cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 21/06/2015
Heure de l'examen: 18:32:45
Fichier journal: rapport malwarebytes.txt
Administrateur: Oui

Version: 2.01.6.1022
Base de données Malveillants: v2015.06.21.04
Base de données Rootkits: v2015.06.15.01
Licence: Essai
Protection contre les malveillants: Activé(e)
Protection contre les sites Web malveillants: Activé(e)
Auto-protection: Désactivé(e)

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: AhMeD

Type d'examen: Examen "Menaces"
Résultat: Terminé
Objets analysés: 402556
Temps écoulé: 36 min, 20 sec

Mémoire: Activé(e)
Démarrage: Activé(e)
Système de fichiers: Activé(e)
Archives: Activé(e)
Rootkits: Activé(e)
Heuristique: Activé(e)
PUP: Activé(e)
PUM: Activé(e)

Processus: 0
(Aucun élément malicieux détecté)

Modules: 0
(Aucun élément malicieux détecté)

Clés du Registre: 5
PUP.Optional.StrongSignal.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, Mis en quarantaine, [69effcc19eec2e087daf204e6c97d927],
PUP.Optional.StrongSignal.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C723A437-2EAF-466D-A95B-3FA0966BF88C}, Mis en quarantaine, [69effcc19eec2e087daf204e6c97d927],
PUP.Optional.StrongSignal.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr StrongSignal, Mis en quarantaine, [b4a4c0fd7218e254dbc23c498b7a3ec2],
PUP.Optional.SearchSimple.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Mis en quarantaine, [85d318a59af0e551016f3558f60f9c64],
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\PRODUCTSETUP, Mis en quarantaine, [2e2a8538ff8baf876e92672d8a7bc937],

Valeurs du Registre: 3
PUP.Optional.OpinionSquare.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}, C:\Program Files (x86)\RelevantKnowledge\firefox, Mis en quarantaine, [4612c5f8c9c19a9c42df8ca1b252d22e]
PUP.Optional.SearchSimple.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://q.search-simple.com/?affID=bl_d1d7ccda-f185-4efb-b08d-4c2de7a46880&q={searchTerms}, Mis en quarantaine, [85d318a59af0e551016f3558f60f9c64]
PUP.Optional.ProductSetup.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\PRODUCTSETUP|tb, 0N2X1N, Mis en quarantaine, [2e2a8538ff8baf876e92672d8a7bc937]

Données du Registre: 1
PUP.Optional.SearchSimple.A, HKU\S-1-5-21-1108542424-2227857381-2739290853-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://q.search-simple.com/?affID=bl_d1d7ccda-f185-4efb-b08d-4c2de7a46880, Bon: (www.google.com), Mauvais: (http://q.search-simple.com/?affID=bl_d1d7ccda-f185-4efb-b08d-4c2de7a46880),Remplacé,[0157f0cd66244de9319bba8353b3be42]

Dossiers: 11
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\FilmFanatic, Mis en quarantaine, [ec6c209dd2b83402791c21a9cb3857a9],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5555.33468_0, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5597.33573_0, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\chrome, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\META-INF, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\plugins, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],

Fichiers: 42
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rlls64.dll, Mis en quarantaine, [cc8c2697cbbfa6902043b3ac22e4cc34],
PUP.Optional.OpenCandy, C:\Users\Invité\AppData\Local\Temp\uttAED5.tmp, Mis en quarantaine, [b4a4beff4a40ce6850f559180ff7867a],
PUP.Optional.OpenCandy, C:\Users\Invité\AppData\Local\Temp\uttDC7A.tmp, Mis en quarantaine, [fc5c74490a806cca2c19145d4cba867a],
PUP.BundleInstaller.RKN, C:\Users\Invité\Downloads\AVIPlayerSetup1.0.exe, Mis en quarantaine, [74e47647c9c1290d873dbf0fa759df21],
PUP.Optional.MindSpark.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mywebface.dl.myway.com_0.localstorage, Mis en quarantaine, [a3b5a9144941d75fbb27f895e61f9967],
PUP.Optional.MindSpark.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mywebface.dl.myway.com_0.localstorage-journal, Mis en quarantaine, [1f3907b6d0baba7c4a984e3fda2bc739],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Roaming\Mozilla\Firefox\Profiles\tgzmwnw1.default\extensions\{ba0a5460-68de-457f-b28e-a05c9f0b3e0e}.xpi, Mis en quarantaine, [7cdce5d83b4ff93d11b77d11d82d5ea2],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\{ba0a5460-68de-457f-b28e-a05c9f0b3e0e}.xpi, Mis en quarantaine, [2b2d536ad6b47eb8992f503eff0625db],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\FilmFanatic\80D32C1D-62E7-40F9-B0D4-6FD0CDF708AB.sqlite, Mis en quarantaine, [ec6c209dd2b83402791c21a9cb3857a9],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5555.33468_0\manifest.json, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5555.33468_0\background.js, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5555.33468_0\content.js, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5555.33468_0\icon.png, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\background.js, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\content.js, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\icon.png, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.StrongSignal.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\manifest.json, Mis en quarantaine, [e474a617ed9dbf7738d8fd8b14f29e62],
PUP.Optional.BDYahoo.A, C:\Users\AhMeD\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Bon: ("session":{"restore_on_startup":5}}), Mauvais: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-16__alt__ddc_dsssyc_bd_com"],"urls_to_restore_on_startup":["http://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-16__alt__ddc_dsssyc_bd_com"]}}), Remplacé,[6fe9d3ead1b9e056194c76173dc930d0]
PUP.Optional.BDYahoo.A, C:\Users\AhMeD\AppData\Roaming\Mozilla\Firefox\Profiles\tgzmwnw1.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.newtab.url", "http://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_504_bl-is-22__alt__ddc_dsssyctab_bd_com");), Remplacé,[59ff7d400b7f96a0f3b45834a56112ee]
PUP.Optional.BDYahoo.A, C:\Users\AhMeD\AppData\Roaming\Mozilla\Firefox\Profiles\tgzmwnw1.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.startup.homepage", "http://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-22__alt__ddc_dsssyc_bd_com");), Remplacé,[ef695c6182081d194d5bddafe81eba46]
PUP.Optional.BDYahoo.A, C:\Users\AhMeD\AppData\Roaming\Mozilla\Firefox\Profiles\tgzmwnw1.default\prefs.js, Bon: (), Mauvais: (user_pref("keyword.URL", "http://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bg_504_bl-is-22__alt__ddc_dss_bd_com&p={searchTerms}");), Remplacé,[ce8a1ca18bffa3939e0bb5d736d02dd3]
PUP.Optional.BDYahoo.A, C:\Users\AhMeD\AppData\Roaming\Mozilla\Firefox\Profiles\tgzmwnw1.default\searchplugins\yahoo.xml, Mis en quarantaine, [d5832d90117952e452c0c0c9c541f709],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5597.33573_0\manifest.json, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5597.33573_0\background.js, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5597.33573_0\content.js, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5597.33573_0\icon.png, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\background.js, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\content.js, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\icon.png, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.StrongSignal.A, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccdbmmgcjoehfmgnfikopjehmfbbgnef\1.0.5627.33646_0\manifest.json, Mis en quarantaine, [8ccc02bb16749b9b4fc1d8b024e2f60a],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\install.rdf, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\bootstrap.js, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\chrome.manifest, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\install_old.rdf, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\chrome\paffxtbr.jar, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\META-INF\manifest.mf, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\META-INF\zigbert.rsa, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\META-INF\zigbert.sf, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.Mindspark.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\extensions\paffxtbr@www.filmfanatic2.com\plugins\NativeMessagingDispatcher.dll, Mis en quarantaine, [5cfcb00d1476082e37afe3a5a85e21df],
PUP.Optional.BDYahoo.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.newtab.url", "http://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_504_bl-is-21__alt__ddc_dsssyctab_bd_com");), Remplacé,[f56396273f4bb87e3770d8b41ceac937]
PUP.Optional.BDYahoo.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.startup.homepage", "http://search.yahoo.com/?fr=hp-ddc-bd&type=bg_504_bl-is-21__alt__ddc_dsssyc_bd_com");), Remplacé,[481006b7f29863d3e8c09af2778f6997]
PUP.Optional.BDYahoo.A, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\d80r095h.default\searchplugins\yahoo.xml, Mis en quarantaine, [7adedce1d8b2ca6c1002177256b0da26],

Secteurs physiques: 0
(Aucun élément malicieux détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité