Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 07/07/2015
Heure de l'analyse: 10:09
Fichier journal: mbam.txt
Administrateur: Oui
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.07.02
Base de données de rootkits: v2015.07.05.03
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Cat
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 373217
Temps écoulé: 36 min, 19 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du registre: 9
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [35b9f4ea8efca1958fa1f1aa6f9621df],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [f6f8ab33d3b76bcbdda97d84857fd12f],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, En quarantaine, [8569f4ea4941d75fc8897d1c09fc926e],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [4da1f1ed008a79bdab85049762a3c838],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [fdf1e9f599f1ba7cfc2bc2db3dc8837d],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [3db1c8166921f046eefc662f65a0827e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E5428C-8CD1-4D0E-8D9E-7D9F32177F1B}, En quarantaine, [11dd97471971e84e2e1e8a0eae571ae6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63FCCF17-4CFC-4F4F-9CFE-47912174A513}, En quarantaine, [57979945cdbd999db39aaeea877ee020],
PUP.Optional.EasySpeedPC.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\PROBIT SOFTWARE\Easy Speed PC, En quarantaine, [78768a54f496a690163e85181ee753ad],
Valeurs du registre: 5
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [35b9f4ea8efca1958fa1f1aa6f9621df]
PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, En quarantaine, [35b9fee0b8d237fff68af011b84c58a8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [4da1f1ed008a79bdab85049762a3c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E5428C-8CD1-4D0E-8D9E-7D9F32177F1B}|AppName, 3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-2.exe-buttonutil.exe, En quarantaine, [11dd97471971e84e2e1e8a0eae571ae6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63FCCF17-4CFC-4F4F-9CFE-47912174A513}|AppName, 3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-2.exe-codedownloader.exe, En quarantaine, [57979945cdbd999db39aaeea877ee020]
Données du registre: 0
(Aucun élément malveillant détecté)
Dossiers: 3
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.Techgile.A, C:\Users\Cat\AppData\Local\Temp\Techgile, En quarantaine, [549a617db8d29f9785b76485ef14ce32],
Fichiers: 16
PUP.Optional.MyPCBackup.SID.A, C:\Users\Cat\AppData\Local\Temp\88AFtmp\cloud_backup_setup.exe, En quarantaine, [41adc41adab0171f2c07058e8e786f91],
PUP.Optional.SuperOptimizer.A, C:\Users\Cat\AppData\Local\Temp\88B5tmp\superoptimizersetup.exe, En quarantaine, [a846dd01cdbdcc6a077bb2b12fd38977],
PUP.Optional.Tuto4PC.A, C:\Users\Cat\AppData\Local\Temp\is-N1RPF.tmp\gentlemjmp_ieu.exe, En quarantaine, [6886d40aacde310597c10f84ab5bb947],
PUP.Optional.Nosibay.A, C:\Users\Cat\AppData\Local\Temp\6122014195312\WindApp Uninstall.exe, En quarantaine, [88665985365491a55517573c20e6649c],
PUP.Optional.MyPCBackup.SID.A, C:\Users\Cat\AppData\Local\Temp\AFE3tmp\cloud_backup_setup.exe, En quarantaine, [09e5954998f231056ac94053010524dc],
PUP.Optional.EasySpeedPC.A, C:\Users\Cat\AppData\Local\Temp\AFF7tmp\easyspeedpc.exe, En quarantaine, [876710cef39776c0fb420c622dd53ec2],
PUP.Optional.DsiLoad, C:\Users\Cat\AppData\Local\408384097dsisetup4084105862.exe, En quarantaine, [11dd8a545f2b5dd96912e57d37cb936d],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\lsdb.js, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\background.html, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\content.js, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\manifest.json, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\lsdb.js, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\background.html, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\content.js, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\manifest.json, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.BubbleDock.A, C:\Users\Cat\AppData\Local\Temp\LBubble Dock.txt, En quarantaine, [8e60ffdf345696a0cb867d21fb0a9d63],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 07/07/2015
Heure de l'analyse: 10:09
Fichier journal: mbam.txt
Administrateur: Oui
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.07.02
Base de données de rootkits: v2015.07.05.03
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Cat
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 373217
Temps écoulé: 36 min, 19 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du registre: 9
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [35b9f4ea8efca1958fa1f1aa6f9621df],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [f6f8ab33d3b76bcbdda97d84857fd12f],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, En quarantaine, [8569f4ea4941d75fc8897d1c09fc926e],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [4da1f1ed008a79bdab85049762a3c838],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [fdf1e9f599f1ba7cfc2bc2db3dc8837d],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [3db1c8166921f046eefc662f65a0827e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E5428C-8CD1-4D0E-8D9E-7D9F32177F1B}, En quarantaine, [11dd97471971e84e2e1e8a0eae571ae6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63FCCF17-4CFC-4F4F-9CFE-47912174A513}, En quarantaine, [57979945cdbd999db39aaeea877ee020],
PUP.Optional.EasySpeedPC.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\PROBIT SOFTWARE\Easy Speed PC, En quarantaine, [78768a54f496a690163e85181ee753ad],
Valeurs du registre: 5
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [35b9f4ea8efca1958fa1f1aa6f9621df]
PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, En quarantaine, [35b9fee0b8d237fff68af011b84c58a8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [4da1f1ed008a79bdab85049762a3c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E5428C-8CD1-4D0E-8D9E-7D9F32177F1B}|AppName, 3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-2.exe-buttonutil.exe, En quarantaine, [11dd97471971e84e2e1e8a0eae571ae6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2267293756-2741004066-2468904841-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63FCCF17-4CFC-4F4F-9CFE-47912174A513}|AppName, 3a2eaa25-d3de-4ad1-a29f-9e0869efb2ec-2.exe-codedownloader.exe, En quarantaine, [57979945cdbd999db39aaeea877ee020]
Données du registre: 0
(Aucun élément malveillant détecté)
Dossiers: 3
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.Techgile.A, C:\Users\Cat\AppData\Local\Temp\Techgile, En quarantaine, [549a617db8d29f9785b76485ef14ce32],
Fichiers: 16
PUP.Optional.MyPCBackup.SID.A, C:\Users\Cat\AppData\Local\Temp\88AFtmp\cloud_backup_setup.exe, En quarantaine, [41adc41adab0171f2c07058e8e786f91],
PUP.Optional.SuperOptimizer.A, C:\Users\Cat\AppData\Local\Temp\88B5tmp\superoptimizersetup.exe, En quarantaine, [a846dd01cdbdcc6a077bb2b12fd38977],
PUP.Optional.Tuto4PC.A, C:\Users\Cat\AppData\Local\Temp\is-N1RPF.tmp\gentlemjmp_ieu.exe, En quarantaine, [6886d40aacde310597c10f84ab5bb947],
PUP.Optional.Nosibay.A, C:\Users\Cat\AppData\Local\Temp\6122014195312\WindApp Uninstall.exe, En quarantaine, [88665985365491a55517573c20e6649c],
PUP.Optional.MyPCBackup.SID.A, C:\Users\Cat\AppData\Local\Temp\AFE3tmp\cloud_backup_setup.exe, En quarantaine, [09e5954998f231056ac94053010524dc],
PUP.Optional.EasySpeedPC.A, C:\Users\Cat\AppData\Local\Temp\AFF7tmp\easyspeedpc.exe, En quarantaine, [876710cef39776c0fb420c622dd53ec2],
PUP.Optional.DsiLoad, C:\Users\Cat\AppData\Local\408384097dsisetup4084105862.exe, En quarantaine, [11dd8a545f2b5dd96912e57d37cb936d],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\lsdb.js, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\background.html, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\content.js, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\dlcfdgllonpgcknkpddnphbbhhhgbefk\manifest.json, En quarantaine, [9a54706ea9e1211545b4c8cbbb4a867a],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\lsdb.js, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\background.html, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\content.js, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.MultiPlug, C:\ProgramData\eboebfomhoahpngbidjlkjpfgnphjigj\manifest.json, En quarantaine, [6e806b7396f4c6703ebb72212dd828d8],
PUP.Optional.BubbleDock.A, C:\Users\Cat\AppData\Local\Temp\LBubble Dock.txt, En quarantaine, [8e60ffdf345696a0cb867d21fb0a9d63],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)