cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 14/07/2015
Heure de l'analyse: 14:27
Fichier journal: ScanLog.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.14.03
Base de données de rootkits: v2015.07.10.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 8
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Maxence-B

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 451358
Temps écoulé: 22 min, 30 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 3
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [189307da96f468ce2feb2e6201039b65],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [802bd20f94f6ad89ca50840c0df7c838],
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2613245926-3574014760-4208713533-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, En quarantaine, [bcef13cefa900333eb5f966d768dc53b],

Valeurs du registre: 7
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [189307da96f468ce2feb2e6201039b65]
PUP.Optional.MBot.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_fr_511, En quarantaine, [4665b52c3654d75f4c3e2206cf34f60a],
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_fr_223, En quarantaine, [73387e631d6d082e19a08a8ed231c937],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [802bd20f94f6ad89ca50840c0df7c838]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2613245926-3574014760-4208713533-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://istart.webssearches.com/web/?utm_source=b&utm_medium=exp&utm_campaign=install_ie&utm_content=ds&from=exp&uid=ST1000LM024XHN-M101MBB_S2RQJ9EC901760&ts=1423866663&type=default&q={searchTerms}, En quarantaine, [bcef13cefa900333eb5f966d768dc53b]
PUP.Optional.WinYahoo.A, HKU\S-1-5-21-2613245926-3574014760-4208713533-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|TopResultURLFallback, http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_clu_15_19¶m1=1¶m2=fEn quarantaineD4%26bEn quarantaineDIE%26ccEn quarantaineDfr%26paEn quarantaineDWincy%26cdEn quarantaineD2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAyCyCyBtC0CtDtBzy0CyDtN0D0Tzu0StCtBtByDtN1L2XzutAtFtCtDtFyDtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtD0CyC0AtAyB0CtG0EtDtBtCtGyByCtByBtG0AzztCyDtGyEzztAyE0FyByEtCtD0DtAyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDzytAyDyDtDtD0AtG0E0A0F0CtGyEyCtBzytG0AzytCyCtGtC0ByBzy0A0FtB0CtB0E0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyByEzy%26crEn quarantaineD425637686%26aEn quarantaineDwncy_clu_15_19%26osEn quarantaineDWindows 8&p={searchTerms}, [e3c84e9354367cba845ca3ea49bb9868], %5
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2613245926-3574014760-4208713533-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://istart.webssearches.com//favicon.ico, En quarantaine, [189381608a000f27b397d82b699aca36]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 2
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo\1.0.4.1, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],

Fichiers: 26
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Absolute Radio Live Scores\Absolute Radio Live Scores.exe, En quarantaine, [dfcc25bc5e2c96a07cf8df9b5aa74fb1],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\Ambient Aurea\Ambient Aurea.exe, En quarantaine, [97145a875832b97dcda72b4f10f15aa6],
PUP.Optional.Multiplug, C:\Program Files (x86)\LibraryEdit\LibraryEdit.dll, En quarantaine, [32796c756426e74fa52398e1ef12d927],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\FREE MP3 Search\FREE MP3 Search.exe, En quarantaine, [fab141a0cbbfb482cca8a5d5d22f847c],
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RPIQ2GI.exe, En quarantaine, [7d2eb52c7f0bd85e4dcf82e14eb70df3],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$R5JAL6A\ExstraSavaings.exe, En quarantaine, [1a910fd2e3a7999d3e3616649968966a],
PUP.Optional.MultiPlug, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RSK1UBK\PriceMMiNus.exe, En quarantaine, [8b20c021602a55e11d19f0a16e9314ec],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RUBQKRB\DiownSaave.exe, En quarantaine, [6a4136ab8cfe2511fe76e793c041ad53],
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RB2BMIJ\KkCtUW3CCW7F4y.dll, En quarantaine, [2d7ee6fba5e5cc6a8f8dd2eba55c4fb1],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RB2BMIJ\KkCtUW3CCW7F4y.exe, En quarantaine, [8b20b1302e5c1b1b660e25552fd2a55b],
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RB2BMIJ\KkCtUW3CCW7F4y.x64.dll, En quarantaine, [416aae3393f71125a6760db0e51c9f61],
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RMSYKHX\dexckieaSDow2A.dll, En quarantaine, [a00b8b563e4ca88eb26af9c48180cb35],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RMSYKHX\dexckieaSDow2A.exe, En quarantaine, [d2d99d44622892a4581c601acc35d62a],
PUP.Optional.MultiPlug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RMSYKHX\dexckieaSDow2A.x64.dll, En quarantaine, [9615d40d890124128696526bd42da35d],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$R3R5359\JJoniCooupoN.exe, En quarantaine, [b3f84e938406a294f3818cee738ed927],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RXUD3E2\eyeCare Protect your vision and health.exe, En quarantaine, [bdeeb22f008af145264e2852b44d649c],
PUP.Optional.Multiplug.A, C:\$Recycle.Bin\S-1-5-21-2613245926-3574014760-4208713533-1001\$RDM5TX7\HHaPPpy2Saavue.exe, En quarantaine, [a9029f42d0ba46f093e1b5c52cd51ce4],
PUP.Optional.WebTInst.A, C:\windows\System32\Drivers\MSFT_KERNEL_WEBTINST_01009.WDF, En quarantaine, [515af4ed0189f4420a27fd1044bf9a66],
PUP.Optional.ShoppingGate.A, C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\Local Storage\HTTPS_INST.SHOPPINGATE.INFO_0.LOCALSTORAGE, En quarantaine, [cbe012cf2b5f072f061e74c5808348b8],
PUP.Optional.ShoppingGate.A, C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\Local Storage\HTTPS_INST.SHOPPINGATE.INFO_0.LOCALSTORAGE-JOURNAL, En quarantaine, [7e2db42dc2c8e1552ef698a1b94a58a8],
PUP.Optional.ColorMedia.A, C:\windows\SysWOW64\COLORMEDIA.INI, En quarantaine, [b4f76d74addd340210b7b8c53dc738c8],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo\1.0.4.1\NESOOMDI.EXE.CONFIG, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo\1.0.4.1\sqlite3.dll, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo\1.0.4.1\time.dat, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo\1.0.4.1\trzAA70.tmp, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Vehroodlo\dat.dat, En quarantaine, [0d9e459cbdcd45f1d324bfd5ce360df3],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité