en quarantaine, [8de227476b1fb0862babe94a49ba33cd],
PUP.Optional.Bundle, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\DOHMT0UB\count_vc[1].htm, Mis en quarantaine, [f97636384e3ca88e3bd1b63b1ce912ee],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\DOHMT0UB\AnyProtect[1].exe, Mis en quarantaine, [422db8b64f3b4de9d885201b9f677090],
PUP.Optional.SkyTech.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\DOHMT0UB\1[1].zip, Mis en quarantaine, [abc4ee80256576c098fc6f9505fd20e0],
PUP.Optional.SkyTech.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\DOHMT0UB\1[2].zip, Mis en quarantaine, [f27d036bacdef83ec9cb699b0af82cd4],
PUP.Optional.IStartSurf.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\JI1KSGBY\face_istartsurf[1].exe, Mis en quarantaine, [47282a44e4a6da5c59e062d95caadd23],
PUP.Optional.StormWatch.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\JI1KSGBY\stormwatch2_0[1].exe, Mis en quarantaine, [72fdd49ad4b6d363304fa7b0808026da],
PUP.Optional.Infonaut.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\JI1KSGBY\infonaut-setup-1.10.0.14[1].exe, Mis en quarantaine, [2c436d0124664beb339e89b25bab7789],
PUP.Optional.StormWatch.A, C:\Users\anana_000\AppData\Local\Microsoft\Windows\INetCache\IE\PTCZM984\StormWatchSetup[1].exe, Mis en quarantaine, [8ce33b33f793f343156af06703fdaf51],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Local\875A0FA0-1429295603-81E3-3FAA-202564D312C0\onsbB749.tmp, Mis en quarantaine, [f778d797dcae74c27333034fc83ded13],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Local\875A0FA0-1429295603-81E3-3FAA-202564D312C0\pnslB824.exe, Mis en quarantaine, [f778d797dcae74c27333034fc83ded13],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Local\875A0FA0-1429295603-81E3-3FAA-202564D312C0\rnsbB748.exe, Mis en quarantaine, [f778d797dcae74c27333034fc83ded13],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Local\875A0FA0-1429295603-81E3-3FAA-202564D312C0\snsbB747.tmp, Mis en quarantaine, [f778d797dcae74c27333034fc83ded13],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Local\875A0FA0-1429295603-81E3-3FAA-202564D312C0\Uninstall.exe, Mis en quarantaine, [f778d797dcae74c27333034fc83ded13],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\nsc8931.tmp, Supprim�-au-red�marrage, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\jnsv7150.tmp, Supprim�-au-red�marrage, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\Uninstall.exe, Mis en quarantaine, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.MultiPlug.A, C:\Users\anana_000\AppData\Roaming\875A0FA0-1429288157-81E3-3FAA-202564D312C0\vnsxDCB7.tmp, Mis en quarantaine, [5e11115d870342f4d9d2351d8c7959a7],
PUP.Optional.CloudScout.A, C:\Program Files (x86)\CloudScout Parental Control\ConsoleApplication1.dll, Mis en quarantaine, [8be43d3144463105e14e972544bfb54b],
PUP.Optional.CloudScout.A, C:\Program Files (x86)\CloudScout Parental Control\settings.ini, Mis en quarantaine, [8be43d3144463105e14e972544bfb54b],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\installer\ab.test.json, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\installer\tempfile.t, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\language\de.xml, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\language\en.xml, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\language\fr.xml, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.quick.results, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.results, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],
PUP.Optional.AnyProtect.A, C:\Users\anana_000\AppData\Roaming\AnyProtectEx\swf\mov01.swf, Mis en quarantaine, [bcb3086694f6033398e714a88e75be42],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité