cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 29/05/2015
Heure de l'examen: 18:58:22
Fichier journal: Malwarebytes Anti-Malware.l 5.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de donn�es Malveillants: v2015.04.05.02
Base de donn�es Rootkits: v2015.05.24.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Rémy

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 355624
Temps �coul�: 46 min, 16 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 1
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\sYFeYVnKySQ\RDVEIiP.exe, 1344, Supprim�-au-red�marrage, [e21437313258979faf7bcb64ba481ae6]

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 6
PUP.Optional.BreakingNewsAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RDVEIiP, Mis en quarantaine, [e21437313258979faf7bcb64ba481ae6],
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, Mis en quarantaine, [4aacf375602a9f97d98e7de3bf45659b],
Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, Mis en quarantaine, [4aacf375602a9f97d98e7de3bf45659b],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [51a5aebaa2e8e25415444871e320e51b],
PUP.Optional.Dregol.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [29cd0068761457dff960fdbc21e2c739],
PUP.Optional.Dregol.A, HKU\S-1-5-21-3461938316-2930428196-649399991-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihokndmjeombjojnfkmapfnjeghjohim, Mis en quarantaine, [3bbbe187dab08da9d5855564c340827e],

Valeurs du Registre: 0
(Aucun �l�ment malicieux d�tect�)

Donn�es du Registre: 1
Broken.OpenCommand, HKCR\regfile\shell\open\command, "regedit.exe" "Bon: (regedit.exe "Mauvais: ("regedit.exe" "%1"),Remplac�,[ffffffffffffffffffffffffffffffff]")", %4, %5

Dossiers: 6
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Mis en quarantaine, [fbfb6bfd91f992a4b2709d184ab98c74],
PUP.Optional.MultiPlug.A, C:\Users\Rémy\AppData\Roaming\32444335-1432133501-3132-4E38-80C16E5109EB, Mis en quarantaine, [e4121e4adeac59dd86a8516447bc48b8],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.19695, Mis en quarantaine, [24d2ee7a35554aeca29debac7e856b95],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.244013, Mis en quarantaine, [5b9b28402c5eef4760df940310f311ef],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.421213, Mis en quarantaine, [d81ed6920c7ee4523f00791e04fff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.431615, Mis en quarantaine, [35c12543bbcfeb4b0738edaadc2741bf],

Fichiers: 36
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\sYFeYVnKySQ\RDVEIiP.exe, Supprim�-au-red�marrage, [e21437313258979faf7bcb64ba481ae6],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\sYFeYVnKySQ\dat\pnzxuvqQeMV.exe, Supprim�-au-red�marrage, [26d0c7a116744de9bd6dac8318ea17e9],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\sYFeYVnKySQ\dat\rlbfmq.dll, Supprim�-au-red�marrage, [728487e1ddad9c9a23bf786de2237d83],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\sYFeYVnKySQ\dat\UShVpODHg.exe, Supprim�-au-red�marrage, [02f4adbb2f5b75c1ef3b53dcf70b7c84],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Roaming\ZHP\Quarantine\51pbe3vUZTw8.exe, Mis en quarantaine, [c63071f7701afe38898eb99eae52a35d],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Roaming\ZHP\Quarantine\8fbGooYYDyYxdYP4YmIq36OfQ.exe, Mis en quarantaine, [bd39a3c52c5e320432e51146ef1103fd],
PUP.Optional.JellySplit.Gen.A, C:\Users\Rémy\AppData\Roaming\ZHP\Quarantine\f750b025f568439c8b31ca354d0531a9.exe, Mis en quarantaine, [3bbb5e0a9af0ca6ce4d766d008fa47b9],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Roaming\ZHP\Quarantine\Mn5dQM1CV28TFTIOcBtShD2S1t.exe, Mis en quarantaine, [876f7fe9abdf0d290c0b6bece61ae51b],
PUP.Optional.XTab.A, C:\Users\Rémy\AppData\Roaming\ZHP\Quarantine\ProtectService.exe, Mis en quarantaine, [688e076162285fd78d00fe14877bb14f],
PUP.Optional.IStartSurf.A, C:\Users\Rémy\AppData\Roaming\ZHP\Quarantine\smt_istartsurf.exe, Mis en quarantaine, [4aac6ff9701a84b226d833fe47bf2ed2],
RiskWare.Tool.CK, C:\Program Files (x86)\ASIO4ALL v2\fruityloops.studio.producer.edition.xxl.v8.0.0.exe, Mis en quarantaine, [3bbb2642e3a7b482ff5127590cf447b9],
RiskWare.Tool.CK, C:\Program Files (x86)\Image-Line\fruityloops.studio.producer.edition.xxl.v8.0.0.exe, Mis en quarantaine, [da1c640403870d29420eb2cefa060af6],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Local\Temp\28571.exe, Mis en quarantaine, [ca2cc6a2e1a969cd3d71f7337393a55b],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Local\Temp\3900.exe, Mis en quarantaine, [9b5b4820cac0e551e0ce1c0e1ee86e92],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Local\Temp\426.exe, Mis en quarantaine, [49ad73f5701a77bf6b4384a641c59e62],
PUP.Optional.GoHD.A, C:\Users\Rémy\AppData\Local\Temp\4658.exe, Mis en quarantaine, [80765a0e8703d95df9a61db504fdf10f],
PUP.Optional.CrossRider.A, C:\Users\Rémy\AppData\Local\Temp\4970.exe, Mis en quarantaine, [6294fb6d8bff43f3b6f868c2f610af51],
PUP.Optional.Somoto.SID.A, C:\Users\Rémy\AppData\Local\Temp\nsy5010.tmp, Mis en quarantaine, [b2440f5902889d9932309a98b15517e9],
PUP.Optional.OfferInstaller.C, C:\Users\Rémy\AppData\Local\Temp\besE04A.exe, Mis en quarantaine, [807669ffddad290db4909aa0f80afb05],
PUP.Optional.Somoto, C:\Users\Rémy\AppData\Local\Temp\bitool.dll, Mis en quarantaine, [6a8c65036e1c01351bddf9f2f0122ed2],
PUP.Optional.OfferInstaller.C, C:\Users\Rémy\AppData\Local\Temp\sdfC7DA.exe, Mis en quarantaine, [25d12d3b4d3deb4b073df644679be21e],
PUP.Optional.XTab.A, C:\Users\Rémy\AppData\Local\Temp\~ld6BBE\fgrs\tmp\XTab_Setup(2421).exe, Mis en quarantaine, [b34306622e5ce551cac329e921e1ec14],
PUP.Optional.MyStartSearch.A, C:\Users\Rémy\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe, Mis en quarantaine, [7d79abbd9af06cca465344eca85ee31d],
PUP.Optional.OfferInstaller.C, C:\Users\Rémy\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, Mis en quarantaine, [6e88c8a0197167cf88bc0f2b2ed4a25e],
PUP.Optional.OutBrowse, C:\Users\Rémy\AppData\Local\Temp\is-OJUNS.tmp\Outbrowse_Bundle.exe, Mis en quarantaine, [6195a7c173177abcb1636bba4db553ad],
PUP.Optional.Boxore.A, C:\Users\Rémy\AppData\Local\Temp\is-OJUNS.tmp\package_boxore_installer_multilang.exe, Mis en quarantaine, [a650e4846d1d67cfda72c2345da453ad],
PUP.Optional.OutBrowse, C:\Users\Rémy\AppData\Local\Temp\nsrEDD2.tmp\rbc.dll, Mis en quarantaine, [7581d692593190a6100461c41ce6ac54],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Mis en quarantaine, [fbfb6bfd91f992a4b2709d184ab98c74],
PUP.Optional.MultiPlug.A, C:\Users\Rémy\AppData\Roaming\32444335-1432133501-3132-4E38-80C16E5109EB\vnseB95D.tmp, Mis en quarantaine, [e4121e4adeac59dd86a8516447bc48b8],
PUP.Optional.MultiPlug.A, C:\Users\Rémy\AppData\Roaming\32444335-1432133501-3132-4E38-80C16E5109EB\Uninstall.exe, Mis en quarantaine, [e4121e4adeac59dd86a8516447bc48b8],
Trojan.Agent.KLFGen, C:\Users\Rémy\AppData\Local\Temp\cfcabfibcdg.exe, Mis en quarantaine, [ed09cb9dc3c762d4eb260ab627dccd33],
Trojan.Agent, C:\Users\Rémy\AppData\Local\Temp\iexplore.exe, Mis en quarantaine, [4aacf375602a9f97d98e7de3bf45659b],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.19695\globalupdateHelper.msi, Mis en quarantaine, [24d2ee7a35554aeca29debac7e856b95],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.244013\globalupdateHelper.msi, Mis en quarantaine, [5b9b28402c5eef4760df940310f311ef],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.421213\globalupdateHelper.msi, Mis en quarantaine, [d81ed6920c7ee4523f00791e04fff907],
PUP.Optional.GlobalUpdate.A, C:\Users\Rémy\AppData\Local\Temp\comh.431615\globalupdateHelper.msi, Mis en quarantaine, [35c12543bbcfeb4b0738edaadc2741bf],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité