cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 17/08/2015
Heure de l'analyse: 22:18
Fichier journal: mbam-log-2015-08-17(22-13-54).txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.17.08
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: HPEC2

Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 552860
Temps écoulé: 1 h, 42 min, 22 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 18
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F12693BF-25DD-4D37-9797-65629A1EB440}, En quarantaine, [9f4d2edbbdced2641cb6e7bec83c3ec2],
PUP.Optional.ReMarkable.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Re-Markable Update, Supprimer au redémarrage, [7a7263a6d1ba55e1f653ad6c09fa55ab],
PUP.Optional.ReMarkable.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Re-Markable_wd, Supprimer au redémarrage, [14d8e029dfac89adca7fc455ca390ef2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F12693BF-25DD-4D37-9797-65629A1EB440}, En quarantaine, [5c90739699f291a5ba1800a52fd53cc4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BC38975-DF88-404D-80EC-16241FD734DA}, En quarantaine, [41abeb1edeadee488a477233e2222ed2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F7EC34F-4121-4A7C-9FFB-C6B138225315}, En quarantaine, [25c7dd2ca4e7d363319f8a1bda2a2bd5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{58A079A7-9390-4CA3-ABF6-A070A72A15D2}, En quarantaine, [8b613ecb6328b185d1ff3f66c73df30d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{667D4D72-EAA6-4B3C-832C-D348A3C1F57B}, En quarantaine, [6f7d42c7038824120ec3564f966e7b85],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7FC4ABE4-25D7-443A-B433-7B5F24A23D28}, En quarantaine, [83698d7cee9d003622afabfab0546898],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{940AA13E-736A-431C-805B-1A9E3A90A05E}, En quarantaine, [d01c46c3315a0036f8d83f6660a424dc],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9FE3DFD0-1C73-472C-B2DD-5C7A597C8DA4}, En quarantaine, [47a56e9b9bf0999d5c746c397b899c64],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2105DC1-BAEC-4894-B849-ADE740FF4D20}, En quarantaine, [ea0240c9e5a6d165a22f089d94709769],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B70F3C30-7001-47F9-8426-2B78BF5048C2}, En quarantaine, [509cbb4e73187db96a678025689c5ca4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BE0CE8D2-695C-46EB-A409-A641EC9FA9F3}, En quarantaine, [e804d138b1da7fb79b366c39f70db749],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3FCF07A-C8EC-4EE2-B66F-45CC12C92982}, En quarantaine, [a349ff0a6c1f7db9e1ef871ec73dde22],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D6F5F289-FB97-4B5D-A220-7A72566B287A}, En quarantaine, [2fbd5cadb2d965d13b955f463ec653ad],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F12693BF-25DD-4D37-9797-65629A1EB440}, En quarantaine, [1cd059b029623df97a559411c044a35d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F56BBC88-256F-463D-8310-66EF5F13E25D}, En quarantaine, [9f4d3dcc36552016577afea7a75dea16],

Valeurs du registre: 17
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f12693bf-25dd-4d37-9797-65629a1eb440}|AppName, HQPureV1.8-bg.exe, En quarantaine, [9f4d2edbbdced2641cb6e7bec83c3ec2]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f12693bf-25dd-4d37-9797-65629a1eb440}|AppName, HQPureV1.8-bg.exe, En quarantaine, [5c90739699f291a5ba1800a52fd53cc4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BC38975-DF88-404D-80EC-16241FD734DA}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-codedownloader.exe, En quarantaine, [41abeb1edeadee488a477233e2222ed2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F7EC34F-4121-4A7C-9FFB-C6B138225315}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-buttonutil.exe, En quarantaine, [25c7dd2ca4e7d363319f8a1bda2a2bd5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{58A079A7-9390-4CA3-ABF6-A070A72A15D2}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-buttonutil.exe, En quarantaine, [8b613ecb6328b185d1ff3f66c73df30d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{667D4D72-EAA6-4B3C-832C-D348A3C1F57B}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-codedownloader.exe, En quarantaine, [6f7d42c7038824120ec3564f966e7b85]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7FC4ABE4-25D7-443A-B433-7B5F24A23D28}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-codedownloader.exe, En quarantaine, [83698d7cee9d003622afabfab0546898]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{940AA13E-736A-431C-805B-1A9E3A90A05E}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-buttonutil.exe, En quarantaine, [d01c46c3315a0036f8d83f6660a424dc]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9FE3DFD0-1C73-472C-B2DD-5C7A597C8DA4}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-buttonutil.exe, En quarantaine, [47a56e9b9bf0999d5c746c397b899c64]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2105DC1-BAEC-4894-B849-ADE740FF4D20}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-codedownloader.exe, En quarantaine, [ea0240c9e5a6d165a22f089d94709769]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B70F3C30-7001-47F9-8426-2B78BF5048C2}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-codedownloader.exe, En quarantaine, [509cbb4e73187db96a678025689c5ca4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{be0ce8d2-695c-46eb-a409-a641ec9fa9f3}|AppName, HQPureV1.8-codedownloader.exe, En quarantaine, [e804d138b1da7fb79b366c39f70db749]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D3FCF07A-C8EC-4EE2-B66F-45CC12C92982}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-buttonutil.exe, En quarantaine, [a349ff0a6c1f7db9e1ef871ec73dde22]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D6F5F289-FB97-4B5D-A220-7A72566B287A}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-buttonutil.exe, En quarantaine, [2fbd5cadb2d965d13b955f463ec653ad]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f12693bf-25dd-4d37-9797-65629a1eb440}|AppName, HQPureV1.8-bg.exe, En quarantaine, [1cd059b029623df97a559411c044a35d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F56BBC88-256F-463D-8310-66EF5F13E25D}|AppName, fae934c3-b20e-4750-b667-c473576aefd9-2.exe-codedownloader.exe, En quarantaine, [9f4d3dcc36552016577afea7a75dea16]
PUP.Optional.Markable.A, HKU\S-1-5-21-1152957233-90641549-447306113-1000\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{A7CC219C-BF11-CF12-F985-C68DE7CCCBDF}, C:\Program Files (x86)\ver9Re-Markable\175.xpi, En quarantaine, [46a6c742662572c444de5e4153b1e917]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 2
PUP.Optional.Mindspark.A, C:\Users\HPEC2\Downloads\EliteUnzipSetup.EliteUnzip_aa.ffjcmnpnoopgilmnfhloocdcbnimmmea.ch.exe, En quarantaine, [b13b9a6fabe09e98a37c45429174857b],
PUP.Optional.Linkury.A, C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll, En quarantaine, [a745a861cbc08bab653063237a8bc33d],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité