cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 29/05/2015
Heure de l'examen: 14:47:35
Fichier journal: Rapport avant examen.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de donn�es Malveillants: v2015.05.29.03
Base de donn�es Rootkits: v2015.05.24.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: JessyCh

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 344358
Temps �coul�: 21 min, 25 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: Activ�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux d�tect�)

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 11
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Mis en quarantaine, [ea7d9207147665d1a6d0badf9271f808],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Mis en quarantaine, [ea7d9207147665d1a6d0badf9271f808],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Mis en quarantaine, [ea7d9207147665d1a6d0badf9271f808],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [bea9abeee8a22313591138afe61d768a],
PUP.Optional.EduApp.A, HKLM\SOFTWARE\WOW6432NODE\Edu App, Mis en quarantaine, [8add2d6c0783a096c941a24223e00af6],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [95d247529befdf572a67974bfa0922de],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [79ee7920e8a231053238d7106f945da3],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{23cb3056}, Mis en quarantaine, [c1a61d7ce0aaf541dedd0972be47659b],
PUP.Optional.SuperClick.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\scfd_1_10_0_16, Mis en quarantaine, [75f23663a7e3b77fb35c4f2c768f6f91],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Mis en quarantaine, [e97e8316a4e66cca5bc9a0d825e049b7],
PUP.Optional.Dregol.A, HKU\S-1-5-21-3257673348-2816036121-1438904280-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [d98eaeeb721863d39ccfd512ba493fc1],

Valeurs du Registre: 1
PUP.Optional.Dregol.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Run_Dregol\\, Mis en quarantaine, [4423a6f3b3d7f244dea6d50d2dd68f71]

Donn�es du Registre: 1
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~3\{3048D~1\1172~1.1\rati.dll , Bon: (), Mauvais: (C:\PROGRA~3\{3048D~1\1172~1.1\rati.dll),Remplac�,[521512876327191d5c33fa82a85d8a76]

Dossiers: 8
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Mis en quarantaine, [3a2d97026c1e989e4782e2016f94c53b],
PUP.Optional.MultiPlug.Gen, C:\Users\JessyCh\AppData\Roaming\00000011-1432676924-0000-0000-10C37BB6C1D3, Mis en quarantaine, [1e4913866e1cae88dd0dacc8ba4bcd33],
PUP.Optional.MultiPlug.Gen, C:\Users\JessyCh\AppData\Roaming\00000011-1432677036-0000-0000-10C37BB6C1D3, Mis en quarantaine, [c0a76534bcce3ff7ffeb1f5540c58e72],
PUP.Optional.Amonetize.A, C:\ProgramData\Croeaefit\1.0.1.0, Mis en quarantaine, [a9be49501f6b3600b357f28a20e52bd5],
PUP.Optional.Amonetize.A, C:\ProgramData\Croeaefit, Mis en quarantaine, [a9be49501f6b3600b357f28a20e52bd5],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
Rogue.Multiple, C:\ProgramData\374311380, Mis en quarantaine, [5512f8a1e4a6b18589644f4fad565fa1],

Fichiers: 32
PUP.Optional.Infonaut.A, C:\WINDOWS\SYSTEM32\drivers\innfd_1_10_0_14.sys, Supprim�-au-red�marrage, [9a3a331881a112551748860edd857a26],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\MWKlgBnSUL\dat\uhHHGaxzucK.exe, Mis en quarantaine, [1750ff9ac5c5181e3c3b41f27e84669a],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\MWKlgBnSUL\dat\yEBFyZBKC.dll, Mis en quarantaine, [f275afea5634251187470a0c8383a759],
PUP.Optional.CrossRider.A, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\1b55f14c-e369-45fe-a152-4eb0c6c7954e\810d6ec9-be00-4ebb-9074-75c052ddbd92.dll, Mis en quarantaine, [94d3d8c1a8e29b9b69666109b5519070],
PUP.Optional.Nova.A, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\1b55f14c-e369-45fe-a152-4eb0c6c7954e\b98f11f6-fe5a-4302-82f3-adf5a04d886c.dll, Mis en quarantaine, [00672c6d6b1fdb5b239172a136ccc63a],
PUP.Optional.Nova.A, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\8eb6b49d-3c54-4bc8-9a37-e9d20ec0bba8\320a0ae6-5768-45f0-9532-13b5bbbbf25b.dll, Mis en quarantaine, [1a4dd3c6deac3bfb6153b65de02236ca],
PUP.Optional.Nova.A, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\8eb6b49d-3c54-4bc8-9a37-e9d20ec0bba8\469b1b67-3a2a-44f7-8bdf-277c0aecff7d.dll, Mis en quarantaine, [9acd6633305a94a2753f0013649e966a],
PUP.Optional.CrossRider.A, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\8eb6b49d-3c54-4bc8-9a37-e9d20ec0bba8\47d6b683-afb6-4e35-a035-19c22f494b9a.dll, Mis en quarantaine, [d592adec2367a4925679afbb15f1ed13],
PUP.Optional.CrossRider.A, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\8eb6b49d-3c54-4bc8-9a37-e9d20ec0bba8\8eb6b49d-3c54-4bc8-9a37-e9d20ec0bba8.dll, Mis en quarantaine, [3e291386d7b3f640e9e6373316f046ba],
PUP.Optional.MultiPlug.Uns, C:\Users\JessyCh\AppData\Roaming\ZHP\Quarantine\LizardSales\LizardSales.exe, Mis en quarantaine, [32358316cdbdc472d099282de22133cd],
PUP.Optional.InstallCore, C:\Users\JessyCh\Downloads\36.0.1985.143_chrome_installer.exe, Mis en quarantaine, [8cdb5d3ce5a5eb4bdad11fdafd085ba5],
PUP.Optional.InstallCore, C:\Users\JessyCh\Downloads\uTorrent.exe, Mis en quarantaine, [74f3fd9c9ceef73f5259ab4e5ca952ae],
PUP.Optional.Multiplug, C:\Users\JessyCh\Downloads\flashflayer.exe, Mis en quarantaine, [b2b50d8c692188ae4f21ba2222df10f0],
PUP.Optional.DomaIQ, C:\Users\JessyCh\Downloads\New_Player (1).exe, Mis en quarantaine, [c7a0fe9b25651a1c26f259fc9d636f91],
PUP.Optional.DomaIQ, C:\Users\JessyCh\Downloads\New_Player.exe, Mis en quarantaine, [ec7bbedb1b6f092d25e393c114ecb749],
PUP.Optional.AnyProtect, C:\Users\JessyCh\AppData\Local\nsr70BA.tmp, Mis en quarantaine, [e08768311476b482e3a24a0e2cd734cc],
PUP.Optional.Dregol.C, C:\Users\JessyCh\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Mis en quarantaine, [63047821c5c556e02e4cda08c53e9868],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Mis en quarantaine, [3a2d97026c1e989e4782e2016f94c53b],
PUP.Optional.MultiPlug.Gen, C:\Users\JessyCh\AppData\Roaming\00000011-1432676924-0000-0000-10C37BB6C1D3\vnswBD73.tmp, Mis en quarantaine, [1e4913866e1cae88dd0dacc8ba4bcd33],
PUP.Optional.MultiPlug.Gen, C:\Users\JessyCh\AppData\Roaming\00000011-1432676924-0000-0000-10C37BB6C1D3\Uninstall.exe, Mis en quarantaine, [1e4913866e1cae88dd0dacc8ba4bcd33],
PUP.Optional.MultiPlug.Gen, C:\Users\JessyCh\AppData\Roaming\00000011-1432677036-0000-0000-10C37BB6C1D3\vnsi7285.tmp, Mis en quarantaine, [c0a76534bcce3ff7ffeb1f5540c58e72],
PUP.Optional.MultiPlug.Gen, C:\Users\JessyCh\AppData\Roaming\00000011-1432677036-0000-0000-10C37BB6C1D3\Uninstall.exe, Mis en quarantaine, [c0a76534bcce3ff7ffeb1f5540c58e72],
PUP.Optional.Amonetize.A, C:\ProgramData\Croeaefit\1.0.1.0\nluciema.exe.config, Mis en quarantaine, [a9be49501f6b3600b357f28a20e52bd5],
PUP.Optional.Amonetize.A, C:\ProgramData\Croeaefit\1.0.1.0\sqlite3.dll, Mis en quarantaine, [a9be49501f6b3600b357f28a20e52bd5],
PUP.Optional.Amonetize.A, C:\ProgramData\Croeaefit\dat.dat, Mis en quarantaine, [a9be49501f6b3600b357f28a20e52bd5],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\Sqlite3.dll, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\dExtent, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\extent, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\fiber.js, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\hdat1, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\hdat2, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],
PUP.Optional.Amonetize.A, C:\ProgramData\{3048D88B-60CA-090D-D14C-798F01CEAA01}\1.17.2.1\rati.dll, Mis en quarantaine, [521512876327191d5c33fa82a85d8a76],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité