cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 09/08/2015
Heure de l'analyse: 14:01
Fichier journal: Malwarebytes.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.09.03
Base de données de rootkits: v2015.08.06.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: TRISTAUREL

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 354293
Temps écoulé: 34 min, 56 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 14
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, En quarantaine, [4384a85e27648fa7343a385730d132ce],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, En quarantaine, [4384a85e27648fa7343a385730d132ce],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A05A2BA4-3F75-4138-9540-8B81217372B1}, En quarantaine, [b413e22449425dd9a2f1376aa361ba46],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C2E5BE-5A15-4D62-B13B-0D76BAFFDFD7}, En quarantaine, [be09f90d771484b294fda6fb56aefc04],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A05A2BA4-3F75-4138-9540-8B81217372B1}, En quarantaine, [cdfadd290685033395fe1889c53fea16],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C2E5BE-5A15-4D62-B13B-0D76BAFFDFD7}, En quarantaine, [5d6aaf57b5d62e082071c8d919ebfd03],
PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\HD+v2.1, En quarantaine, [33941aec3853171f983f3dfdc93a15eb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{254128B5-4087-4660-BE80-122C12CFB129}, En quarantaine, [0abd9a6c7d0eaa8cf59a247dc83cc13f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47D8838C-5A75-4647-8935-CF72EAFBFE14}, En quarantaine, [19ae76901e6d64d2216f257c1aeacf31],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96C6CD7C-B941-4368-A890-99C8DEF3D4FA}, En quarantaine, [ae194fb7ddae55e19cf3683974908878],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A05A2BA4-3F75-4138-9540-8B81217372B1}, En quarantaine, [e7e09076583375c1bdd3039e798b0af6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0BB90CA-A06A-4209-8A2E-83E2B1BEF110}, En quarantaine, [ecdba85e8cff90a617789a0761a37789],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD991620-71DF-47D6-B1EA-5528923B39A7}, En quarantaine, [d3f442c4d8b30e286629366b0400c53b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F8C2E5BE-5A15-4D62-B13B-0D76BAFFDFD7}, En quarantaine, [3b8ca561bbd0a195503ef2af7c8856aa],

Valeurs du registre: 11
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a05a2ba4-3f75-4138-9540-8b81217372b1}|AppName, HD+v2.1-codedownloader.exe, En quarantaine, [b413e22449425dd9a2f1376aa361ba46]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f8c2e5be-5a15-4d62-b13b-0d76baffdfd7}|AppName, HD+v2.1-bg.exe, En quarantaine, [be09f90d771484b294fda6fb56aefc04]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a05a2ba4-3f75-4138-9540-8b81217372b1}|AppName, HD+v2.1-codedownloader.exe, En quarantaine, [cdfadd290685033395fe1889c53fea16]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f8c2e5be-5a15-4d62-b13b-0d76baffdfd7}|AppName, HD+v2.1-bg.exe, En quarantaine, [5d6aaf57b5d62e082071c8d919ebfd03]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{254128B5-4087-4660-BE80-122C12CFB129}|AppName, 3204c9d7-97c9-4ce3-9df5-ccaa6aad5832-2.exe-buttonutil.exe, En quarantaine, [0abd9a6c7d0eaa8cf59a247dc83cc13f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47D8838C-5A75-4647-8935-CF72EAFBFE14}|AppName, 3204c9d7-97c9-4ce3-9df5-ccaa6aad5832-2.exe-codedownloader.exe, En quarantaine, [19ae76901e6d64d2216f257c1aeacf31]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{96C6CD7C-B941-4368-A890-99C8DEF3D4FA}|AppName, 3204c9d7-97c9-4ce3-9df5-ccaa6aad5832-2.exe-buttonutil.exe, En quarantaine, [ae194fb7ddae55e19cf3683974908878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a05a2ba4-3f75-4138-9540-8b81217372b1}|AppName, HD+v2.1-codedownloader.exe, En quarantaine, [e7e09076583375c1bdd3039e798b0af6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0BB90CA-A06A-4209-8A2E-83E2B1BEF110}|AppName, 3204c9d7-97c9-4ce3-9df5-ccaa6aad5832-2.exe-buttonutil.exe, En quarantaine, [ecdba85e8cff90a617789a0761a37789]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD991620-71DF-47D6-B1EA-5528923B39A7}|AppName, 3204c9d7-97c9-4ce3-9df5-ccaa6aad5832-2.exe-buttonutil.exe, En quarantaine, [d3f442c4d8b30e286629366b0400c53b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2291225735-2820333181-2339395893-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f8c2e5be-5a15-4d62-b13b-0d76baffdfd7}|AppName, HD+v2.1-bg.exe, En quarantaine, [3b8ca561bbd0a195503ef2af7c8856aa]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 18
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\GoogleCrashHandler.exe, En quarantaine, [3097e422b5d639fd9dd1fe91926ff40c],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\GoogleUpdate.exe, En quarantaine, [4384a85e27648fa7343a385730d132ce],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\GoogleUpdateBroker.exe, En quarantaine, [2e99020466254de91b53553a25dc649c],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\GoogleUpdateOnDemand.exe, En quarantaine, [c601d036800be056c6a8fc93cf32c23e],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\goopdate.dll, En quarantaine, [b80f4abc98f37bbbff6f751ad22ffb05],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, En quarantaine, [fccbf313563565d1640af19e24dd50b0],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\psuser.dll, En quarantaine, [695e40c6becd89adec82266942bfdc24],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\psmachine.dll, En quarantaine, [e5e231d5e6a59a9c5d1192fd778a5da3],
PUP.Optional.ModGoog, C:\Users\TRISTAUREL\AppData\Roaming\ZHP\Quarantine\npGoogleUpdate4.dll, En quarantaine, [facdf511b3d843f36b03d4bb748d11ef],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$RB59EBZ.tmp, En quarantaine, [4d7a28de187346f0644552dc4db426da],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$RWXPWW1.exe, En quarantaine, [5572cd39a1eaa2948f1acf5f4ab7eb15],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$RUDIQ54.exe, En quarantaine, [3a8d4fb76d1e0036893356a107f98c74],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$R2HQYXK.exe, En quarantaine, [01c65aaceba058de3ad060ca956cbc44],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$R3U2DBA.exe, En quarantaine, [893e42c4becded495caea783946da35d],
PUP.Optional.SearchProtect.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$R5DW29X.exe, En quarantaine, [794e4cbab0db6fc7c8943cede819b848],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$RXL7IOH.exe, En quarantaine, [606759ad79121e1833d775b5ed14fb05],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$RGPA7KI.exe, En quarantaine, [0fb831d5800b59dd27e3cf5b6f927a86],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-2291225735-2820333181-2339395893-1000\$RFDQPYC.exe, En quarantaine, [8740cb3bd2b953e39674ca608b76fd03],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité