cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 27/09/2015
Heure de l'analyse: 11:57
Fichier journal: texte.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.27.03
Base de données de rootkits: v2015.09.22.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Eudes

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 370822
Temps écoulé: 8 min, 19 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 9
PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSPALMAS, Supprimer au redémarrage, [c916211397f443f309ff97f12adaef11],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\HQ_Video_2.1V28.08, En quarantaine, [b12e75bf9bf04de9d08e4c4dd52f39c7],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\HQ_Video_2.1V28.08-nv-edge, En quarantaine, [f3ec23110685bf7767f725741be9966a],
PUP.Optional.MovieDea, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MovieDea, En quarantaine, [c01fa58f3853d363a37ad2dfd133619f],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\HQ_Video_2.1V28.08-nv-ie, En quarantaine, [cc1345ef662557df818d296fbf45649c],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{F7271516-2CB9-486A-8548-84FF3195532A}, En quarantaine, [964976bec2c9c86e0e22b5d360a420e0],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{F7271516-2CB9-486A-8548-84FF3195532A}, En quarantaine, [eff03ff5f3988fa743ed4d3b14f0966a],
PUP.Optional.CrossRider, HKU\S-1-5-21-3049867058-3122418870-2188024173-1003\SOFTWARE\HQ_Video_2.1V28.08, En quarantaine, [f2edeb49eaa1bc7a6da14c4ccb39fc04],
PUP.Optional.CrossRider, HKU\S-1-5-21-3049867058-3122418870-2188024173-1003\SOFTWARE\HQ_Video_2.1V28.08-nv-edge, En quarantaine, [6778082ca5e60630709e4751d034e61a],

Valeurs du registre: 3
PUP.Optional.Shopperz.BrwsrFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|prtstart, C:\Program Files\shopperz270820151656\dr_inst.exe url=aHR0cDovL2Nkcy5zNm01bTlkNy5od2Nkbi5uZXQvYWRkb25fNC9wci8yNzA4MjAxNS8vcHJjNjQuZXhl lpath=QzpcUHJvZ3JhbSBGaWxlc1xzaG9wcGVyejI3MDgyMDE1MTY1NlxwcmMuZXhl time=1 cl=LWluc3RhbGw=, En quarantaine, [7d62a78d5338f93d9ba83f4940c4659b]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{F7271516-2CB9-486A-8548-84FF3195532A}|Name, C:\Program Files\shopperz270820151656\Voesv.exe, En quarantaine, [964976bec2c9c86e0e22b5d360a420e0]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{F7271516-2CB9-486A-8548-84FF3195532A}|Name, C:\Program Files\shopperz270820151656\Voesv.exe, En quarantaine, [eff03ff5f3988fa743ed4d3b14f0966a]

Données du registre: 3
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{04de7fa5-d984-4496-8338-5d85aeebe0ab}|NameServer, 82.163.143.162,82.163.142.164, Bon : (), Mauvais : (82.163.143.162,82.163.142.164),Remplacé,[aa35fc38c9c28fa7b197a3dbbb4a629e]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{3a771c2b-e847-4cee-a5e4-743c27ce95a0}|NameServer, 82.163.143.162,82.163.142.164, Bon : (), Mauvais : (82.163.143.162,82.163.142.164),Remplacé,[f3eccd67107b58defd4bed915aab06fa]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7eaf72eb-5f9f-49f6-8dba-bb467627276e}|NameServer, 82.163.143.162,82.163.142.164, Bon : (), Mauvais : (82.163.143.162,82.163.142.164),Remplacé,[ac3388acdbb0d06675d3b0ce8b7ad22e]

Dossiers: 2
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\dat, En quarantaine, [edf24de76427082ebde81f97a0659d63],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb, En quarantaine, [edf24de76427082ebde81f97a0659d63],

Fichiers: 33
Adware.PullUpdate, C:\ProgramData\PLOhibbb\dat\qgflQZzWtyd.dll, En quarantaine, [cf1036fe9bf0989e611f4a6642bf867a],
PUP.Optional.ZombieInvasion, C:\ProgramData\PLOhibbb\dat\zisOfjCO.dll, En quarantaine, [2bb46cc8c1ca1224f2a42340b84db749],
PUP.Optional.Clara, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\437.exe, En quarantaine, [7a650e261d6e6fc77700d3e8ab56bf41],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\globalupdate.exe, En quarantaine, [f7e801331c6f2115da6879ff0ef3e719],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\globalupdateBroker.exe, En quarantaine, [a13ef83c3655f83e5ae86315877a8b75],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\globalupdateCrashHandler.exe, En quarantaine, [13ccb282c2c9d264132feb8d8e73867a],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\globalupdateOnDemand.exe, En quarantaine, [ebf4f143c8c30e28c67c096f9d6426da],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\goopdate.dll, En quarantaine, [ad32fd37662557df3e04d3a542bf29d7],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, En quarantaine, [38a7290baddedc5a70d22c4c22df2fd1],
PUP.Optional.WebShield, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\nhLmFLGAUit.exe, En quarantaine, [da05cb69ef9c03333b70388958a908f8],
PUP.Optional.SearchProtect, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\nsn52F8.tmp, En quarantaine, [984773c13f4cd066d699408029d85da3],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\psmachine.dll, En quarantaine, [4a95ca6ac8c3cb6b58ea6d0b9d646997],
PUP.Optional.ModGoog, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\psuser.dll, En quarantaine, [904f1024a7e461d5f84a6810f1108b75],
PUP.Optional.SearchProtect, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\secureprotect_soft_partner.exe, En quarantaine, [fde2181c4b408caa462ae8d89e639c64],
PUP.Optional.SearchProtect, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\SPTool.dll, En quarantaine, [954a37fd404ba88efa69b39ef9082ed2],
PUP.Optional.SuperOptimizer, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\supoptsetup.exe, En quarantaine, [fbe4072d26658da917f19e23b24fbb45],
PUP.Optional.WebShield, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\wdomNylr.exe, En quarantaine, [cf105ed6f39863d3456668597c85dc24],
PUP.Optional.WebShield, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\idHeYWKe.exe, En quarantaine, [11cee54f2a61d85e24874180e120758b],
Adware.PullUpdate, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\jeeaihku.exe, En quarantaine, [924d39fb008b1f17df345a5cf8098d73],
Adware.PullUpdate, C:\Users\Eudes\AppData\Roaming\ZHP\Quarantine\jeeaihku.exe.VIR, En quarantaine, [c916052fa0eb81b56ba8872f2cd59070],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Windows\System32\Tasks\DNSPALMAS, En quarantaine, [22bd10243c4f072f867ee6a2d430d927],
PUP.Optional.PastaLeads, C:\Users\Eudes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, Supprimer au redémarrage, [c51ae94ba5e6ff3739e7d0e537cdb34d],
PUP.Optional.PastaLeads, C:\Users\Eudes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [dc03c66eb6d50432d9477243798b6f91],
PUP.Optional.ReMarkable, C:\Users\Eudes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Supprimer au redémarrage, [924dd55fc5c63006d174279332d2ab55],
PUP.Optional.ReMarkable, C:\Users\Eudes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Supprimer au redémarrage, [e8f76dc7f79494a21134a01a8d778977],
PUP.Optional.SelectNGo, C:\Users\Eudes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage, En quarantaine, [1cc38fa53754e74f22a503bb8480ac54],
PUP.Optional.SelectNGo, C:\Users\Eudes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal, En quarantaine, [e7f8f143a8e348ee8d3a2f8fe420a957],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\dat\nhLmFLGAUit.exe.config, En quarantaine, [edf24de76427082ebde81f97a0659d63],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\dat\qgflQZzWtyd.dll, En quarantaine, [edf24de76427082ebde81f97a0659d63],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\dat\wdomNylr.exe.config, En quarantaine, [edf24de76427082ebde81f97a0659d63],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\idHeYWKe.dat, En quarantaine, [edf24de76427082ebde81f97a0659d63],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\idHeYWKe.exe.config, En quarantaine, [edf24de76427082ebde81f97a0659d63],
PUP.Optional.PullUpdate, C:\ProgramData\PLOhibbb\info.dat, En quarantaine, [edf24de76427082ebde81f97a0659d63],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité