cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 14/08/2015
Heure de l'analyse: 19:25
Fichier journal: MBAM rapport.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.14.05
Base de données de rootkits: v2015.08.06.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Quentin

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 355508
Temps écoulé: 33 min, 6 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 1
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\yAkniOHEVo\bpnHKWyUcV.exe, 3140, Supprimer au redémarrage, [8b32917785062c0a0607690f4db4c33d]

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 3
PUP.Optional.BreakingNewsAlert.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bpnHKWyUcV, En quarantaine, [8b32917785062c0a0607690f4db4c33d],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fotibugo, En quarantaine, [febf39cf0c7f96a068b1d0dd10f4ae52],
PUP.Optional.Coupoon.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\coupoon, En quarantaine, [932a4cbcfb9012240986dcc2788c44bc],

Valeurs du registre: 1
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fotibugo|ImagePath, C:\Program Files (x86)\1F4A51EC-1438022244-11E1-8784-9639422D7BC2\knsd6E64.tmpfs, En quarantaine, [a617f117f79467cf9db87a23af55e818]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 6
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, En quarantaine, [d1ecf3152d5e2016c17cfe21ee15eb15],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iehjloenm\1.0.4.1, En quarantaine, [2a9382864645d1655728fab14cb8cb35],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iehjloenm, En quarantaine, [2a9382864645d1655728fab14cb8cb35],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\1F4A51EC-1438022244-11E1-8784-9639422D7BC2, En quarantaine, [febf39cf0c7f96a068b1d0dd10f4ae52],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\dat, En quarantaine, [bb024dbb652652e4cbcbf790e81dab55],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo, Supprimer au redémarrage, [bb024dbb652652e4cbcbf790e81dab55],

Fichiers: 77
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\yAkniOHEVo\bpnHKWyUcV.exe, Supprimer au redémarrage, [8b32917785062c0a0607690f4db4c33d],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\yAkniOHEVo\dat\DeTrAzoaC.exe, En quarantaine, [4479c840d4b746f05cb1c8b06a97ac54],
PUP.Optional.ZombieInvasion.A, C:\ProgramData\yAkniOHEVo\dat\dPkBHiD.dll, En quarantaine, [378653b57e0d2a0c43f666c65fa621df],
Adware.PullUpdate, C:\ProgramData\yAkniOHEVo\dat\FOZsNFg.dll, En quarantaine, [eecf7593e2a986b06945ece2ca376e92],
PUP.Optional.BreakingNewsAlert.A, C:\ProgramData\yAkniOHEVo\dat\VCJqUaoN.exe, En quarantaine, [c0fd0cfc8efd2016ed20d99fdf22d030],
PUP.Optional.Clara.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\437.exe, En quarantaine, [5865e91f0c7f6ec826a372ce679a59a7],
PUP.Optional.Nosibay.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\Bubble Dock Uninstall.exe, En quarantaine, [06b7a0683c4f62d48717cfb5b74ef20e],
PUP.Optional.AnyProtect, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\nstED69.tmp, En quarantaine, [a21b888057345fd708b188fc58aa718f],
PUP.Optional.AnyProtect, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\nsvFDD3.tmp, En quarantaine, [09b4af595c2f45f16059f58fef1314ec],
PUP.Optional.WProtectManager.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\ProtectWindowsManager.exe, En quarantaine, [a91442c6a2e96accc1ddf491c243a759],
PUP.Optional.SmartWeb.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\SmartWebApp.exe, En quarantaine, [2697d92f7516a1953679f16019e838c8],
PUP.Optional.SmartWeb.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\SmartWebHelper.exe, En quarantaine, [714ced1bcac1b38309a6fb56fb06f808],
PUP.Optional.SmartWeb.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\swhk.dll, En quarantaine, [12ab68a0cebd54e2d1deb59cd52cf010],
PUP.Optional.Nosibay.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\WindApp Uninstall.exe, En quarantaine, [dde040c885069d993d61aed6749123dd],
PUP.Optional.WordSurfer.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\wsafd_1_10_0_19.sys, En quarantaine, [526bc147355679bdfc1cacda9f665da3],
PUP.Optional.Nosibay.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\Selection Tools Uninstall.exe, En quarantaine, [9924967291fab4823a64a2e2e0252fd1],
PUP.Optional.EORezo, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\gmsd_fr_002020051\gamesdesktop_widget.exe, En quarantaine, [aa138b7dd4b7b284702ab0d4887daa56],
PUP.Optional.EORezo, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\gmsd_fr_002020051\gmsd_fr_002020051.exe, En quarantaine, [5f5ef117c6c53afc693196ee768fdc24],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\gmsd_fr_002020051\predm.exe, En quarantaine, [00bd70985e2d3501dfab681cfc09c43c],
PUP.Optional.EORezo, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\gmsd_fr_002020051\unins000.exe, En quarantaine, [3a830206880381b596042c58d62fe917],
PUP.Optional.EORezo, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\gmsd_fr_002020051\gmsd_fr_002020051\upgmsd_fr_002020051.exe, En quarantaine, [cdf0c6428407ca6c96047b093ec7d12f],
PUP.Optional.SmartWeb.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\SmartWebApp.exe, En quarantaine, [0eafd2369eed74c2ae016be68879b848],
PUP.Optional.SmartWeb.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\SmartWebHelper.exe, En quarantaine, [6f4e63a52e5d1f1766495cf55fa2ac54],
PUP.Optional.SmartWeb.A, C:\Users\Quentin\AppData\Roaming\ZHP\Quarantine\SmartWeb.DIR\swhk.dll, En quarantaine, [10adc642d4b7c76f27888bc6679a669a],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Quentin\AppData\Local\Temp\nsdB761.tmp, En quarantaine, [b706987026651125bcf9c7bbe520cf31],
PUP.Optional.InstallCore.A, C:\Users\Quentin\AppData\Local\Temp\ICReinstall_CodecPack.exe, En quarantaine, [a4197d8be8a35adc1df72c87bb4633cd],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Quentin\AppData\Local\Temp\nsw1384.tmp, En quarantaine, [77466f99eaa1e4527a3bf989cd382cd4],
PUP.Optional.CheckOffer, C:\Users\Quentin\AppData\Local\Temp\nsxC13B.tmp, En quarantaine, [7e3f9177503b3ef8d403fca937ca1ae6],
PUP.Optional.OfferInstaller.C, C:\Users\Quentin\AppData\Local\Temp\sdf802C.exe, En quarantaine, [55685bada7e4092d01cdacd6e0213dc3],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-DNIAO.tmp\gentlemjmp_ieu.exe, En quarantaine, [8f2e57b1404b3204328360f6d62be41c],
Adware.EoRezo, C:\Users\Quentin\AppData\Local\Temp\n4791\GamesDesktop-fr-UNInstaller.exe, En quarantaine, [68558b7d8902f83e9b7711a22ed341bf],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Quentin\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_76.exe, En quarantaine, [5f5ef612414a39fd42735c2616ef52ae],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-08AL6.tmp\gentlemjmp_ieu.exe, En quarantaine, [3a83d533d9b280b68109f98bde276c94],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-0UPDC.tmp\gentlemjmp_ieu.exe, En quarantaine, [4d706a9e06851224602afa8aa263d62a],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-42V0H.tmp\package_spacesoundpro_installer_multilang.exe, En quarantaine, [4c71f1177318171f5ee20d44bd4438c8],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-67NDI.tmp\gentlemjmp_ieu.exe, En quarantaine, [d2eb8880b1da8bab0288265e7b8aa35d],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-B3S7M.tmp\gentlemjmp_ieu.exe, En quarantaine, [8439947499f2b87e44713e189a6736ca],
PUP.Optional.CheckOffer, C:\Users\Quentin\AppData\Local\Temp\nsxD402.tmp\nsCBHTML5.dll, En quarantaine, [48754dbb6e1dc37313c4aafbf40d28d8],
Adware.EoRezo, C:\Users\Quentin\AppData\Local\Temp\is-F0PDO.tmp\package_airwebbar_installer_multilang.exe, En quarantaine, [e2db6c9c45461f1713ee45199b659a66],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-GNKT1.tmp\gentlemjmp_ieu.exe, En quarantaine, [a11c4bbddab1b1855b2f8ff57d8802fe],
PUP.Optional.WebBar.A, C:\Users\Quentin\AppData\Local\Temp\is-HME7L.tmp\AirWebbar.exe, En quarantaine, [1da06e9a85061a1cb9461d68679a43bd],
PUP.Optional.MyBestOffersToday.A, C:\Users\Quentin\AppData\Local\Temp\is-KBD22.tmp\gentlemjmp_ieu.exe, En quarantaine, [0db0996f90fb0d29831785cafc05d32d],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-KF20M.tmp\gentlemjmp_ieu.exe, En quarantaine, [5469b058dab1c86e89015b2961a40000],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-MAT0A.tmp\package_bubbledock_installer_multilang.exe, En quarantaine, [ecd1a167642702344bf5e66b1ee3b749],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-MAT0A.tmp\package_BubbleSound_installer_multilang.exe, En quarantaine, [427b30d812793df9a0a0361bda2712ee],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-MAT0A.tmp\package_ppricegong_installer_multilang.exe, En quarantaine, [3a83828604870b2b0e320051a55cd32d],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-MAT0A.tmp\package_pzombie_installer_multilang.exe, En quarantaine, [eecf11f73d4e2b0b4af6292805fc15eb],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-MUTNC.tmp\gentlemjmp_ieu.exe, En quarantaine, [516c10f8810aa5910c7e0480bf46dc24],
PUP.Optional.MyBestOffersToday.A, C:\Users\Quentin\AppData\Local\Temp\is-N08GT.tmp\gentlemjmp_ieu.exe, En quarantaine, [4e6ff7114f3cbc7a0b8fa1ae7a877789],
PUP.Optional.PriceGong.A, C:\Users\Quentin\AppData\Local\Temp\is-O4VE5.tmp\pricegong.exe, En quarantaine, [893492763b503cfad57d2af0a061ae52],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-OH8TK.tmp\package_bubbledock_installer_multilang.exe, En quarantaine, [6c510305c2c9181eff413120c839629e],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-OH8TK.tmp\package_BubbleSound_installer_multilang.exe, En quarantaine, [1ba287815b305dd982beda77bf4234cc],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-OH8TK.tmp\package_ppricegong_installer_multilang.exe, En quarantaine, [932a67a1d9b2f64078c8e66b7c85639d],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-OH8TK.tmp\package_pzombie_installer_multilang.exe, En quarantaine, [219c12f6bbd0a591ec540e43a160db25],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-PP3TU.tmp\gentlemjmp_ieu.exe, En quarantaine, [5a6370986d1e072fafdb7c08966f8e72],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-R395R.tmp\gentlemjmp_ieu.exe, En quarantaine, [1e9f8781a9e23cfa63273b49bd48f20e],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-ULVF2.tmp\gentlemjmp_ieu.exe, En quarantaine, [dbe2f018d3b877bfd5b5057fc73ec53b],
PUP.Optional.Tuto4PC.A, C:\Users\Quentin\AppData\Local\Temp\is-V2SP6.tmp\gentlemjmp_ieu.exe, En quarantaine, [7e3f7791098274c25a3040446a9bfb05],
PUP.Optional.Delta.ShrtCln, C:\Users\Quentin\AppData\Local\Temp\is357113909\DeltaTB.exe, En quarantaine, [c6f7b75186056acc0c8237b0e020758b],
PUP.Optional.InstallCore.A, C:\Users\Quentin\Downloads\CodecPack.exe, En quarantaine, [615c32d62863e254a96b7f3447baf40c],
PUP.Optional.Somoto, C:\Users\Quentin\Downloads\PowerPoint.exe, En quarantaine, [912cec1c553653e319ec0f77e520847c],
PUP.BundleInstaller.VG, C:\Users\Quentin\Downloads\video_downloader (1).exe, En quarantaine, [b90433d5becda393c32b6e283dc302fe],
PUP.BundleInstaller.VG, C:\Users\Quentin\Downloads\video_downloader.exe, En quarantaine, [11acab5da9e2f3433bb3f4a241bf9769],
PUP.Optional.WebBar.A, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, En quarantaine, [d1ecf3152d5e2016c17cfe21ee15eb15],
PUP.Optional.Browser.A, C:\ProgramData\Browser\prompt.exe.config, En quarantaine, [a914b0582b604cea13012d7358ac11ef],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iehjloenm\1.0.4.1\hianevpa.exe.config, En quarantaine, [2a9382864645d1655728fab14cb8cb35],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iehjloenm\1.0.4.1\sqlite3.dll, En quarantaine, [2a9382864645d1655728fab14cb8cb35],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Iehjloenm\dat.dat, En quarantaine, [2a9382864645d1655728fab14cb8cb35],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\1F4A51EC-1438022244-11E1-8784-9639422D7BC2\knsd6E64.tmpfs, En quarantaine, [febf39cf0c7f96a068b1d0dd10f4ae52],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\1F4A51EC-1438022244-11E1-8784-9639422D7BC2\rnst85EC.exe, En quarantaine, [febf39cf0c7f96a068b1d0dd10f4ae52],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\1F4A51EC-1438022244-11E1-8784-9639422D7BC2\Uninstall.exe, En quarantaine, [febf39cf0c7f96a068b1d0dd10f4ae52],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\dat\DeTrAzoaC.exe.config, En quarantaine, [bb024dbb652652e4cbcbf790e81dab55],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\dat\FOZsNFg.dll, En quarantaine, [bb024dbb652652e4cbcbf790e81dab55],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\dat\VCJqUaoN.exe.config, En quarantaine, [bb024dbb652652e4cbcbf790e81dab55],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\bpnHKWyUcV.dat, Supprimer au redémarrage, [bb024dbb652652e4cbcbf790e81dab55],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\bpnHKWyUcV.exe.config, En quarantaine, [bb024dbb652652e4cbcbf790e81dab55],
PUP.Optional.PullUpdate.A, C:\ProgramData\yAkniOHEVo\info.dat, Supprimer au redémarrage, [bb024dbb652652e4cbcbf790e81dab55],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité