cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 17/06/2015
Heure de l'examen: 20:40:22
Fichier journal:
Administrateur: Oui

Version: 2.01.6.1022
Base de données Malveillants: v2015.06.17.04
Base de données Rootkits: v2015.06.15.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: dje

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 356069
Temps écoulé: 13 min, 24 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Désactivé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux détecté)

Modules: 0
(Aucun élément malicieux détecté)

Clés du Registre: 9
Trojan.Downloader, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mflq, Mis en quarantaine, [ecdce1da16745fd75ab86cfd7c87c33d],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [03c5c6f5177348ee9043fb93e223e11f],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [398f7843b3d77db91b2912e223e0847c],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Mis en quarantaine, [e3e58d2ec0ca66d0ede68c02a560ea16],
PUP.Optional.BrowserApps.A, HKU\S-1-5-18\SOFTWARE\BrowserV15.06-nv-ie, Mis en quarantaine, [9731417a9eecb0865d1bd420a261ce32],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Mis en quarantaine, [2f990caf008a9e98fade345c2ed7c937],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, Mis en quarantaine, [8e3aa8133b4f63d33ee9612562a316ea],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Mis en quarantaine, [31970ab1fc8eb97de9aee7a207feba46],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2374338755-4282351228-1744921147-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B0DAB2F-E8DF-49CB-A4DF-CAD07E1F12C4}, Mis en quarantaine, [24a415a63753f64024ce65263ec73cc4],

Valeurs du Registre: 4
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [03c5c6f5177348ee9043fb93e223e11f]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Mis en quarantaine, [e3e58d2ec0ca66d0ede68c02a560ea16]
PUP.Optional.CrossBrowse.C, HKU\S-1-5-21-2374338755-4282351228-1744921147-1001\SOFTWARE\CLIENTS\STARTMENUINTERNET, Crossbrowse, Mis en quarantaine, [10b882399eece0568b0a7e0b37cea35d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2374338755-4282351228-1744921147-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B0DAB2F-E8DF-49CB-A4DF-CAD07E1F12C4}|AppName, 9bf21c4b-c763-42d3-8411-d867d83192eb-2.exe-buttonutil.exe, Mis en quarantaine, [24a415a63753f64024ce65263ec73cc4]

Données du Registre: 0
(Aucun élément malicieux détecté)

Dossiers: 5
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, Mis en quarantaine, [f2d6ead17515092d93e99d5829da2ed2],
PUP.Optional.MultiPlug.Gen, C:\Users\dje\AppData\Roaming\994EA500-1434513346-1016-A294-A9E27D237C9E, Mis en quarantaine, [b117615aec9e5adc263aff87d62f37c9],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx\1.0.1.0, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.GlobalUpdate.A, C:\Users\dje\AppData\Local\Temp\comh.274432, Mis en quarantaine, [84445665afdb90a6052a448f07fc8977],

Fichiers: 50
Trojan.Downloader, C:\Windows\mflq.exe, Mis en quarantaine, [ecdce1da16745fd75ab86cfd7c87c33d],
PUP.Optional.CrossRider.A, C:\ProgramData\flq\B906AE6E807D4D5CB35CF81DF76718E6\setup.exe, Mis en quarantaine, [398f65568cfe3afc3e21b8ca28de847c],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\npglobalupdateUpdate4.dll, Mis en quarantaine, [09bf7c3ff89290a6a7534b02db27c33d],
PUP.Optional.AnyProtect, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\nsw4A48.tmp, Mis en quarantaine, [1fa95665bdcd58de85a052159e65a35d],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\psmachine.dll, Mis en quarantaine, [cff9c5f61179e056837768e55ea435cb],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\psuser.dll, Mis en quarantaine, [785088332d5d83b32ad0b09d966c7789],
PUP.Optional.SuperClick.A, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\sc-setup-1.10.0.16.exe, Mis en quarantaine, [9f2903b87416f442e68c31518680a060],
PUP.Optional.Nosibay.A, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\Selection Tools Uninstall.exe, Mis en quarantaine, [7d4b6754c0ca8caafefd1e63b5512bd5],
PUP.Optional.Nosibay.A, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\WindApp Uninstall.exe, Mis en quarantaine, [d2f6dae179110b2be516b9c8bb4b6f91],
PUP.Optional.Nosibay.A, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\Bubble Dock Uninstall.exe, Mis en quarantaine, [ccfcf2c97d0d270fe01bf38e86804cb4],
Trojan.Downloader, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\D539.tmp.exe, Mis en quarantaine, [47817b40ddadb2849b512f34fb08ec14],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\globalupdateBroker.exe, Mis en quarantaine, [ba0ec8f3fa90df5717e3361742c0629e],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\globalupdateCrashHandler.exe, Mis en quarantaine, [e9dfb407b4d6c47205f50e3f3ac86b95],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\globalupdateOnDemand.exe, Mis en quarantaine, [b711f5c69bef7fb7f703b09d99694eb2],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\goopdate.dll, Mis en quarantaine, [2d9bbdfe5931bf776a90f459bd4544bc],
PUP.Optional.ModGoog, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, Mis en quarantaine, [64646a517119bc7a7c7e48056d9559a7],
Trojan.Agent, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\994EA500-1434496930-1016-A294-A9E27D237C9E\jnsl13D0.tmp, Mis en quarantaine, [3692c7f44545989e0e13cba1d62c5ca4],
Trojan.Agent, C:\Users\dje\AppData\Roaming\ZHP\Quarantine\994EA500-1434512483-1016-A294-A9E27D237C9E\jnsh4C6A.tmp, Mis en quarantaine, [d9ef2497197114222ff28ce09f638e72],
PUP.Optional.IStartSurf.A, C:\Users\dje\AppData\Local\Temp\nswCA64.tmp, Mis en quarantaine, [10b877443b4fd363e6864040b6508b75],
PUP.Optional.OptimizerPro.A, C:\Users\dje\AppData\Local\Temp\optprosetup.exe, Mis en quarantaine, [9d2be6d50585ca6c19df92d3f01213ed],
PUP.Optional.Amonetize.A, C:\Users\dje\AppData\Local\Temp\Launcher__13221.exe, Mis en quarantaine, [fdcb7546f7939f97e23bf16fd131e917],
PUP.Optional.BundleInstaller.A, C:\Users\dje\AppData\Local\Temp\setup_648.exe, Mis en quarantaine, [ebdd407ba9e1d85ee29f7e04ce38f40c],
PUP.Optional.IStartSurf.A, C:\Users\dje\AppData\Local\Temp\nsbC94B.tmp, Mis en quarantaine, [33950eadef9b6dc93d2ff38d82846f91],
PUP.Optional.Somoto.C, C:\Users\dje\AppData\Local\Temp\nsu49A2.tmp, Mis en quarantaine, [2e9a02b905850d29eff819697d89d12f],
PUP.Optional.BrowserApps.A, C:\Users\dje\AppData\Local\Temp\2757.exe, Mis en quarantaine, [01c727944d3d52e41ddb0d738482bd43],
PUP.Optional.BrowserApps.A, C:\Users\dje\AppData\Local\Temp\5328.exe, Mis en quarantaine, [cdfbc2f97e0cb77f2bcd6719bf47f30d],
PUP.Optional.BrowserApps.A, C:\Users\dje\AppData\Local\Temp\6209.exe, Mis en quarantaine, [f2d6bffcbecc5adc9068136d8e786898],
PUP.Optional.Crossbrowse.C, C:\Users\dje\AppData\Local\Temp\6D37.tmp, Mis en quarantaine, [22a62f8ce2a882b495d0136e71956898],
PUP.Optional.CrossBrowse, C:\Users\dje\AppData\Local\Temp\7398.exe, Mis en quarantaine, [d1f7714afb8ff83efe965604689a6799],
PUP.Optional.Crossbrowse.C, C:\Users\dje\AppData\Local\Temp\7409.exe, Mis en quarantaine, [eeda10ab57332d09aa0d60faee14a65a],
PUP.Optional.Crossbrowse.C, C:\Users\dje\AppData\Local\Temp\7665.exe, Mis en quarantaine, [8543368568220a2c496ecc8ee022f60a],
PUP.Optional.BrowserApps.A, C:\Users\dje\AppData\Local\Temp\7738.exe, Mis en quarantaine, [8147e0db8bff1521ea0e1b6537cf30d0],
PUP.Optional.Tuto4PC.A, C:\Users\dje\AppData\Local\Temp\is-12SIC.tmp\gentlemjmp_ieu.exe, Mis en quarantaine, [04c4af0cd8b2b97ddc0b136e13f38b75],
Adware.EoRezo, C:\Users\dje\AppData\Local\Temp\is-3UCD3.tmp\package_optimizerpro_installer_multilang.exe, Mis en quarantaine, [bb0df4c7494158de1a0f155dc83a966a],
Adware.EoRezo, C:\Users\dje\AppData\Local\Temp\is-3UCD3.tmp\436.exe, Mis en quarantaine, [c107368528620f2754d5aec45da5f709],
PUP.Optional.OfferInstaller.C, C:\Users\dje\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, Mis en quarantaine, [e1e77546cbbf3cfa10255be6c63cfb05],
PUP.Optional.Crossbrowse.C, C:\Users\dje\AppData\Local\Temp\81434512435\1P1M8L01STw==401.exe, Mis en quarantaine, [794f714a5c2ee056a5123e1c828050b0],
PUP.Optional.PCOptimizerPro, C:\Users\dje\AppData\Local\Temp\81434513188\1P1M8L01STw==1.exe, Mis en quarantaine, [9c2ce4d784062313992b352bb250e21e],
PUP.Optional.Crossbrowse.C, C:\Users\dje\AppData\Local\Temp\81434513188\1P1M8L01STw==3.exe, Mis en quarantaine, [8e3a11aa96f41e189225d78379890000],
Adware.EoRezo, C:\Users\dje\AppData\Local\Temp\is-IGSDI.tmp\package_optimizerpro_installer_multilang.exe, Mis en quarantaine, [794fb5061f6b162035f483efb64cbb45],
PUP.Optional.SndVol.A, C:\Windows\SysWOW64\config\systemprofile\sndvol.exe, Mis en quarantaine, [6b5d8f2ca7e353e34869876b7b88cd33],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, Mis en quarantaine, [f2d6ead17515092d93e99d5829da2ed2],
PUP.Optional.MultiPlug.Gen, C:\Users\dje\AppData\Roaming\994EA500-1434513346-1016-A294-A9E27D237C9E\vnskDDC5.tmp, Mis en quarantaine, [b117615aec9e5adc263aff87d62f37c9],
PUP.Optional.MultiPlug.Gen, C:\Users\dje\AppData\Roaming\994EA500-1434513346-1016-A294-A9E27D237C9E\Uninstall.exe, Mis en quarantaine, [b117615aec9e5adc263aff87d62f37c9],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx\1.0.1.0\dnebiosl.exe.config, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx\1.0.1.0\dnebiosl.exe, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx\1.0.1.0\sqlite3.dll, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx\1.0.1.0\time.dat, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.Amonetize.A, C:\ProgramData\Eenomtlupeirx\dat.dat, Mis en quarantaine, [a91f9a21c4c60a2c41b8434ade275fa1],
PUP.Optional.GlobalUpdate.A, C:\Users\dje\AppData\Local\Temp\comh.274432\globalupdateHelper.msi, Mis en quarantaine, [84445665afdb90a6052a448f07fc8977],

Secteurs physiques: 0
(Aucun élément malicieux détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité