cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 12/06/2015
Heure de l'examen: 09:30:49
Fichier journal: antimalwares_resultats.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de donn�es Malveillants: v2015.06.11.05
Base de donn�es Rootkits: v2015.06.02.01
Licence: Essai
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: jacklyn

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 569182
Temps �coul�: 43 min, 5 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux d�tect�)

Modules: 0
(Aucun �l�ment malicieux d�tect�)

Cl�s du Registre: 36
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [6d0496237b0f3df9658a8edc1ce7d62a],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, , [4f22902972188bab48785317f40f8e72],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1009\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [82efa5140189db5bca36c3a610f347b9],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1009\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [82efa5140189db5bca36c3a610f347b9],
PUP.Optional.Amonetize.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1000_Classes\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [e1904574f59591a51d6d9c0d0201c23e],
PUP.Optional.Amonetize.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1000_Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [7df46851ee9ce056e8a2c6e31de6f709],
PUP.Optional.NewHB.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\kcendgajlhoaiiccpijilcpmgphfflnj, , [bbb6a41533570c2ac681c73be024a65a],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [c2af7d3ce8a2b581d02def9909fcd32d],
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, , [d29fe1d82763df57fc188902fb0adb25],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [056cb0099febe84e69f8cd21e41f718f],
PUP.Optional.NewHB.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kcendgajlhoaiiccpijilcpmgphfflnj, , [7df454657b0f72c427206a9835cfef11],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, , [a9c8eecb5f2b11256bea493ec0458e72],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{ff148bd5}, , [4928e3d67e0c072fcf86276036cf0af6],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [c8a9714899f1191dfc0154349174b947],
PUP.Optional.DriverUpdate.A, HKLM\SOFTWARE\WOW6432NODE\SLIMWARE UTILITIES INC\DriverUpdate, , [c3aeefca206ac1757b85ddae778ee31d],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [48297346deac2e08153372187194de22],
PUP.Optional.CrossRider.A, HKU\S-1-5-18\SOFTWARE\Cinema_Plus-1.2V30.05-nv, , [9ed35a5f0e7ce94df3730505d4309b65],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [f18044758901f541dc36d4b75ca9e21e],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [8fe2cdec404a999d724e146f13f2be42],
PUP.Optional.NewHB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\kcendgajlhoaiiccpijilcpmgphfflnj, , [b5bce4d55337e35313330bf7d43004fc],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1009\SOFTWARE\APPDATALOW\SOFTWARE\DVDVideoSoftTB, , [472a80395436c175523e66a612f26f91],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1009\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [50219722711988ae4d9eb352b54f19e7],
PUP.Optional.BoBrowser.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\BoBrowser, , [77fa87320d7d0333b0c1feff10f329d7],
PUP.Optional.BonanzaDeals.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\BonanzaDealsLive, , [30411d9c8a0078bed805b6a3887d35cb],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\Iminent, , [1a5701b8dab0999dac793d0014f019e7],
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, , [244d04b5860439fd76e0cb8d54b19f61],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [c9a881387e0c57dfcb47117ad035b14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [264b54658bff3ef83db596cff213db25],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\SOFTWARE\DVDVideoSoftTB, , [b9b8a910d0ba1c1a513fa765f90bdb25],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [670af1c8a5e5cd692f82a9c5e61f7888],
PUP.Optional.IWantThis.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\SOFTWARE\I Want This, , [4a277346fb8f6cca6788ce5e669ed42c],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.3, , [e0918237a5e5290d42fe77b9679d0bf5],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [9fd208b101897db910db2adb43c1bb45],
PUP.Optional.Ask.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2B7ED742-ACAF-47B7-8F73-2AB3B46AC39A}, , [8ee33188d9b15ed86c1bf5941ce927d9],
PUP.Optional.BProtector.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\BPROTECTSETTINGS, , [cca561587b0ff442818a72e3bf469e62],
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-501\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, , [e48da1182763f145d284a8b01ee7cc34],

Valeurs du Registre: 14
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, �?[+�?�µ C½Ð¬ �?�Wåõ, , [82efa5140189db5bca36c3a610f347b9]
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, �?[+�?�µ C½Ð¬ �?�Wåõ, , [82efa5140189db5bca36c3a610f347b9]
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1009\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [d0a1e9d0800a11251be5f079e122c739],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [1b56c7f28a00d26496dfd994976cd12f],
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{30F9B915-B755-4826-820B-08FBA6BD249D}, ¹ù0U·&H�?? û¦½$, , [1b56c7f28a00d26496dfd994976cd12f]
PUP.Optional.Iminent.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, , [1e53a415d3b7a5915536e8bb9073669a],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}, �?éz�??�?¯èEž ây�?? â�?, , [1e53a415d3b7a5915536e8bb9073669a]
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [5819d1e8d6b4280efc04e18811f2aa56],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [c2af7d3ce8a2b581d02def9909fcd32d]
PUP.Optional.Taplika.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Taplika\\, , [c3aeeecb276358de94c18c62de25db25]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [c8a9714899f1191dfc0154349174b947]
PUP.Optional.Ask.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2B7ED742-ACAF-47B7-8F73-2AB3B46AC39A}|URL, http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=fr_FR&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^FR&apn_uid=3A7A9AB6-91E0-4027-B530-003547A82C11&apn_sauid=18EC3A98-D599-4345-BD69-E326B6D9F055, , [8ee33188d9b15ed86c1bf5941ce927d9]
PUP.Optional.Iminent.A, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}|URL, http://search.iminent.com/?appId=11fc8055-97fd-40f4-b9e0-3e1733ac7ebe&lcid=1036&ref=toolbox&q={searchTerms}, , [7df44a6fdcae1c1a50b4fc8b0afbe41c]
Trojan.Agent, HKU\S-1-5-21-3451982938-700693603-1322355959-1010\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater, C:\ProgramData\Updater\updater.exe, , [c2affcbdafdbd2640152d48ac63fd32d]

Donn�es du Registre: 0
(Aucun �l�ment malicieux d�tect�)

Dossiers: 2
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, , [541d9029d1b95cda31a80c0de61e8f71],
PUP.Optional.CrossRider.A, C:\Users\jacklyn\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec, , [5c1504b5bbcf3cfa3b35764ad330d42c],

Fichiers: 20
PUP.Optional.CinemaPlus.A, C:\ProgramData\rkb\42D71BD684AD49008A72FAB151469E5F\setup.exe, , [78f9d3e696f4cc6afab5195811f5cd33],
Trojan.Dropper, C:\ProgramData\rkb\70CA7948BB4F44D898086A77957D71CA\setup.exe, , [026f3485deac85b1771a7bc221e101ff],
PUP.Optional.MagicBall.A, C:\ProgramData\rkb\91FB6A7C50984BB2A225A66CC4405E53\setup.exe, , [d899a415ddadab8bfa167902de28df21],
PUP.Optional.SuperOptimizer.A, C:\ProgramData\rkb\9595762C99144D758DEAD7A5DF5D94C3\setup.exe, , [224fd3e6b3d73204a4d58fd3867cd828],
PUP.Optional.Adlyrics.A, C:\ProgramData\rkb\A3C205A0770F4FF7ABAF8D82750C216E\setup.exe, , [75fcad0ca5e53bfb50185cf4ba4846ba],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\rkb\B8A389F0EDF94901A06E7FD0479C9F4F\setup.exe, , [db9651680783e452c71376e8eb15b050],
PUP.Optional.SuperOptimizer.A, C:\ProgramData\rkb\CE26DBEBF4724A4F9CEC87816E99E7CF\setup.exe, , [6011c0f9ee9ce4520475253db0528d73],
PUP.Optional.Core.A, C:\Users\jacklyn\AppData\Roaming\ZHP\Quarantine\mrkb.exe.VIR, , [4b265d5cb0da0531edf030fb39cdcc34],
PUP.Optional.Nova.A, C:\Program Files (x86)\(Quick AVI MPEG Joiner)\19a75769-a3ce-42c2-a4c4-9bc5aaf3df00.dll, , [f47d82370189ba7c702c021313efb749],
PUP.Optional.Crossrider, C:\Program Files (x86)\(Quick AVI MPEG Joiner)\22485180-c5ec-47e1-8eeb-3a11960b1379.dll, , [7001bdfc4e3c4de92ca52b3ff80ab749],
PUP.Optional.PricePeep.A, C:\Users\gege\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage, , [cea308b1f4967db9853802ebba49ea16],
PUP.Optional.PricePeep.A, C:\Users\gege\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal, , [ff724f6a0288aa8c65583eaf37cc22de],
PUP.Optional.PricePeep.A, C:\Users\jacklyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep00.pricepeep.net_0.localstorage-journal, , [d0a1d8e11b6f9f97724b1fcef3101ee2],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, , [541d9029d1b95cda31a80c0de61e8f71],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\data.xml, , [541d9029d1b95cda31a80c0de61e8f71],
PUP.Optional.SelectNGo.A, C:\Users\gege\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, , [323fb80192f89d99123d81a38a7af10f],
PUP.Optional.SelectNGo.A, C:\Users\gege\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, , [ec854277fa90a690103f968e0202bf41],
PUP.Optional.SelectNGo.A, C:\Users\jacklyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, , [f57c04b5b3d7b38387c8c55f43c153ad],
PUP.Optional.Websteroids.A, C:\Users\gege\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, , [601118a1d5b5d363008081aeb351dc24],
PUP.Optional.Websteroids.A, C:\Users\jacklyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, , [74fd5960c4c62511e8988aa5d232cb35],

Secteurs physiques: 0
(Aucun �l�ment malicieux d�tect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité