cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 10/08/2015
Heure de l'analyse: 16:29
Fichier journal: Scan mbam.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.10.04
Base de données de rootkits: v2015.08.06.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Morgan

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 367438
Temps écoulé: 18 min, 31 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 4
PUP.Optional.Binkiland.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Binkiland fica, Supprimer au redémarrage, [2b01fd0a8a011d19881711043dc67987],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E58CDA9-3B21-4611-A859-26EE28950E61}, En quarantaine, [b57777908efd74c28cdbdfc125df31cf],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6874FADE-02C8-4181-831A-FC7486CF1D74}, En quarantaine, [092396719dee8caa6205b8e8d82cee12],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6C5561B6-3DD2-46B5-83BE-EAE744366046}, En quarantaine, [e943c93ed9b20135a3c46e3274908f71],

Valeurs du registre: 7
PUP.Optional.Mindspark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Allin1Convert Home Page Guard 64 bit, "C:\PROGRA~2\ALLIN1~2\bar\1.bin\AppIntegrator64.exe", En quarantaine, [40ecc7407d0eeb4b33c30e712dd7bc44]
PUP.Optional.Binkiland.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Binkiland\\, En quarantaine, [101cb4532b60fd397b6962b8659e9b65]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5e58cda9-3b21-4611-a859-26ee28950e61}|AppPath, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin, En quarantaine, [b57777908efd74c28cdbdfc125df31cf]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6874fade-02c8-4181-831a-fc7486cf1d74}|AppPath, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin, En quarantaine, [092396719dee8caa6205b8e8d82cee12]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6c5561b6-3dd2-46b5-83be-eae744366046}|AppPath, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin, En quarantaine, [e943c93ed9b20135a3c46e3274908f71]
Adware.HotBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\USER AGENT\POST PLATFORM|ShopperReports 3.1.69.0, En quarantaine, [c76527e0e7a4d85efee3657fa55e36ca],
Malware.Trace, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\5.0\USER AGENT\POST PLATFORM|SRS_IT_E8790770B7765A5530AC90, En quarantaine, [e943dc2bcebd80b65c87e1030df651af],

Données du registre: 1
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:/PROGRA~3/{A4EF4~1/191~1.1/fica.dll, Bon : (), Mauvais : (C:/PROGRA~3/{A4EF4~1/191~1.1/fica.dll),Remplacé,[f438927504877abc5e878a192dd74bb5]

Dossiers: 8
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1, Supprimer au redémarrage, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data\archive, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data\archive\CH, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data\archive\CH\Morgan, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data\archive\CH\Morgan\Default, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}, Supprimer au redémarrage, [f438927504877abc5e878a192dd74bb5],
Adware.Seekmo, C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65, En quarantaine, [55d73acd95f69c9adee3824f5aa8b848],

Fichiers: 22
PUP.Optional.Bandoo.A, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\iMeshSetup-r333-w-bf(2).exe, En quarantaine, [929a0106840737ff65531de3bd447d83],
PUP.Optional.AudioToAudioToolBar.A, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\8hbarsvc.exe, En quarantaine, [0a223acd5338b28412b02c07c23e23dd],
PUP.Optional.MusicToolbar.A, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\BearShareSetup-r702-w-bf.exe, En quarantaine, [a48841c60289b0868813bb398e7203fd],
PUP.Optional.Bandoo.A, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\iMeshSetup-r333-w-bf.exe, En quarantaine, [58d4e324701be650ae0ad62ab94807f9],
PUP.Optional.OfferBox.A, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\OB.exe, En quarantaine, [7eae31d68a011422d6f66582ed137c84],
PUP.Optional.Bandoo.A, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\iMeshSetup-r333-w-bf(1).exe, En quarantaine, [3eee2ed9810a78be07b15ca41ce5857b],
PUP.Optional.Bandoo, C:\Users\Morgan\AppData\Roaming\ZHP\Quarantine\Music Toolbar\Datamngr\Uninstall.exe, En quarantaine, [ff2d95725338c3732b367b4616eb38c8],
PUP.Optional.Bandoo, C:\Windows\Temp\6a29051b\SetupDataMngr_iMesh.exe, En quarantaine, [d85409fe602b0531bea3269b8c75e818],
PUP.Optional.Bandoo, C:\Windows\Temp\806f173d\SetupDataMngr_iMesh.exe, En quarantaine, [39f36d9addaecb6b9dc411b011f0fd03],
Adware.Hotbar, C:\Users\Morgan\Downloads\VLCSetup.exe, En quarantaine, [d15bb057a5e60d29af2ca5f7a15fcc34],
PUP.Downloader.ZYL, C:\Users\Morgan\AppData\Local\Zylom Games\Zuma's Revenge Deluxe\zumasrevenge.exe, En quarantaine, [63c9887f6823c670578bc2f936ca936d],
PUP.Optional.Binkiland.A, C:\Windows\System32\Tasks\Binkiland fica, En quarantaine, [0428fa0d2b60f73f3fea890faf551de3],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\sqlite3.dll, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\aowLC, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\dExtent, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\extent, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\fiber.js, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\fica.dll, Supprimer au redémarrage, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\hdat1, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\hdat2, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data\archive\CH\Morgan\Default\Preferences, En quarantaine, [f438927504877abc5e878a192dd74bb5],
PUP.Optional.Amonetize.A, C:\ProgramData\{A4EF4C2C-F46D-9DAA-45EB-ED2895693EA6}\1.9.1.1\data\archive\CH\Morgan\Default\Secure Preferences, En quarantaine, [f438927504877abc5e878a192dd74bb5],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité