cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 27/05/2015
Heure de l'examen: 09:36:19
Fichier journal: malwarebytes.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de donn�es Malveillants: v2015.05.27.01
Base de donn�es Rootkits: v2015.05.24.01
Licence: Essai
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: matteo

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 400678
Temps �coul�: 8 min, 7 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux d�tect�)

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 2
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [a9f4d4c42b5ffb3b7e73b926cb38d32d],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{23cb3056}, Mis en quarantaine, [bae30e8acbbfbc7a04195821a0654db3],

Valeurs du Registre: 3
PUP.Optional.Taplika.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Taplika\\, Mis en quarantaine, [8617b4e4810995a116cfa639ae55649c]
PUP.Optional.MobilePCStarterKit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mpck_fr_21, Mis en quarantaine, [3c612f69ff8b989e3cde4ba28c77827e],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_fr_562, Mis en quarantaine, [d0cdfa9e97f3b28457f13bb97291f10f],

Donn�es du Registre: 0
(Aucun �l�ment malicieux d�tect�)

Dossiers: 7
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Mis en quarantaine, [bbe232665832fa3c57d2cf1253b0ce32],
PUP.Optional.MultiPlug.A, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233, Mis en quarantaine, [35689efaaedcf046d06f3939fa0bb749],
PUP.Optional.MultiPlug.A, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi, Mis en quarantaine, [35689efaaedcf046d06f3939fa0bb749],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233, Mis en quarantaine, [28750b8dd2b80135ec534929e91c9070],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi, Mis en quarantaine, [28750b8dd2b80135ec534929e91c9070],
PUP.Optional.Amonetize.A, C:\ProgramData\Oruifjriomhet\1.0.1.0, Mis en quarantaine, [54496a2ea1e93cfa836d06737d8812ee],
PUP.Optional.Amonetize.A, C:\ProgramData\Oruifjriomhet, Mis en quarantaine, [54496a2ea1e93cfa836d06737d8812ee],

Fichiers: 35
PUP.Optional.SmartWeb.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\SmartWebApp.exe, Mis en quarantaine, [1b82d0c861290d2903a128dcf210db25],
PUP.Optional.SmartWeb.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\swhk.dll, Mis en quarantaine, [5746b8e03a506dc9297ba85c758df907],
PUP.Optional.Tuto4PC.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\upgmsd_fr_571.exe, Mis en quarantaine, [99042c6ca7e33bfb716bdf872bdb28d8],
PUP.Optional.SmartWeb.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\SmartWebHelper.exe, Mis en quarantaine, [bedf34647a1095a1b5efc2428b778b75],
PUP.Optional.Tuto4PC.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\gmsd_fr_571.DIR\upgmsd_fr_571.exe, Mis en quarantaine, [3e5fd5c325651e1857853f277c8abb45],
PUP.Optional.SmartWeb.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\SmartWebApp.exe, Mis en quarantaine, [7a23eeaa68229c9a1f851de715edf010],
PUP.Optional.SmartWeb.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\SmartWebHelper.exe, Mis en quarantaine, [7e1f366253373df91d879074df237888],
PUP.Optional.SmartWeb.A, C:\Users\matteo\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\swhk.dll, Mis en quarantaine, [7e1ffb9db8d23204b7ed3fc5af5342be],
PUP.Optional.AnyProtect, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$RWZYGFY.tmp, Mis en quarantaine, [9607d1c7a8e2d363b2d3aaac11f21de3],
PUP.Optional.CheckOffer, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R4NH7UD.tmp\nsCBHTML5.dll, Mis en quarantaine, [7c21c8d09febee485e3bdd843fc3fc04],
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R6D8YJK\cc4649a3-33c6-4dd1-937c-f504c4ae05b3.dll, Mis en quarantaine, [55482f69ddada88eafa6f077f2144cb4],
PUP.Optional.Nova.A, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R6D8YJK\db4f42ef-da33-48e4-bf66-40358bcd29e0.dll, Mis en quarantaine, [ff9e8513701ab680173029eaa85a18e8],
PUP.Optional.EORezo, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R9UN0G1\gamesdesktop_widget.exe, Mis en quarantaine, [a2fb7e1ad8b23bfb2cc01650eb1b3ac6],
PUP.Optional.Tuto4PC.A, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R9UN0G1\gmsd_fr_571.exe, Mis en quarantaine, [eeaf494fe5a54cea2bb168fe6d998878],
PUP.Optional.Tuto4PC.A, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R9UN0G1\predm.exe, Mis en quarantaine, [6934afe96129d660726a3630f214768a],
PUP.Optional.EORezo, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$R9UN0G1\unins000.exe, Mis en quarantaine, [afee890ff397fc3a8c60244211f528d8],
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$RCNUFLR\1d40f3fa-3208-4d5c-947b-a155d6d616d3.dll, Mis en quarantaine, [8b126038a4e639fd5302cc9b14f2de22],
PUP.Optional.Nova.A, C:\$Recycle.Bin\S-1-5-21-1077702981-61500757-984125282-1002\$RCNUFLR\9bf54f19-e03c-4afe-9380-d5bfcbc4490c.dll, Mis en quarantaine, [bde0dcbcd3b74beb9aad92816d95b54b],
PUP.Optional.AnyProtect, C:\Users\matteo\AppData\Local\nscE8D3.tmp, Mis en quarantaine, [603df6a22f5bca6c6a1b1442719247b9],
PUP.Optional.AnyProtect, C:\Users\matteo\AppData\Local\nseD609.tmp, Mis en quarantaine, [68352573f892bb7bd2b385d19d661ae6],
PUP.Optional.Taplika.C, C:\Users\matteo\AppData\LocalLow\Microsoft\Internet Explorer\Services\WSE_Taplika.ico, Mis en quarantaine, [b7e6c3d5751548ee0ecb627d4ab939c7],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Mis en quarantaine, [bbe232665832fa3c57d2cf1253b0ce32],
PUP.Optional.SelectNGo.A, C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, Mis en quarantaine, [b2eb6d2be9a166d01ecbf124d92baf51],
PUP.Optional.SelectNGo.A, C:\Users\matteo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, Mis en quarantaine, [bce15f39a2e8df57d41554c1de2654ac],
PUP.Optional.MultiPlug.A, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\lsdb.js, Mis en quarantaine, [35689efaaedcf046d06f3939fa0bb749],
PUP.Optional.MultiPlug.A, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\background.html, Mis en quarantaine, [35689efaaedcf046d06f3939fa0bb749],
PUP.Optional.MultiPlug.A, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\content.js, Mis en quarantaine, [35689efaaedcf046d06f3939fa0bb749],
PUP.Optional.MultiPlug.A, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\manifest.json, Mis en quarantaine, [35689efaaedcf046d06f3939fa0bb749],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\lsdb.js, Mis en quarantaine, [28750b8dd2b80135ec534929e91c9070],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\background.html, Mis en quarantaine, [28750b8dd2b80135ec534929e91c9070],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\content.js, Mis en quarantaine, [28750b8dd2b80135ec534929e91c9070],
PUP.Optional.MultiPlug.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclekbbjgpehabpidkpgnnjmohldmedi\233\manifest.json, Mis en quarantaine, [28750b8dd2b80135ec534929e91c9070],
PUP.Optional.Amonetize.A, C:\ProgramData\Oruifjriomhet\1.0.1.0\esuliusi.exe.config, Mis en quarantaine, [54496a2ea1e93cfa836d06737d8812ee],
PUP.Optional.Amonetize.A, C:\ProgramData\Oruifjriomhet\1.0.1.0\sqlite3.dll, Mis en quarantaine, [54496a2ea1e93cfa836d06737d8812ee],
PUP.Optional.Amonetize.A, C:\ProgramData\Oruifjriomhet\dat.dat, Mis en quarantaine, [54496a2ea1e93cfa836d06737d8812ee],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité