cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 30/07/2015
Heure de l'analyse: 21:45
Fichier journal: RapportMBAM1.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.30.04
Base de données de rootkits: v2015.07.29.02
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: pmarchand

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 350966
Temps écoulé: 12 min, 0 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 6
PUP.Optional.ServiceRNDM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Elated Skill, En quarantaine, [e705c81f6f1bc86e262023a42fd2fa06],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [10dc6f78048670c61bb1019cf50f33cd],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{c31ed948}, En quarantaine, [b13b1ec9622843f36ac763395ba9fe02],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [d11b29be6e1c21155b71524b34d0a35d],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [6587e9fe8cfe46f037883b6407fd1ce4],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, En quarantaine, [eb01b7308901fa3cc174f0a5ff0552ae],

Valeurs du registre: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [10dc6f78048670c61bb1019cf50f33cd]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [d11b29be6e1c21155b71524b34d0a35d]

Données du registre: 4
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{32C84A12-A93B-48A6-983F-1EC5E3D0FAA2}|NameServer, 52.17.204.69,8.8.8.8, Bon : (), Mauvais : (52.17.204.69,8.8.8.8),Remplacé,[56967275a6e477bf5dc1a59fc04502fe]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8A383AFB-C224-4A8D-943D-3C7ED40454DB}|NameServer, 52.17.204.69,8.8.8.8, Bon : (), Mauvais : (52.17.204.69,8.8.8.8),Remplacé,[8c603bac3d4dad89ef2fc381a85db24e]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B0A05A28-D108-4547-BA39-993326B89B21}|NameServer, 52.17.204.69,8.8.8.8, Bon : (), Mauvais : (52.17.204.69,8.8.8.8),Remplacé,[509c47a0870377bf8e900f35fa0bc53b]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}|NameServer, 52.17.204.69,8.8.8.8, Bon : (), Mauvais : (52.17.204.69,8.8.8.8),Remplacé,[de0e9750cebc2f079f7f52f2679e7a86]

Dossiers: 4
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, En quarantaine, [36b654931b6f84b29b2260b3b251bb45],
PUP.Optional.OutlookcomNotifier.A, C:\Program Files (x86)\Outlookcom Notifier, En quarantaine, [608c7c6b94f60f27fe4364b3e51e9868],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iatnehenub\1.0.4.1, En quarantaine, [fdefb92ea8e23105c4dc1092d43044bc],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iatnehenub, En quarantaine, [fdefb92ea8e23105c4dc1092d43044bc],

Fichiers: 29
PUP.Optional.ServiceRNDM.A, C:\Program Files (x86)\Elated Skill\Elated Skill.exe, En quarantaine, [e705c81f6f1bc86e262023a42fd2fa06],
PUP.Optional.WProtectManager.A, C:\ProgramData\lWinManProl\ProtectWindowsManager.exe, En quarantaine, [37b59a4dc5c557df5aaec6b05aabf010],
PUP.Optional.Coupoon.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\iiwjljrnpc64.exe.VIR, En quarantaine, [cc20f9eec0cad75f1adb0c68aa5b31cf],
PUP.Optional.SmartWeb.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\smartwebapp.exe.VIR, En quarantaine, [8f5d1acd9befe6502a8b0c46bc452ed2],
PUP.Optional.SmartWeb.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\smartwebhelper.exe.VIR, En quarantaine, [737962851872a096fcb9153db44df60a],
PUP.Optional.Coupoon.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\updatecheck.exe.VIR, En quarantaine, [9755bb2c2c5ee0561cd97afa768f1ee2],
PUP.Optional.PCMechanic, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\OpenCandy.DIR\OpenCandy_CC03E1EE24394CE68891CCE9ECBD06AF\PCM_FR.exe, En quarantaine, [6a82bb2c5238e35328325276887946ba],
PUP.Optional.MultiPlug.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\EEXstraSaviingsu.DIR\m5cp9vPoP1EHXT.dll, En quarantaine, [af3d2abd385245f1fcc8714daf52f709],
PUP.Optional.MultiPlug.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\ExstroASavings.DIR\iTp8nnHTvKSDqY.dll, En quarantaine, [3bb18e59652558ded7ed3a8454ad05fb],
PUP.Optional.SmartWeb.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\swhk.dll, En quarantaine, [e903b92ea0ea74c2bef7cd854db4c937],
PUP.Optional.SmartWeb.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\trzBB1D.tmp, En quarantaine, [ffed29bea2e863d38a2b4a08f30e6898],
PUP.Optional.MultiPlug.A, C:\Users\pmarchand\AppData\Roaming\ZHP\Quarantine\TakeTHECOupoN.DIR\ab0QFC3EwNVrlu.dll, En quarantaine, [55971fc836540c2a6e56bfff56ab718f],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmpi__5vz\3W3gBHCcfVzLVE.dll, En quarantaine, [608c9453b8d2f442c20257674bb67c84],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmpi__5vz\3W3gBHCcfVzLVE.x64.dll, En quarantaine, [e00c3fa87d0d4cea7e46a9151de453ad],
PUP.Optional.Multiplug.A, C:\Windows\Temp\tmpi__5vz\j3dYhVP4g99LMGK.exe, En quarantaine, [c32908df7b0f0036b5712d4f38c9d927],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmpmoaef5\dbghelp.dll, En quarantaine, [688433b43b4f86b0a3802095c23fee12],
PUP.Optional.MultiPlug.A, C:\Windows\Temp\tmppzudjf\dbghelp.dll, En quarantaine, [7478d611a9e11f172300d1e40af76c94],
PUP.Optional.Multiplug.A, C:\Windows\Temp\tmpusdn8l\46AcH7XxiUBhpTy.exe, En quarantaine, [4aa26d7afa9096a0c660fb81ee13629e],
PUP.Optional.Somoto.C, C:\Users\pmarchand\Downloads\crackArchitecteetconstruction3D2007TRUEFRENCHBRRIP2015_downloader-NdsxsHWqX.exe, En quarantaine, [c12bedfa484265d143ad066ff80db24e],
PUP.Optional.Somoto.C, C:\Users\pmarchand\Downloads\Architectureetconstruction3D-2011TRUEFRENCHBRRIP2015_downloader-N9HYOnqN7.exe, En quarantaine, [98540bdcb5d5003643adec89897c847c],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, En quarantaine, [36b654931b6f84b29b2260b3b251bb45],
PUP.Optional.OutlookcomNotifier.A, C:\Program Files (x86)\Outlookcom Notifier\Outlookcom Notifier.dat, En quarantaine, [608c7c6b94f60f27fe4364b3e51e9868],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iatnehenub\1.0.4.1\eobsejnu.exe.config, En quarantaine, [fdefb92ea8e23105c4dc1092d43044bc],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iatnehenub\1.0.4.1\sqlite3.dll, En quarantaine, [fdefb92ea8e23105c4dc1092d43044bc],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iatnehenub\dat.dat, En quarantaine, [fdefb92ea8e23105c4dc1092d43044bc],
PUP.Optional.BestPriceNinja.A, C:\Users\pmarchand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage, En quarantaine, [b438994e6c1ead8980bac2e31de7c23e],
PUP.Optional.BestPriceNinja.A, C:\Users\pmarchand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.bestpriceninja.com_0.localstorage-journal, En quarantaine, [5894f6f10882bc7a5dddc1e40400a060],
PUP.Optional.BestPriceNinja.A, C:\Users\pmarchand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage, En quarantaine, [727a9453454580b62a10eeb725df8779],
PUP.Optional.BestPriceNinja.A, C:\Users\pmarchand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal, En quarantaine, [d51717d093f75bdbc5759312877dbd43],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité