cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 31/08/2015
Heure de l'analyse: 11:43
Fichier journal: mbm.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.31.01
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: christine

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 384703
Temps écoulé: 23 min, 50 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 23
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, En quarantaine, [2439e926a2e93df916d2d2c815ede11f],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, En quarantaine, [2439e926a2e93df916d2d2c815ede11f],
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4CB3598A-82E8-4D1F-983F-061238AE696E}, En quarantaine, [2439e926a2e93df916d2d2c815ede11f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5867868A-E19A-4C3A-AA72-11C45BCA7041}, En quarantaine, [a8b533dcc1cae15570060484d92b43bd],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3A8DBC6-75AF-4DA3-B12A-88D0D028798C}, En quarantaine, [1a430a0590fb003697df34540ef66d93],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5867868A-E19A-4C3A-AA72-11C45BCA7041}, En quarantaine, [ca932ee14546e3535224097f0ef6c739],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3A8DBC6-75AF-4DA3-B12A-88D0D028798C}, En quarantaine, [c598be511972092da0d62d5b3fc53bc5],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{148BA547-C63D-4AA2-968A-B03A0E9E7D1C}, En quarantaine, [312cfd12d9b257df62f48404fc08ec14],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36B1FC5B-D4CE-4F9F-ACB4-CFD97BD37B34}, En quarantaine, [d8853cd3315a81b5e86dfd8ba65e5ea2],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CBC321B-9811-4359-869B-CC957E4CE86C}, En quarantaine, [65f82ee12269cb6bc491a4e47b892cd4],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5867868A-E19A-4C3A-AA72-11C45BCA7041}, En quarantaine, [124b907f672491a58fc598f0ed17f30d],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D41DAE2-7C5A-485B-9A83-ACA8CEF04A8C}, En quarantaine, [74e9759a236856e01343a6e242c229d7],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D941CFD-E8CC-407B-B2ED-CBD343C63D51}, En quarantaine, [ff5e9f70315ab581f36391f79f65e51b],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B7BDBBD-5175-47A6-9D92-4A3F522EEE93}, En quarantaine, [87d65bb4eba037ffec695a2e709443bd],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84A3CF2C-8F3B-47DE-A78A-1A272DBAA2DE}, En quarantaine, [c19cd7387c0f4fe782d3394f62a2c33d],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84F3C78F-B894-4AC9-A3CD-622322EF8B99}, En quarantaine, [104d040b53389d995501e5a3eb1936ca],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93070438-E0BB-41DE-8BEE-4F47F3CB8C2C}, En quarantaine, [f865d73887045ed8be975d2b16ee2ad6],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94FD1481-400E-48A9-825E-116798D0121C}, En quarantaine, [c796f11e404b47ef96c0c5c3cf35db25],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC3A96EC-B3EF-4237-871E-8932A0DAAB7A}, En quarantaine, [72ebcb44f398fe38e670f890719333cd],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3A8DBC6-75AF-4DA3-B12A-88D0D028798C}, En quarantaine, [de7f64ab0a815fd7e074662234d05fa1],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0248639-CE13-47C0-9290-A049A3F98FAB}, En quarantaine, [ff5eec23ef9ccd69bf97b6d2f70d02fe],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1E059E1-BAA6-472E-8715-1FD78AE565C3}, En quarantaine, [72eb719e2a61b2845cfa1771e81cfb05],
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D56D6BF2-9BAF-4DB9-B832-69C1D8534AD9}, En quarantaine, [fa6335daa3e82f0765f0a4e450b4e917],

Valeurs du registre: 21
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5867868a-e19a-4c3a-aa72-11c45bca7041}|AppName, BrowsersAppProPlus-v2.3-bg.exe, En quarantaine, [a8b533dcc1cae15570060484d92b43bd]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b3a8dbc6-75af-4da3-b12a-88d0d028798c}|AppName, VideoMedia+Player_v2.3-bg.exe, En quarantaine, [1a430a0590fb003697df34540ef66d93]
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, En quarantaine, [104d46c966255cda5e3d9bcd52b2d62a]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5867868a-e19a-4c3a-aa72-11c45bca7041}|AppName, BrowsersAppProPlus-v2.3-bg.exe, En quarantaine, [ca932ee14546e3535224097f0ef6c739]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b3a8dbc6-75af-4da3-b12a-88d0d028798c}|AppName, VideoMedia+Player_v2.3-bg.exe, En quarantaine, [c598be511972092da0d62d5b3fc53bc5]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{148ba547-c63d-4aa2-968a-b03a0e9e7d1c}|AppName, BrowsersAppProPlus-v2.3-codedownloader.exe, En quarantaine, [312cfd12d9b257df62f48404fc08ec14]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36B1FC5B-D4CE-4F9F-ACB4-CFD97BD37B34}|AppName, 2100ea77-d59e-4753-a709-7815c0a3ebaa-2.exe-buttonutil.exe, En quarantaine, [d8853cd3315a81b5e86dfd8ba65e5ea2]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CBC321B-9811-4359-869B-CC957E4CE86C}|AppName, 2100ea77-d59e-4753-a709-7815c0a3ebaa-2.exe-buttonutil.exe, En quarantaine, [65f82ee12269cb6bc491a4e47b892cd4]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5867868a-e19a-4c3a-aa72-11c45bca7041}|AppName, BrowsersAppProPlus-v2.3-bg.exe, En quarantaine, [124b907f672491a58fc598f0ed17f30d]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D41DAE2-7C5A-485B-9A83-ACA8CEF04A8C}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-codedownloader.exe, En quarantaine, [74e9759a236856e01343a6e242c229d7]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D941CFD-E8CC-407B-B2ED-CBD343C63D51}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-codedownloader.exe, En quarantaine, [ff5e9f70315ab581f36391f79f65e51b]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B7BDBBD-5175-47A6-9D92-4A3F522EEE93}|AppName, 2100ea77-d59e-4753-a709-7815c0a3ebaa-2.exe-buttonutil.exe, En quarantaine, [87d65bb4eba037ffec695a2e709443bd]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84A3CF2C-8F3B-47DE-A78A-1A272DBAA2DE}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-buttonutil.exe, En quarantaine, [c19cd7387c0f4fe782d3394f62a2c33d]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84f3c78f-b894-4ac9-a3cd-622322ef8b99}|AppName, VideoMedia+Player_v2.3-codedownloader.exe, En quarantaine, [104d040b53389d995501e5a3eb1936ca]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93070438-E0BB-41DE-8BEE-4F47F3CB8C2C}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-buttonutil.exe, En quarantaine, [f865d73887045ed8be975d2b16ee2ad6]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94FD1481-400E-48A9-825E-116798D0121C}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-codedownloader.exe, En quarantaine, [c796f11e404b47ef96c0c5c3cf35db25]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AC3A96EC-B3EF-4237-871E-8932A0DAAB7A}|AppName, 2100ea77-d59e-4753-a709-7815c0a3ebaa-2.exe-codedownloader.exe, En quarantaine, [72ebcb44f398fe38e670f890719333cd]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b3a8dbc6-75af-4da3-b12a-88d0d028798c}|AppName, VideoMedia+Player_v2.3-bg.exe, En quarantaine, [de7f64ab0a815fd7e074662234d05fa1]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0248639-CE13-47C0-9290-A049A3F98FAB}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-codedownloader.exe, En quarantaine, [ff5eec23ef9ccd69bf97b6d2f70d02fe]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1E059E1-BAA6-472E-8715-1FD78AE565C3}|AppName, 2100ea77-d59e-4753-a709-7815c0a3ebaa-2.exe-codedownloader.exe, En quarantaine, [72eb719e2a61b2845cfa1771e81cfb05]
PUP.Optional.CrossRider, HKU\S-1-5-21-107487315-745052283-3295764956-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D56D6BF2-9BAF-4DB9-B832-69C1D8534AD9}|AppName, f34b8ed5-6a25-40b4-b7a2-4ebd1832e406-2.exe-buttonutil.exe, En quarantaine, [fa6335daa3e82f0765f0a4e450b4e917]

Données du registre: 1
PUP.Optional.AppInitDll, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Bon : (), Mauvais : (C:/PROGRA~3/{67208~1/171~1.0/nina.dll), Remplacé,[6fee907fe5a677bf0792f684d331a35d]

Dossiers: 1
PUP.Optional.AppInitDll, C:\ProgramData\{67208FE3-37A2-5E65-8624-2EE756A6FD69}\1.7.1.0, En quarantaine, [6fee907fe5a677bf0792f684d331a35d],

Fichiers: 9
PUP.Optional.InstallCore, C:\Program Files (x86)\03bca67f-9ffc-4724-9a88-541690363f76\21468045-d692-4091-a286-1c48d662db23.dll, En quarantaine, [b9a4c54a206b4de97157efa318eda858],
PUP.Optional.InstallCore, C:\Program Files (x86)\80c85c98-9275-4ead-872c-394ad7936276\4abbdc4c-c662-4b2e-a22b-18f9d4e63adf.dll, En quarantaine, [2c315fb04546ac8a0eba464ca263c937],
PUP.Optional.InstallCore, C:\Program Files (x86)\80c85c98-9275-4ead-872c-394ad7936276\80c85c98-9275-4ead-872c-394ad7936276.dll, En quarantaine, [352836d99bf066d0d6f23161c73ef30d],
PUP.Optional.InstallCore, C:\Program Files (x86)\AGEIA Technologies\03bca67f-9ffc-4724-9a88-541690363f76.dll, En quarantaine, [114cc8477516989e5474880a8a7bdb25],
PUP.Optional.MindSpark, C:\Users\christine\Downloads\EliteUnzipSetup.EliteUnzip_aa.ffjcmnpnoopgilmnfhloocdcbnimmmea.ch.exe, En quarantaine, [3e1f5ab51e6d9d99bd41870b0302e21e],
PUP.Optional.InstallCore, C:\Users\christine\Downloads\PdfReaderSetup.exe, En quarantaine, [4e0ff817335800368fc4636fe71aad53],
PUP.Optional.AppInitDll, C:\ProgramData\{67208FE3-37A2-5E65-8624-2EE756A6FD69}\1.7.1.0\nina.dll, En quarantaine, [6fee907fe5a677bf0792f684d331a35d],
PUP.Optional.AppInitDll, C:\ProgramData\{67208FE3-37A2-5E65-8624-2EE756A6FD69}\1.7.1.0\dExtent, En quarantaine, [6fee907fe5a677bf0792f684d331a35d],
PUP.Optional.AppInitDll, C:\ProgramData\{67208FE3-37A2-5E65-8624-2EE756A6FD69}\1.7.1.0\extent, En quarantaine, [6fee907fe5a677bf0792f684d331a35d],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité