cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 01/08/2015
Heure de l'analyse: 09:01
Fichier journal: journal d'analyse.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.31.07
Base de données de rootkits: v2015.07.30.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: kelen

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 333644
Temps écoulé: 4 min, 54 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 3
Adware.ConvertAd, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\hnsuE463.tmp, 2256, Supprimer au redémarrage, [ef640bddd9b11a1c2f77dfea09f80cf4]
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\hnsuE463.tmp, 2256, Supprimer au redémarrage, [c48fb533e5a5a690ee386144b84c03fd]
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\knsnCD60.tmp, 2608, Supprimer au redémarrage, [c48fb533e5a5a690ee386144b84c03fd]

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 25
Adware.ConvertAd, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu, En quarantaine, [ef640bddd9b11a1c2f77dfea09f80cf4],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1F91A9A1-01BA-4c81-863D-3BA0751E1419}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}, En quarantaine, [d1827771bdcd3ef87752fe8b17eb6a96],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu, En quarantaine, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\sucyjexi, En quarantaine, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.StormWarnings.C, HKLM\SOFTWARE\CLASSES\APPID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}, En quarantaine, [d38026c2e8a28caac276b3efa55f1fe1],
PUP.Optional.StormWarnings.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}, En quarantaine, [66ed7573e9a14beba39500a2f1133ec2],
PUP.Optional.ProPCCleaner.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\ProPCCleaner.exe, En quarantaine, [0c474a9ec0ca0135c572079d4eb647b9],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [e271a840bfcb47ef76315747df2521df],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [f36085630f7baf87cb9d5bb8ba498878],
PUP.Optional.StormWarnings.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4D6A5312-AB4D-41AA-8BED-0E019B87CA11}, En quarantaine, [32218f599bef63d36fc94a58a95b24dc],
PUP.Optional.ProPCCleaner.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\ProPCCleaner.exe, En quarantaine, [193a17d14842f343ba7db8ec0df73bc5],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [afa442a6fc8e8babf4b30c9246be758b],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, En quarantaine, [153e945451396ec812610f8a59ab7090],
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{33E82A0F-4AF3-4EA3-90B3-2373520DD316}, En quarantaine, [282bcf197614bc7a7c75a7fe758f23dd],
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{33E82A0F-4AF3-4EA3-90B3-2373520DD316}, En quarantaine, [6be85296602af046dc153471b252ee12],
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{33E82A0F-4AF3-4EA3-90B3-2373520DD316}, En quarantaine, [94bf4a9e573332044ba66342927242be],
PUP.Optional.Shopperz.A, HKU\S-1-5-21-2539862860-2067857061-2819456287-1001\SOFTWARE\{33E82A0F-4AF3-4EA3-90B3-2373520DD316}, En quarantaine, [c88b6b7d55351e18a0513174b54fee12],

Valeurs du registre: 8
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [e271a840bfcb47ef76315747df2521df]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [afa442a6fc8e8babf4b30c9246be758b]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\comyninu|ImagePath, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\hnsuE463.tmp, En quarantaine, [de751ecac6c4b482c80bb5dfe71db24e]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\sucyjexi|ImagePath, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\knsnCD60.tmp, En quarantaine, [30231ace454561d509ca464eed1726da]
PUP.Optional.Shopperz.A, HKU\S-1-5-18\SOFTWARE\{33e82a0f-4af3-4ea3-90b3-2373520dd316}|Name, C:\Program Files\shopperz29072015\Dyrcb.exe, En quarantaine, [282bcf197614bc7a7c75a7fe758f23dd]
PUP.Optional.Shopperz.A, HKU\S-1-5-19\SOFTWARE\{33e82a0f-4af3-4ea3-90b3-2373520dd316}|Name, C:\Program Files\shopperz29072015\Dyrcb.exe, En quarantaine, [6be85296602af046dc153471b252ee12]
PUP.Optional.Shopperz.A, HKU\S-1-5-20\SOFTWARE\{33e82a0f-4af3-4ea3-90b3-2373520dd316}|Name, C:\Program Files\shopperz29072015\Dyrcb.exe, En quarantaine, [94bf4a9e573332044ba66342927242be]
PUP.Optional.Shopperz.A, HKU\S-1-5-21-2539862860-2067857061-2819456287-1001\SOFTWARE\{33e82a0f-4af3-4ea3-90b3-2373520dd316}|Name, C:\Program Files\shopperz29072015\Dyrcb.exe, En quarantaine, [c88b6b7d55351e18a0513174b54fee12]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 5
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D, Supprimer au redémarrage, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.StormWarnings.A, C:\Users\kelen\AppData\Local\Storm_Warnings,_LLC, En quarantaine, [1a39db0d3456b284cc372cdf4ab99070],
PUP.Optional.StormWarnings.A, C:\Users\kelen\AppData\Local\Storm_Warnings,_LLC\StormWarnings.exe_Url_2zvejoa4zdtwpfuyski55c1q0bfhkb3y, En quarantaine, [1a39db0d3456b284cc372cdf4ab99070],
PUP.Optional.StormWarnings.A, C:\Users\kelen\AppData\Local\Storm_Warnings,_LLC\StormWarnings.exe_Url_2zvejoa4zdtwpfuyski55c1q0bfhkb3y\1.0.0.0, En quarantaine, [1a39db0d3456b284cc372cdf4ab99070],

Fichiers: 47
Adware.ConvertAd, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\hnsuE463.tmp, Supprimer au redémarrage, [ef640bddd9b11a1c2f77dfea09f80cf4],
PUP.Optional.WProtectManager.A, C:\ProgramData\1WinManPro1\ProtectWindowsManager.exe, En quarantaine, [302338b0d0baf1455a1f93e4ef16ff01],
PUP.Optional.WProtectManager.A, C:\ProgramData\6WinManPro6\ProtectWindowsManager.exe, En quarantaine, [0152c52351393cfaf089df98f80de917],
PUP.Optional.WProtectManager.A, C:\ProgramData\JWinManProJ\ProtectWindowsManager.exe, En quarantaine, [b0a34a9e7911fd39e297b1c647be9868],
PUP.Optional.SoftwareUpdate.A, C:\Users\kelen\AppData\Roaming\ZHP\Quarantine\nsqA001.tmp, En quarantaine, [da799a4eff8b0d29e98bdb72ec157f81],
PUP.Optional.WordSurfer.A, C:\Users\kelen\AppData\Roaming\ZHP\Quarantine\wsafd_1_10_0_19.sys, Supprimer au redémarrage, [4f04895f43471620c82be39461a4936d],
PUP.Optional.SmartWeb.A, C:\Users\kelen\AppData\Roaming\ZHP\Quarantine\SmartWeb\__u.exe, En quarantaine, [094af2f694f671c510bfb2a03fc2659b],
PUP.Optional.SoftwareUpdate.A, C:\Users\kelen\AppData\Roaming\ZHP\Quarantine\Software\Update\SoftwareUpdate.exe, En quarantaine, [12416d7bdeac5cdafc7856f7fa076898],
Adware.ConvertAd, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\rnswB677.exe, En quarantaine, [143fc7214b3f2a0c82264584c53c4eb2],
PUP.Optional.MultiPlug, C:\Program Files (x86)\Bitly Unleash the power of the link\Bitly Unleash the power of the link.exe, En quarantaine, [7ed55e8a98f2a09618e5bad8e71a18e8],
PUP.Optional.Installcore, C:\Program Files (x86)\Windows Loader\Windows7Loader__8172_il288101.exe, En quarantaine, [cd860cdc86044aecf8f91a5d06ff48b8],
Trojan.Agent, C:\Program Files (x86)\Windows Loader\WindowsLoader.exe, En quarantaine, [b69d03e559315cdad80a3fe83cc9f30d],
PUP.Optional.Crossbrowse.C, C:\Users\kelen\AppData\Local\Temp\381.exe, En quarantaine, [d97a8f59eaa0bd79b9ffb9e46d9408f8],
PUP.Optional.TriangleTrail.A, C:\Users\kelen\AppData\Local\Temp\setup.exe, En quarantaine, [2f24ae3a107a57df2b69294e23e28b75],
PUP.Optional.StormWarnings.A, C:\Users\kelen\AppData\Local\Temp\setup_608.exe, En quarantaine, [3e15ae3af793cb6b13d44f269c6912ee],
PUP.Optional.Somoto, C:\Users\kelen\AppData\Local\Temp\bitool.dll, En quarantaine, [312224c41a7075c10b25924906fba55b],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\kelen\AppData\Local\Temp\nsu8E90.tmp, En quarantaine, [341f5c8cb3d7de58b9e8b0c457ae2ad6],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\kelen\AppData\Local\Temp\nsd655D.tmp, En quarantaine, [1d369b4d02882412f9a8df95cf3614ec],
PUP.Optional.Somoto.C, C:\Users\kelen\AppData\Local\Temp\nsg33A0.tmp, En quarantaine, [f75ca64271197eb8a7b9dc9ba16440c0],
PUP.Optional.OfferInstaller.C, C:\Users\kelen\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe, En quarantaine, [a7ac6286beccc67060f00d778d74ec14],
PUP.Optional.CheckOffer, C:\Users\kelen\AppData\Local\Temp\nss5137.tmp\nsCBHTML5.dll, En quarantaine, [4a099058a8e25cda6b345552dc25af51],
PUP.Optional.Tuto4PC.A, C:\Users\kelen\AppData\Local\Temp\is-J5BF3.tmp\gentlemjmp_ieu.exe, En quarantaine, [2330dc0ca8e2f046fc688aec7194ad53],
PUP.Optional.CheckOffer, C:\Users\kelen\AppData\Local\Temp\nse71D3.tmp\nsCBHTML5.dll, En quarantaine, [153e52963357e84e3669693e728fde22],
PUP.Optional.WProtectManager.A, C:\Users\kelen\AppData\Local\Temp\xmii1872921\tmp\wpm_v20.0.0.2294.exe, En quarantaine, [3b189e4a7a10a096b4c5344322e3b54b],
PUP.Optional.XTab.A, C:\Users\kelen\AppData\Local\Temp\xmii1872921\tmp\XTab_Setup(2702).exe, En quarantaine, [cd86aa3eee9c01350c18e37ae31e1be5],
PUP.Optional.Amonetize, C:\Users\kelen\Downloads\Windows Loader 2.4.exe (1).zip, En quarantaine, [480be503870386b0f65cedbaec158f71],
PUP.Optional.Amonetize, C:\Users\kelen\Downloads\Windows Loader 2.4.exe.zip, En quarantaine, [3f140ade4644ea4cde74a502f011768a],
PUP.Optional.AnyProtect, C:\Users\kelen\AppData\Local\nse794C.tmp, En quarantaine, [2231d8102664f343e47e5a277191af51],
PUP.Optional.AnyProtect, C:\Users\kelen\AppData\Local\nsmD072.tmp, En quarantaine, [f65d6880dab0d165b3aff48d9d6515eb],
Adware.ConvertAd, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\onsn2AE5.tmp, En quarantaine, [aca704e497f33ef8b31bd9f0000113ed],
Trojan.Agent, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\pnsn2AE6.exe, En quarantaine, [272c33b5ec9ec571221ea590986db14f],
Adware.ConvertAd, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\rnsn2AE4.exe, En quarantaine, [be95b632d8b279bd8127ddec19e809f7],
Trojan.Agent, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\snsn2AE3.tmp, En quarantaine, [cb88e503dfab241240717f4ae51c24dc],
Trojan.Agent, C:\Users\kelen\AppData\Local\Configurationautomatique\trz4363.tmp, En quarantaine, [6ee571779eec5adc7d02a9e022e04db3],
Trojan.Agent, C:\Users\kelen\AppData\Local\Temp\oprun10609.exe, En quarantaine, [6be8e008acde251192c6f7bb60a305fb],
Trojan.Agent, C:\Users\kelen\AppData\Local\Temp\oprun3501.exe, En quarantaine, [e66d0bdde8a27cba77e15d55877cc63a],
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\onsn2AE5.tmp, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\FF44.tmp, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\pnsn2AE6.exe, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\rnsn2AE4.exe, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\snsn2AE3.tmp, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Users\kelen\AppData\Local\00000000-1438274456-0000-0000-448A5BD7F66D\Uninstall.exe, En quarantaine, [6fe46484cebc3501fb451d7906fed22e],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\hnsuE463.tmp, Supprimer au redémarrage, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\knsnCD60.tmp, Supprimer au redémarrage, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\rnswB677.exe, En quarantaine, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\00000000-1438267217-0000-0000-448A5BD7F66D\Uninstall.exe, En quarantaine, [c48fb533e5a5a690ee386144b84c03fd],
PUP.Optional.StormWarnings.A, C:\Users\kelen\AppData\Local\Storm_Warnings,_LLC\StormWarnings.exe_Url_2zvejoa4zdtwpfuyski55c1q0bfhkb3y\1.0.0.0\user.config, En quarantaine, [1a39db0d3456b284cc372cdf4ab99070],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité