cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 03-06-15
Heure de l'examen: 15:07:49
Fichier journal: malwarebytes_rapport.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de donn�es Malveillants: v2015.06.03.02
Base de donn�es Rootkits: v2015.06.02.01
Licence: Gratuit
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Alain

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 388453
Temps �coul�: 32 min, 36 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 2
PUP.Optional.Core.A, C:\Windows\inp.exe, 1768, Supprim�-au-red�marrage, [5fef5066c0ca8caacb4baf72f214d12f]
PUP.Optional.Core.A, C:\Windows\minp.exe, 1872, Supprim�-au-red�marrage, [75d9249221691c1a898c5cc521e512ee]

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 29
PUP.Optional.Core.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\inp, Mis en quarantaine, [5fef5066c0ca8caacb4baf72f214d12f],
PUP.Optional.Core.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\minp, Mis en quarantaine, [75d9249221691c1a898c5cc521e512ee],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{77980a3c-fa45-4070-8bde-7e9af6d76228}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5fc664f1-35b0-4b59-88ef-6dbaf922a848}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F123A39C-3725-4D63-8FC5-D4D3B5BB8E6D}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F123A39C-3725-4D63-8FC5-D4D3B5BB8E6D}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F123A39C-3725-4D63-8FC5-D4D3B5BB8E6D}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5fc664f1-35b0-4b59-88ef-6dbaf922a848}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{5fc664f1-35b0-4b59-88ef-6dbaf922a848}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{77980A3C-FA45-4070-8BDE-7E9AF6D76228}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKU\S-1-5-21-752920955-754985551-3621172444-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{77980A3C-FA45-4070-8BDE-7E9AF6D76228}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.WebWaltz.A, HKU\S-1-5-21-752920955-754985551-3621172444-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{77980A3C-FA45-4070-8BDE-7E9AF6D76228}, Mis en quarantaine, [ee60595dcfbb58dee9abb5b1b251ac54],
PUP.Optional.Babylon.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Mis en quarantaine, [7dd141758901b48292b1d093bf4416ea],
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\CLASSES\iRobinHood.IEiRobinHoodAddon, Mis en quarantaine, [0747575ff397ab8bc83c7aec58ab817f],
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\CLASSES\iRobinHood.IEiRobinHoodAddon.1, Mis en quarantaine, [90be3c7a038739fd44c04c1a956e53ad],
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iRobinHood.IEiRobinHoodAddon, Mis en quarantaine, [90be3c7a038739fd44c04c1a956e53ad],
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\iRobinHood.IEiRobinHoodAddon.1, Mis en quarantaine, [90be3c7a038739fd44c04c1a956e53ad],
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\iRobinHood.IEiRobinHoodAddon, Mis en quarantaine, [90be3c7a038739fd44c04c1a956e53ad],
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\iRobinHood.IEiRobinHoodAddon.1, Mis en quarantaine, [90be3c7a038739fd44c04c1a956e53ad],
PUP.Optional.iRobinHood.A, HKLM\SOFTWARE\CLASSES\APPID\iRobinHood.DLL, Mis en quarantaine, [a6a87b3b4e3c3afc421632ec9c68c53b],
PUP.Optional.iRobinHood.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\iRobinHood.DLL, Mis en quarantaine, [3a1480363c4e3303aaae63bb35cfd828],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [2e20b8feb2d86ec8646f85fb2ed77f81],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [16387c3a1f6b23133fc36a7c49ba33cd],
PUP.Optional.iRobinHood.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\iRobinHood.DLL, Mis en quarantaine, [3816dadc09817eb8e375c35b907440c0],
PUP.Optional.iRobinHood.A, HKLM\SOFTWARE\WOW6432NODE\IROBINHOOD, Mis en quarantaine, [2925f2c4d7b3300692178996c242916f],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{4dd73181}, Mis en quarantaine, [3a1409ad8802999d23010778a461da26],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [fb538234553554e2dbf8bec247bed12f],
PUP.Optional.GoHD.A, HKU\S-1-5-18\SOFTWARE\GoHDV31.03-nv-ie, Mis en quarantaine, [8fbf4670187258deca14e20a2ed547b9],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Mis en quarantaine, [d27c8e289ceeda5cb4d95d1e29dc10f0],

Valeurs du Registre: 3
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [2e20b8feb2d86ec8646f85fb2ed77f81]
PUP.Optional.iRobinHood.A, HKLM\SOFTWARE\WOW6432NODE\IROBINHOOD|AddonInstDir, C:\Program Files (x86)\iRobinHood\iRobinHood Addon, Mis en quarantaine, [2925f2c4d7b3300692178996c242916f]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [fb538234553554e2dbf8bec247bed12f]

Donn�es du Registre: 0
(Aucun �l�ment malicieux d�tect�)

Dossiers: 5
PUP.Optional.MultiPlug.Gen, C:\Users\Alain\AppData\Roaming\1EECD042-1427878647-E111-83C6-B888E3C52D99, Mis en quarantaine, [9ab47b3bfb8f4fe7292bef89a164ab55],
PUP.Optional.KeepAppIt.A, C:\ProgramData\KeepAppIt Software, Mis en quarantaine, [dd71cfe7b0dac571d7dae3e9b0534bb5],
PUP.Optional.KeepAppIt.A, C:\ProgramData\KeepAppIt Software\Setup, Mis en quarantaine, [dd71cfe7b0dac571d7dae3e9b0534bb5],
PUP.Optional.KeepAppIt.A, C:\ProgramData\KeepAppIt Software\SW-Booster, Mis en quarantaine, [dd71cfe7b0dac571d7dae3e9b0534bb5],
PUP.Optional.KeepAppIt.A, C:\ProgramData\KeepAppIt Software\SW-Booster\848366190, Mis en quarantaine, [dd71cfe7b0dac571d7dae3e9b0534bb5],

Fichiers: 37
PUP.Optional.Core.A, C:\Windows\inp.exe, Supprim�-au-red�marrage, [5fef5066c0ca8caacb4baf72f214d12f],
PUP.Optional.Core.A, C:\Windows\minp.exe, Supprim�-au-red�marrage, [75d9249221691c1a898c5cc521e512ee],
PUP.Optional.OptimizerPro, C:\ProgramData\inp\D833ECBB538348958DEFB5FF80EC8B51\setup.exe, Mis en quarantaine, [81cd0da9ddad86b0861177ce22e016ea],
PUP.Optional.MultiPlug.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\6Re98FJMNyl2eS.x64.dll, Mis en quarantaine, [1e30b402ddadbc7a32e7b4b207fb8c74],
PUP.Optional.MultiPlug.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\KVQkvupihC477j.x64.dll, Mis en quarantaine, [143abafc7416f14573a665014fb343bd],
PUP.Optional.QuickRef.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\qrnfd_1_10_0_12.sys, Mis en quarantaine, [aba3eacc95f56fc764f65ec73ec434cc],
PUP.Optional.SmartWeb.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\SmartWebApp.exe, Mis en quarantaine, [3b13a2148cfe90a6624b65a009f902fe],
PUP.Optional.SmartWeb.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\SmartWebHelper.exe, Mis en quarantaine, [341a6d498406e0566e3f24e18a78a55b],
PUP.Optional.SmartWeb.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\swhk.dll, Mis en quarantaine, [71ddb204f39772c4ac01a75e1de55ba5],
PUP.Optional.XTab.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\ProtectService.exe, Mis en quarantaine, [b49a5f57058552e4820a23f41de5dc24],
PUP.Optional.Protect, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\ProtectWindowsManager.exe, Mis en quarantaine, [9ab4fcba3852ba7cdfefc45bff073cc4],
PUP.Optional.MultiPlug.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\KKiNgCooupon\KVQkvupihC477j.dll, Mis en quarantaine, [4d01783e71199f9760b943234cb6c23e],
PUP.Optional.QuickRef.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\QuickRef_1.10.0.12\Service\qrsvc.exe, Mis en quarantaine, [79d58630d2b8f73ff4668e9705fdb749],
PUP.Optional.MultiPlug.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\FlaasihCoupon\6Re98FJMNyl2eS.dll, Mis en quarantaine, [e16da016a1e9cc6a99803432679b4cb4],
PUP.Optional.MultiPlug, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\GoSuave\orStKIZUQLdevP.x64.dll, Mis en quarantaine, [331b189eabdf9f97c4b4994124ddf10f],
PUP.Optional.SmartWeb.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\SmartWebApp.exe, Mis en quarantaine, [a2accaeca7e3c373ecc114f1c43eb749],
PUP.Optional.SmartWeb.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\SmartWebHelper.exe, Mis en quarantaine, [113dfabc7b0f290dd3da25e0907237c9],
PUP.Optional.SmartWeb.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\swhk.dll, Mis en quarantaine, [51fd189e3852b97d6b42e61f42c0738d],
PUP.Optional.BrowserWatch, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\BrowerWatchCH.dll, Mis en quarantaine, [80cebbfb4a4092a44081d8976d93bd43],
PUP.Optional.BrowserWatch, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\BrowerWatchFF.dll, Mis en quarantaine, [be90f9bdc6c43105fec3a7c8c13fd52b],
PUP.Optional.SearchProtect, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\BrowserAction.dll, Mis en quarantaine, [06489323ee9cd2647c6289bef0127b85],
PUP.Optional.SearchProtect, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\CmdShell.exe, Mis en quarantaine, [f75792243f4b96a0369aeb3486805ba5],
PUP.Optional.ELEX, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\HPNotify.exe, Mis en quarantaine, [c28c575f1377320498d249efc73b9868],
PUP.Optional.SearchProtect, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\IeWatchDog.dll, Mis en quarantaine, [3d11a313800aba7ccf00dc434abcb749],
PUP.Optional.SupTab.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\XTab\SupTab.dll, Mis en quarantaine, [ea649f17bbcfa5919c00fb3c1de3758b],
PUP.Optional.MultiPlug, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\YoutUbeAdBlocke\9ibbW0sEAXcqYV.x64.dll, Mis en quarantaine, [ef5f298de4a638fe5c1c6e6c3cc5ee12],
PUP.Optional.Dealply, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\DealPly\DealPlyUpdateRun.exe, Mis en quarantaine, [222c6a4c5535ed49e156da80f70f49b7],
PUP.Optional.OptimizerPro.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\Optimizer Pro 3.82\OptimizerPro.exe, Mis en quarantaine, [a6a875417b0f68cec020085b6b97d32d],
PUP.Optional.MultiPlug.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\Optimizer Pro 3.82\OptProMon.dll, Mis en quarantaine, [113d0bab1d6de254b2a7dc7c4fb325db],
PUP.Optional.OptimizerPro.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\Optimizer Pro 3.82\OptProReminder.exe, Mis en quarantaine, [e569ab0bfd8d85b1edf3531025ddc53b],
PUP.Optional.OptimizerPro.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\Optimizer Pro 3.82\OptProStart.exe, Mis en quarantaine, [034b44720a80f145c818154e946e936d],
PUP.Optional.MultiPlug.A, C:\Users\Alain\AppData\Roaming\ZHP\Quarantine\ProSHoopper\mQG5Vkxc6NWpU8.x64.dll, Mis en quarantaine, [a9a5427498f271c589900363be44fb05],
PUP.Optional.MultiPlug.Gen, C:\Users\Alain\AppData\Roaming\1EECD042-1427878647-E111-83C6-B888E3C52D99\vnsk2943.tmp, Mis en quarantaine, [9ab47b3bfb8f4fe7292bef89a164ab55],
PUP.Optional.MultiPlug.Gen, C:\Users\Alain\AppData\Roaming\1EECD042-1427878647-E111-83C6-B888E3C52D99\rnst8074.exe, Mis en quarantaine, [9ab47b3bfb8f4fe7292bef89a164ab55],
PUP.Optional.MultiPlug.Gen, C:\Users\Alain\AppData\Roaming\1EECD042-1427878647-E111-83C6-B888E3C52D99\Uninstall.exe, Mis en quarantaine, [9ab47b3bfb8f4fe7292bef89a164ab55],
PUP.Optional.SuperOptimizer.A, C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk, Mis en quarantaine, [a9a5dcda4545b2844daffc810cf905fb],
PUP.Optional.KeepAppIt.A, C:\ProgramData\KeepAppIt Software\SW-Booster\848366190.ini, Mis en quarantaine, [dd71cfe7b0dac571d7dae3e9b0534bb5],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité