cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 23/04/2015
Heure de l'examen: 11:33:36
Fichier journal: Malwarebytes.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de donn�es Malveillants: v2015.04.23.02
Base de donn�es Rootkits: v2015.04.21.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Luyen

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 365918
Temps �coul�: 24 min, 7 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux d�tect�)

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 2
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-3716498132-3192850979-1810399532-1001\SOFTWARE\savevidmoviestoolbar, Mis en quarantaine, [ed11f67996f4e74f8884838ff80ca65a],
PUP.Optional.Linkey.A, HKU\S-1-5-21-3716498132-3192850979-1810399532-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Mis en quarantaine, [748a6708aae0280e4956ac1c56adf808],

Valeurs du Registre: 2
PUP.Optional.QuickSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_searchff@gmail.com, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\quick_searchff@gmail.com, Mis en quarantaine, [67978be42d5d7bbb1e190ab8946f669a]
PUP.Optional.SweetSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|sweetsearch@gmail.com, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com, Mis en quarantaine, [1ee0165968229f976bcda12145be09f7]

Donn�es du Registre: 6
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}),Remplac�,[cb33511e9eec80b6f0d13ec749bd3bc5]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}),Remplac�,[de20066997f312248f32848132d4ab55]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}),Remplac�,[05f9145b9cee58de408192732ed83ec2]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}),Remplac�,[e7172f40e8a2ae88a31efb0a2dd916ea]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-3716498132-3192850979-1810399532-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}),Remplac�,[1ee0dc9337532e089b23a56026e0c838]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-3716498132-3192850979-1810399532-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://www.sweet-page.com/web/?type=ds&ts=1406660233&from=cor&uid=HitachiXHTS725050A9A364_100719PCK404VLJSBB1JX&q={searchTerms}),Remplac�,[a658571828620b2b6658a065b94da55b]

Dossiers: 6
PUP.Optional.MoviesToolBar.A, C:\Users\Luyen\AppData\LocalLow\savevidmoviestoolbar, Mis en quarantaine, [2cd228477515bb7baa74930b58ab7789],
PUP.Optional.DataMngr.A, C:\ProgramData\Datamngr, Mis en quarantaine, [37c7452a4743063023858134de2514ec],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome\content, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome\skin, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],

Fichiers: 15
PUP.Optional.BrowserWatch, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\BrowerWatchCH.dll, Mis en quarantaine, [9e60412e7713e25446750f60679918e8],
PUP.Optional.BrowserWatch, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\BrowerWatchFF.dll, Mis en quarantaine, [b945125d107afd390ab1b5ba2ed2fd03],
PUP.Optional.SearchProtect, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\BrowserAction.dll, Mis en quarantaine, [49b558176b1fad89b3402e145da5eb15],
PUP.Optional.ELEX, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\HPNotify.exe, Mis en quarantaine, [916dd09fddaded49bfb2ac87649e40c0],
PUP.Optional.XTab.A, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\ProtectService.exe, Mis en quarantaine, [cf2f6e01fe8c05315737b85ae02213ed],
PUP.Optional.SupTab.A, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\SupTab.dll, Mis en quarantaine, [d32b99d6335720167e11b483fc045ea2],
PUP.Optional.SilentInstall.A, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\uninstall.exe, Mis en quarantaine, [05f9046b9febfa3c79a4a09aa75a7c84],
PUP.Optional.SearchProtect, C:\Users\Luyen\AppData\Roaming\ZHP\Quarantine\IeWatchDog.dll, Mis en quarantaine, [eb13d699cebc58de1c60f50145c0c838],
PUP.Optional.InstallCore, C:\Users\Luyen\Downloads\FlashPlayer_11.3.exe, Mis en quarantaine, [d32badc28dfdc670ac787b58cf36a55b],
PUP.Optional.WebsSearches.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\searchplugins\webssearches.xml, Mis en quarantaine, [06f8610eb2d8b3831957d72e39cb758b],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome.manifest, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\install.rdf, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome\content\toolbar.js, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome\content\toolbar.xul, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],
PUP.Optional.SweetSearch.A, C:\Users\Luyen\AppData\Roaming\Mozilla\Firefox\Profiles\cdpmhm3b.default-1375778121130\extensions\sweetsearch@gmail.com\chrome\skin\icon.png, Mis en quarantaine, [51ad93dc90fadf570304675aa45f56aa],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité