cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 10/08/2015
Heure de l'analyse: 00:45
Fichier journal: rapport Malwarebyte.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.09.05
Base de données de rootkits: v2015.08.06.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Famille Meyer

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 430715
Temps écoulé: 18 min, 2 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Analyse approfondie des rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 11
PUP.Optional.TweakBit.A, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, En quarantaine, [efda897dff8ce94d18469513c044d927],
PUP.Optional.TweakBit.A, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, En quarantaine, [cefb27df147745f118467d2b52b2a15f],
PUP.Optional.TweakBit.A, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, En quarantaine, [23a69b6b2a612d0965fb674133d1639d],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [22a722e4711a49ed1a5adccadd2739c7],
PUP.Optional.Feven.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Freeven pro 1.2, En quarantaine, [b019c5418308bd79260ae5653ec58c74],
PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.1, En quarantaine, [3a8f0ef8becddb5b851dd97d857e3cc4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD6E0701-119B-4BEB-8282-8987EFCB93D6}, En quarantaine, [f7d29076a0ebf73f2f91b8e9857f03fd],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C20DC6BD-5E66-482A-91F4-28B9ACACB475}, En quarantaine, [dfeaa0662d5ee056259ad8c910f4768a],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1001\SOFTWARE\SweetIM, En quarantaine, [6762b452e0ab3501c31479b3e12238c8],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1001\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, En quarantaine, [20a9c93d4546d95d1c866fc2d92a11ef],
PUP.Optional.Bandoo.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, En quarantaine, [8d3cbb4b24673ef83189515935cf3fc1],

Valeurs du registre: 5
PUP.Optional.StarterTV.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|stv_fr_4, En quarantaine, [cafff3138cff93a3e124d15ec53e718f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD6E0701-119B-4BEB-8282-8987EFCB93D6}|AppName, 58ca19a3-7453-414d-9a34-2a6d788be601-2.exe-codedownloader.exe, En quarantaine, [f7d29076a0ebf73f2f91b8e9857f03fd]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C20DC6BD-5E66-482A-91F4-28B9ACACB475}|AppName, 58ca19a3-7453-414d-9a34-2a6d788be601-2.exe-buttonutil.exe, En quarantaine, [dfeaa0662d5ee056259ad8c910f4768a]
PUP.Optional.Bandoo.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|FaviconPath, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, En quarantaine, [8d3cbb4b24673ef83189515935cf3fc1]
PUP.Optional.AdLyrics.A, HKU\S-1-5-21-138286456-3482806532-3217213568-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|addlyrics@addlyrics.net, C:\Program Files (x86)\AddLyrics\FF\, En quarantaine, [69609274dfacf5411fdc182206fd9868]

Données du registre: 2
PUP.Optional.DoSearches.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, http://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=WDCXWD15EARS-60MVWB0_WD-WCAZAA22801828018&ts=1384034651&type=default&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=WDCXWD15EARS-60MVWB0_WD-WCAZAA22801828018&ts=1384034651&type=default&q={searchTerms}),Remplacé,[dced82843e4d51e561ec42ff06ff5ba5]
PUP.Optional.DoSearches.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=WDCXWD15EARS-60MVWB0_WD-WCAZAA22801828018&ts=1384034651&type=default&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://search.dosearches.com/web/?utm_source=b&utm_medium=adks&utm_campaign=rg&utm_content=ds&from=adks&uid=WDCXWD15EARS-60MVWB0_WD-WCAZAA22801828018&ts=1384034651&type=default&q={searchTerms}),Remplacé,[3f8aa95dc5c63cfa69e4a29f4db89f61]

Dossiers: 1
PUP.Optional.MySpeedDial.A, C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pflphaooapbgpeakohlggbpidpppgdff, En quarantaine, [339653b32467d066651f4d9d8b776d93],

Fichiers: 8
PUP.Optional.SweetIM, C:\Users\Famille Meyer\AppData\Roaming\ZHP\Quarantine\88782.msi, En quarantaine, [93368b7b8704ee48aae7482ac5401fe1],
PUP.Optional.SweetIM, C:\Users\Famille Meyer\AppData\Roaming\ZHP\Quarantine\88788.msi, En quarantaine, [5277a0665734c86e8a07da980bfaa35d],
PUP.Optional.Bandoo, C:\Users\Famille Meyer\AppData\Roaming\ZHP\Quarantine\iLividSetup-r706-n-bc.exe, En quarantaine, [33969b6bcfbc0a2cd63c27c26f9129d7],
PUP.Optional.TweakBit.A, C:\Users\Famille Meyer\AppData\Roaming\ZHP\Quarantine\pc-cleaner-setup.exe, En quarantaine, [ac1de026a9e2171f810da3dcca3bd32d],
PUP.Optional.ExpressFind.SID.A, C:\Users\Famille Meyer\AppData\Roaming\ZHP\Quarantine\RHEng\CF335EF5107A4DC0B1B09613C41A445F\setup0318.exe, En quarantaine, [9d2ce4229deebe78fe8569177194936d],
PUP.Optional.Solimba, C:\Users\Rémy\Downloads\Setup (1).exe, En quarantaine, [d6f30bfb6427b97dfc264c9a08f8926e],
PUP.Optional.Solimba, C:\Users\Rémy\Downloads\Setup.exe, En quarantaine, [666344c2474411251a08f7effc048878],
PUP.Optional.Conduit.A, C:\Users\Rémy\Downloads\Setup_TSV41MRM0.exe, En quarantaine, [b31648beb3d82f07059a6ca5f60be818],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité