cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 01/08/2015
Heure de l'analyse: 20:23
Fichier journal: Mbam.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.01.06
Base de données de rootkits: v2015.07.30.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Tom

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 409114
Temps écoulé: 17 min, 27 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 3
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\OVBYxGoZApD\bSKyhKVgTxh.exe, 6684, Supprimer au redémarrage, [2c7edd2676155bdb474b31480df401ff]
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1\xibnuumb.exe, 6876, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967]
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1\xibnuumb.exe, 6224, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967]

Modules: 1
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1\sqlite3.dll, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967],

Clés du registre: 12
PUP.Optional.BreakingNewsAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bSKyhKVgTxh, En quarantaine, [2c7edd2676155bdb474b31480df401ff],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051e9166-b275-4683-907b-372fae22bc7c}, En quarantaine, [6a401ee5296213236dc398fbb64c7e82],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, En quarantaine, [6a401ee5296213236dc398fbb64c7e82],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, En quarantaine, [3674bb4873182a0c13051b763ec3f40c],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, En quarantaine, [3674bb4873182a0c13051b763ec3f40c],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, En quarantaine, [adfd1be8d9b286b036d69609679dd52b],
PUP.Optional.LightsCinema.A, HKLM\SOFTWARE\WOW6432NODE\Lights Cinema 1.3betaV16.04, En quarantaine, [34764bb8c8c389ad6f895bbfdd266997],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [139755ae4b4083b399340f0455aee41c],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, En quarantaine, [8f1b877c068591a5a06cf0af2ada8b75],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [5c4e4cb782092a0c708d8b15cd37e61a],
PUP.Optional.LightsCinema.A, HKU\S-1-5-21-1720858369-802330299-3260132383-1002\SOFTWARE\Lights Cinema 1.3betaV16.04, En quarantaine, [6d3db64d9eedf93d43b631e96a992dd3],
PUP.Optional.LightsCinema.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Lights Cinema 1.3betaV16.04, En quarantaine, [6f3bc340fa911323beb5c442dd2615eb],

Valeurs du registre: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [adfd1be8d9b286b036d69609679dd52b]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, En quarantaine, [8f1b877c068591a5a06cf0af2ada8b75]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 9
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, En quarantaine, [892101025a31f34361a1e92c72917888],
PUP.Optional.BreakingNewsAlert.A, C:\Users\Tom\AppData\Local\BreakingNewsAlert, En quarantaine, [3476c63da6e5f93d20f370bbbf4414ec],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967],
PUP.Optional.PullUpdate.A, C:\ProgramData\Radio, En quarantaine, [961405fe05868da9eb78267ea0649f61],
PUP.Optional.GlobalUpdate.A, C:\Users\Tom\AppData\Local\Temp\comh.111861, En quarantaine, [f5b5f310d0bbc76f8a9a07e862a0c13f],
PUP.Optional.LightsCinema.A, C:\Program Files (x86)\Lights Cinema 1.3betaV16.04, En quarantaine, [6f3bc340fa911323beb5c442dd2615eb],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\dat, Supprimer au redémarrage, [cfdb47bc53388da910e884f5976ef50b],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD, Supprimer au redémarrage, [cfdb47bc53388da910e884f5976ef50b],

Fichiers: 51
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\OVBYxGoZApD\bSKyhKVgTxh.exe, Supprimer au redémarrage, [2c7edd2676155bdb474b31480df401ff],
PUP.Optional.PullUpdate.A, C:\ProgramData\Browser\prompt.exe, En quarantaine, [cae0e3208ffc57df47d1744a05fc7c84],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\OVBYxGoZApD\dat\gnsoBqqo.dll, Supprimer au redémarrage, [b9f19b68f19ad3637810db477b8a768a],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\OVBYxGoZApD\dat\ixKjnO.exe, Supprimer au redémarrage, [7832f2118ffcd5611a787aff2fd244bc],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\dat\VtwVAO.dll, Supprimer au redémarrage, [109a5ca7612a56e0fe6b9ed9f60f9e62],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\OVBYxGoZApD\dat\WzpNxsAT.exe, Supprimer au redémarrage, [4e5c956ebecd15218c060673a45d6c94],
PUP.Optional.PullUpdate.A, C:\ProgramData\Radio\prompt.exe, En quarantaine, [a20821e2d0bb5fd7a4742c92966b837d],
PUP.Optional.WProtectManager.A, C:\ProgramData\iWinManProi\ProtectWindowsManager.exe, En quarantaine, [5357db287c0f77bf9983b2c6fd0803fd],
PUP.Optional.CrossRider, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\71c10903-4582-45ba-8c98-c068a8f51764-10.exe, En quarantaine, [b2f80af9365533030682672519e816ea],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\GoogleCrashHandler.exe, En quarantaine, [436705fe1279b6803ddbf0a129d832ce],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\GoogleUpdate.exe, En quarantaine, [3674bb4873182a0c13051b763ec3f40c],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\GoogleUpdateBroker.exe, En quarantaine, [3f6b22e19fecf5411503eea37f827f81],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\GoogleUpdateOnDemand.exe, En quarantaine, [d0daa360fb901c1adf397c1553ae3cc4],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\goopdate.dll, En quarantaine, [b4f653b0b0dba88e9d7b6a27629ffb05],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, En quarantaine, [9d0d26dd92f973c35eba731e20e146ba],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\psmachine.dll, En quarantaine, [4a6004ffa8e39b9b4ccca9e8669bff01],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\psuser.dll, En quarantaine, [1d8dcd368308e74fa5739af7d72a26da],
PUP.Optional.ModGoog, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\npGoogleUpdate4.dll, En quarantaine, [abffe1228407300673a55e33b64be818],
PUP.optional.OptimizerPro.A, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\optprosetup.exe, En quarantaine, [9317867deaa19a9cbd7b734cbd448977],
Trojan.MSIL.Dropper, C:\Users\Tom\AppData\Roaming\ZHP\Quarantine\SpaceSondPro_v55.1105\SpaceSondPro_Service.exe, En quarantaine, [12989e658902ef4720ad2e9602ff867a],
PUP.Optional.CrossRider, C:\Program Files (x86)\Lights Cinema 1.3betaV16.04\UninstallBrw.exe, En quarantaine, [387223e0553610263f49098346bb18e8],
PUP.Optional.OfferInstaller.C, C:\Users\Tom\AppData\Local\Temp\sdf7B39.exe, En quarantaine, [53578083e2a901359bccc5bf6e9306fa],
PUP.Optional.OutBrowse, C:\Users\Tom\AppData\Local\Temp\echcabfbcabbf.exe, En quarantaine, [9f0b16ed93f8c175e309cefbe21f34cc],
PUP.Optional.OutBrowse, C:\Users\Tom\AppData\Local\Temp\echcabfbcabgg.exe, En quarantaine, [1b8fe91a642758de618bb41555ac8a76],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Tom\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe, En quarantaine, [e7c38f74dab1290d616cd5a02dd8da26],
PUP.Optional.OptimizerPro, C:\Users\Tom\AppData\Local\Temp\app0468\Of_FR-I3-OptimizerPro_chk_0_237.exe, En quarantaine, [02a8bb488dfec472b533bad03ac72ad6],
PUP.Optional.Wajam.A, C:\Users\Tom\AppData\Local\Temp\app0468\Of_FR-I3-Wajam_chk_0_245.exe, En quarantaine, [4f5ba85b65262d09e21f4b2c29dc6c94],
PUP.Optional.CrossRider, C:\Users\Tom\AppData\Local\Temp\app8192\Of_FR-I3-CinemaPlus_chk_0_340.exe, En quarantaine, [c4e6da29711a83b37707fd455da4718f],
PUP.Optional.APNToolBar.A, C:\Users\Tom\AppData\Local\Temp\nsr923.tmp-2\APN_ATU3_.exe, En quarantaine, [1e8c54af1378af87bc22792ff60bdb25],
PUP.Optional.CrossRider.A, C:\Users\Tom\AppData\Local\Temp\nswAA91.tmp\Okwlvjmrnti.exe, En quarantaine, [3c6eeb18840751e503f2a6b1a1601ce4],
PUP.Optional.MyBestOffersToday.A, C:\Users\Tom\AppData\Local\Temp\is-5FEU7.tmp\gentlemjmp_ieu.exe, En quarantaine, [b4f61de6513a13237a5166eaeb16827e],
PUP.Optional.MyBestOffersToday.A, C:\Users\Tom\AppData\Local\Temp\is-JL13J.tmp\gentlemjmp_ieu.exe, En quarantaine, [1694a75ce4a776c086459bb58a77a35d],
PUP.Optional.Bundle, C:\Users\Tom\Downloads\atube-catcher.exe, En quarantaine, [1397d92ab7d46ec88c016b45bb46e11f],
PUP.Optional.APNToolBar.A, C:\Users\Tom\Downloads\aTube_Catcher_Setup [1].exe, En quarantaine, [a00abb488a0122141ec06e3ab34e6a96],
PUP.Optional.InstallCore.A, C:\Users\Tom\Downloads\ccleaner_5-02_fr_14492.exe, En quarantaine, [5c4ea55e365525116b97dfcd34cd0ef2],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, En quarantaine, [892101025a31f34361a1e92c72917888],
PUP.Optional.BreakingNewsAlert.A, C:\Users\Tom\AppData\Local\BreakingNewsAlert\data2.dat, En quarantaine, [3476c63da6e5f93d20f370bbbf4414ec],
PUP.Optional.Browser.A, C:\ProgramData\Browser\prompt.exe.config, En quarantaine, [b7f308fbcbc043f355a5f1a68e76f010],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1\xibnuumb.exe.config, En quarantaine, [0f9b2ad9ddaed75f24ba396a6c989967],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1\sqlite3.dll, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\1.0.4.1\xibnuumb.exe, Supprimer au redémarrage, [0f9b2ad9ddaed75f24ba396a6c989967],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Dlumsogi\dat.dat, En quarantaine, [0f9b2ad9ddaed75f24ba396a6c989967],
PUP.Optional.PullUpdate.A, C:\ProgramData\Radio\prompt.exe.config, En quarantaine, [961405fe05868da9eb78267ea0649f61],
PUP.Optional.GlobalUpdate.A, C:\Users\Tom\AppData\Local\Temp\comh.111861\GoogleUpdateHelper.msi, En quarantaine, [f5b5f310d0bbc76f8a9a07e862a0c13f],
PUP.Optional.LightsCinema.A, C:\Program Files (x86)\Lights Cinema 1.3betaV16.04\b17f3eec-639d-4479-b8d4-ce60e7d0c9cc.crx, En quarantaine, [6f3bc340fa911323beb5c442dd2615eb],
PUP.Optional.LightsCinema.A, C:\Program Files (x86)\Lights Cinema 1.3betaV16.04\Uninstall.exe, En quarantaine, [6f3bc340fa911323beb5c442dd2615eb],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\dat\ixKjnO.exe.config, Supprimer au redémarrage, [cfdb47bc53388da910e884f5976ef50b],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\dat\WzpNxsAT.exe.config, Supprimer au redémarrage, [cfdb47bc53388da910e884f5976ef50b],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\bSKyhKVgTxh.dat, Supprimer au redémarrage, [cfdb47bc53388da910e884f5976ef50b],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\bSKyhKVgTxh.exe.config, En quarantaine, [cfdb47bc53388da910e884f5976ef50b],
PUP.Optional.PullUpdate.A, C:\ProgramData\OVBYxGoZApD\info.dat, Supprimer au redémarrage, [cfdb47bc53388da910e884f5976ef50b],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité