cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 03/09/2015
Heure de l'analyse: 21:01
Fichier journal: journalMAM.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.03.06
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Romuald

Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 758041
Temps écoulé: 2 h, 40 min, 18 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 1
PUP.Optional.TVTime, C:\ProgramData\euloMYld\coHlUudQg.exe, 4704, Supprimer au redémarrage, [fd850724117ae84edea23396ac550000]

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 6
PUP.Optional.TVTime, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\coHlUudQg, En quarantaine, [fd850724117ae84edea23396ac550000],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}, En quarantaine, [6b17ca610784f640418e4134da2a4eb2],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}, En quarantaine, [4d3566c5cbc083b3b21d97def70d08f8],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}, En quarantaine, [1c669695a2e994a2d6f93e37a16340c0],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-999163738-1072730487-3645335144-1001\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}, En quarantaine, [bac838f3d9b2f145e1eeef86000402fe],
PUP.Optional.WindApp, HKU\S-1-5-21-999163738-1072730487-3645335144-1080\SOFTWARE\STORE\WindApp, En quarantaine, [e0a2c16acfbc360035d4a813cf3523dd],

Valeurs du registre: 7
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, En quarantaine, [d0b285a6f79482b4efc53a2d36ce1fe1]
PUP.Optional.GamesDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_fr_005010076, En quarantaine, [d5adfd2e93f8b08676fff39c7a8a4eb2],
PUP.Optional.GamesDesktop, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_fr_005010077, En quarantaine, [8af8cc5fbfccc96d1f562669b74d1be5],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-18\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}|Name, C:\Program Files\shopperz240820151333\Conrygi.exe, En quarantaine, [6b17ca610784f640418e4134da2a4eb2]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-19\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}|Name, C:\Program Files\shopperz240820151333\Conrygi.exe, En quarantaine, [4d3566c5cbc083b3b21d97def70d08f8]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-20\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}|Name, C:\Program Files\shopperz240820151333\Conrygi.exe, En quarantaine, [1c669695a2e994a2d6f93e37a16340c0]
PUP.Optional.Shopperz.BrwsrFlsh, HKU\S-1-5-21-999163738-1072730487-3645335144-1001\SOFTWARE\{9A1539FD-88FC-46C6-8B92-E6DF763A8168}|Name, C:\Program Files\shopperz240820151333\Conrygi.exe, En quarantaine, [bac838f3d9b2f145e1eeef86000402fe]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 7
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\1.0.4.1, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\1.0.5.1, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.TVTime, C:\Users\Romuald\AppData\Local\TVTime, En quarantaine, [3c4643e8098274c299d5486e0202bd43],
PUP.Optional.Shopperz.BrwsrFlsh, C:\Program Files\shopperz240820151333, En quarantaine, [661ceb4002892f073bd5cf2822e0cb35],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\dat, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],

Fichiers: 68
PUP.Optional.TVTime, C:\ProgramData\euloMYld\coHlUudQg.exe, Supprimer au redémarrage, [fd850724117ae84edea23396ac550000],
RiskWare.Tool.CK, D:\Logiciels\Adobe Acrobat Pro 8.1.2 Multilanguage +user guide +keygen(crack)\Keygen\keygen.exe, En quarantaine, [a1e169c2b5d685b1a7e3abd105fb0ef2],
RiskWare.Tool.HCK, D:\Logiciels\autocad 2009\Keygens\xf-acad9-32-BITS.exe, En quarantaine, [96ecb972a4e77fb7e9b287a5bf43916f],
RiskWare.Tool.CK, D:\Logiciels\autocad 2009\Keygens\xf-acad9-64-BITS.exe, En quarantaine, [a9d9b675cfbc1323992f4edc3dc50ff1],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir, En quarantaine, [1f63fa31f794132367bc9be2936ec838],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir, En quarantaine, [bac83fec1774df572af96419df2246ba],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir, En quarantaine, [c7bb1b10eaa19c9a80a3cfaeed1441bf],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir, En quarantaine, [572b40ebc6c5999d01225c212ad7c53b],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir, En quarantaine, [c7bbf7343952db5b24ffee8f7c856a96],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, En quarantaine, [80021318800bb97d4bd80c71bb46c838],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, En quarantaine, [4c36fd2e9bf0a393c95a176633ce01ff],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir, En quarantaine, [bbc761ca791266d0c75ca9d41ae7659b],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, En quarantaine, [384abf6c42493ef8cb58e895a35e847c],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, En quarantaine, [2f5342e9c4c7bc7ac75cff7efd04936d],
PUP.Optional.Bandoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\change.exe.vir, En quarantaine, [9be734f79deefa3cc225efa69b6a619f],
PUP.Optional.Bandoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Helper.dll.vir, En quarantaine, [fe849b90ef9c0a2c9e49415417ee728e],
PUP.Optional.Bandoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\jZip.exe.vir, En quarantaine, [10726bc02e5d12249255068fa560aa56],
PUP.Optional.Bandoo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\jZip\Uninstall.exe.vir, En quarantaine, [047e48e3c8c3bc7ac522cec73cc955ab],
PUP.Optional.MiniLite, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MiniLite\Uninstall.exe.vir, En quarantaine, [4c36b279ef9cbf779c5ac40214edef11],
Trojan.Downloader, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SFKEX.exe.vir, En quarantaine, [334f40ebafdc80b69fcb9834cf32867a],
Trojan.Downloader, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SFKEX64.dll.vir, En quarantaine, [bdc5a982e6a556e00b61a824bd44c53b],
Trojan.Downloader, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\SFKEX64.exe.vir, En quarantaine, [097922095f2c75c1b0a202caa06115eb],
Trojan.Downloader, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SFK\Yrrehs.zip.vir, En quarantaine, [740e81aa9fecd75f7dd54884d928ec14],
PUP.Optional.PullUpdate, C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir, En quarantaine, [047e5ad1b3d8e94df426eade26dbd22e],
PUP.Optional.PullUpdate, C:\AdwCleaner\Quarantine\C\ProgramData\radio\prompt.exe.vir, En quarantaine, [a6dc39f27c0f280e5dbd7f49c53ce818],
PUP.Optional.Winsock.HijackBoot, C:\AdwCleaner\Quarantine\C\Windows\Sysnative\Ooteeotoor64.dll.vir, En quarantaine, [740e54d707849d991657655353aea35d],
PUP.Optional.Winsock.HijackBoot, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\Ooteeotoor.dll.vir, En quarantaine, [7e045bd0a1ea9d99adbfbdfbb64bc040],
PUP.Optional.Perion, C:\Program Files\shopperz240820151333\Foiobn.dll, En quarantaine, [344e7ead137845f1b7d66d50a75a24dc],
PUP.Optional.TVTime, C:\ProgramData\euloMYld\dat\bJmLNmEzxNY.exe, Supprimer au redémarrage, [cfb3b9720f7c8fa7443cdaef976a629e],
Adware.PullUpdate, C:\ProgramData\euloMYld\dat\QjebBXVvdV.dll, Supprimer au redémarrage, [7f03062528632313aabcbefa6998d32d],
PUP.Optional.ZombieInvasion, C:\ProgramData\euloMYld\dat\RgPPYJftUMq.dll, Supprimer au redémarrage, [e39f48e3a3e84de98d785bf45fa6da26],
PUP.Optional.TVTime, C:\ProgramData\euloMYld\dat\uEuStOQw.exe, Supprimer au redémarrage, [88fae9427e0dde5883fd6267cb36827e],
PUP.Optional.PullUpdate, C:\ProgramData\TVTime\Uninstall.exe, En quarantaine, [a8dafb30305bba7cda155b3b15f06c94],
PUP.Optional.AnyProtect, C:\Users\Romuald\AppData\Local\nsg4416.tmp, En quarantaine, [88fab774fc8f66d0f740137251b153ad],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRK0IKDY\cmi_mystartsearch[1].exe, En quarantaine, [384ad95296f549ed1464d7ba54b108f8],
PUP.Optional.PreInstaller, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRK0IKDY\setup_362[1].exe, En quarantaine, [dda5b675fd8e1c1abc3d586f59a8e51b],
PUP.Optional.AnyProtect, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRK0IKDY\AnyProtectSetup[1].exe, En quarantaine, [f68c60cb761583b379be5332ce341be5],
PUP.Optional.Nosibay, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRK0IKDY\62793.WindApp.MON001.no[1].exe, En quarantaine, [047e39f2ddae53e33b94870f34d1cf31],
PUP.Optional.BubbleDock, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRK0IKDY\63100.Bubble_Dock.BBD023.no[2].exe, En quarantaine, [572b3eed503bc07696b58d3f0ff215eb],
PUP.Optional.SearchProtect, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGC9KJ3T\Stub[1].exe, En quarantaine, [add516156f1cd2648d0d8642f60b12ee],
PUP.Optional.AnyProtect, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGC9KJ3T\AnyProtect[1].exe, En quarantaine, [2e547ead55365fd7a94d9ff3ff06ab55],
PUP.Optional.Nosibay, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGC9KJ3T\downloader.63399[1].exe, En quarantaine, [f191cd5ee0abdc5aa12e385e7293e818],
PUP.Optional.Conduit, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGC9KJ3T\OrbiterInstaller[1].exe, En quarantaine, [2a581813157664d24db92802cb363bc5],
PUP.Optional.Clara, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JGC9KJ3T\bfc5086e-c794-4413-9b71-1f6565be7466[1].exe, En quarantaine, [fd8512198efdf145b463187e43c2a55b],
PUP.Optional.Clara, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P52P9NC7\bob[1].exe, En quarantaine, [047e4dde3e4d0531c5d2a51ebc45c63a],
PUP.Optional.Nosibay, C:\Users\Romuald\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P52P9NC7\63439.Selection_Tools.ALT001.no[1].exe, En quarantaine, [6a186ebd15763cfaa42b26707293ad53],
PUP.Optional.Nosibay, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\Bubble Dock Uninstall.exe, En quarantaine, [b4cec9626d1e5bdbe7e8bed8db2a946c],
PUP.Optional.CrossRider, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\f3oh5XBYuBDw.exe, En quarantaine, [4042b477147791a55b87f5ce827fea16],
PUP.Optional.WProtectManager, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\WdsManPro.exe, En quarantaine, [bbc740ebf992ec4a6df71285887d8878],
PUP.Optional.WProtectManager, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\WdsManPro.exe.VIR, En quarantaine, [265c8f9cb1da0d295212f2a5d035639d],
PUP.Optional.Nosibay, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\WindApp Uninstall.exe, En quarantaine, [2a5868c3642790a6cd026f271aeb6b95],
PUP.Optional.AnyProtect, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\nsh1FB5.tmp, En quarantaine, [047e0a2173189e9886b1acd9df2355ab],
PUP.Optional.Nosibay, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\Selection Tools Uninstall.exe, En quarantaine, [b2d08d9eafdc92a49f305b3bee1702fe],
PUP.Optional.WProtectManager, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\lwdsmanprol.DIR\WdsManPro.exe, En quarantaine, [1a6887a44e3d0333174dfd9afa0bb848],
PUP.Optional.WProtectManager, C:\Users\Romuald\AppData\Roaming\ZHP\Quarantine\nwdsmanpron.DIR\WdsManPro.exe, En quarantaine, [cbb74be04f3c3006ff65b6e162a350b0],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\1.0.4.1\mliclaap.exe.config, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\1.0.4.1\sqlite3.dll, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\dat.dat, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\1.0.5.1\mliclaap.exe.config, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Peusnamroonod\1.0.5.1\sqlite3.dll, En quarantaine, [d5ad909b2f5c4ceaaf14d699c63ea759],
PUP.Optional.TVTime, C:\Users\Romuald\AppData\Local\TVTime\data2.dat, En quarantaine, [3c4643e8098274c299d5486e0202bd43],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\dat\bJmLNmEzxNY.exe.config, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\dat\QjebBXVvdV.dll, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\dat\uEuStOQw.exe.config, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\coHlUudQg.dat, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\coHlUudQg.exe.config, En quarantaine, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.PullUpdate, C:\ProgramData\euloMYld\info.dat, Supprimer au redémarrage, [dea4ca617516989ec4191b81d4315ca4],
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\abis\cuuf\fah.dat, En quarantaine, [750d61ca008b1b1b4e258e0c9c6904fc],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité