cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 04/09/2015
Heure de l'analyse: 12:17
Fichier journal: journal d'examen.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.04.04
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Pierre

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 376704
Temps écoulé: 19 min, 55 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 12
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75D7CDF5-3A6E-4054-9100-1CD9A984344E}, En quarantaine, [11d3b3787b100c2a4b7ed9ad9e6604fc],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A426D332-619B-45E9-BDB8-6D0303C1BF64}, En quarantaine, [954f4be0622984b23396cbbb7b897c84],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75D7CDF5-3A6E-4054-9100-1CD9A984344E}, En quarantaine, [7d67f9324b40c86e5376d2b4df25f40c],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A426D332-619B-45E9-BDB8-6D0303C1BF64}, En quarantaine, [08dc4edd365576c05673afd7659f2ad6],
PUP.Optional.YellowSend, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YSPackage, En quarantaine, [37adf932eba09e988efbefd0758fa55b],
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{235B86EA-BABD-46D7-9239-5582DE7D3358}, En quarantaine, [4a9a54d7cebd78be4d5c87ff35cfc23e],
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{419F65C6-3245-4831-BBE4-9B8A3F76B429}, En quarantaine, [cc18101badde4ee875333650679d9d63],
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42A45EBB-9564-4EDF-B7E2-F17C3BEEEC2D}, En quarantaine, [8262e14a0586c17571380a7c9a6a54ac],
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75D7CDF5-3A6E-4054-9100-1CD9A984344E}, En quarantaine, [ae3674b70c7f5fd78d1aabdb01039868],
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A426D332-619B-45E9-BDB8-6D0303C1BF64}, En quarantaine, [d113b9720e7de2547c2b4c3a8282eb15],
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD649F0C-1E65-4BF4-AC3E-A67C0E48DA1E}, En quarantaine, [27bd8c9f34570432fcada9dde2224db3],
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB, En quarantaine, [5a8aac7fc5c664d26bb9930feb1914ec],

Valeurs du registre: 20
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75d7cdf5-3a6e-4054-9100-1cd9a984344e}|AppName, ClickMovie1-Downloaderv10-bg.exe, En quarantaine, [11d3b3787b100c2a4b7ed9ad9e6604fc]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a426d332-619b-45e9-bdb8-6d0303c1bf64}|AppName, Free Video Grabber 6.6-bg.exe, En quarantaine, [954f4be0622984b23396cbbb7b897c84]
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, En quarantaine, [3ba9f338addef046b0d40f58be464cb4]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75d7cdf5-3a6e-4054-9100-1cd9a984344e}|AppName, ClickMovie1-Downloaderv10-bg.exe, En quarantaine, [7d67f9324b40c86e5376d2b4df25f40c]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a426d332-619b-45e9-bdb8-6d0303c1bf64}|AppName, Free Video Grabber 6.6-bg.exe, En quarantaine, [08dc4edd365576c05673afd7659f2ad6]
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{235b86ea-babd-46d7-9239-5582de7d3358}|AppName, ClickMovie1-Downloaderv10-codedownloader.exe, En quarantaine, [4a9a54d7cebd78be4d5c87ff35cfc23e]
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{419F65C6-3245-4831-BBE4-9B8A3F76B429}|AppName, 9cbdaf89-9fe8-442c-aa96-7e201cedd78f-2.exe-buttonutil.exe, En quarantaine, [cc18101badde4ee875333650679d9d63]
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42A45EBB-9564-4EDF-B7E2-F17C3BEEEC2D}|AppName, d19ea206-bfa8-487a-82bf-9874ed7434ae-2.exe-codedownloader.exe, En quarantaine, [8262e14a0586c17571380a7c9a6a54ac]
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75d7cdf5-3a6e-4054-9100-1cd9a984344e}|AppName, ClickMovie1-Downloaderv10-bg.exe, En quarantaine, [ae3674b70c7f5fd78d1aabdb01039868]
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a426d332-619b-45e9-bdb8-6d0303c1bf64}|AppName, Free Video Grabber 6.6-bg.exe, En quarantaine, [d113b9720e7de2547c2b4c3a8282eb15]
PUP.Optional.CrossRider, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{bd649f0c-1e65-4bf4-ac3e-a67c0e48da1e}|AppName, Free Video Grabber 6.6-codedownloader.exe, En quarantaine, [27bd8c9f34570432fcada9dde2224db3]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype12, 9/2/15 22:32:21, En quarantaine, [5a8aac7fc5c664d26bb9930feb1914ec]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype10, 9/2/15 22:32:25, En quarantaine, [b23289a2becdda5cf62e3072c24222de]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype20, 9/2/15 22:32:47, En quarantaine, [cb1959d2f398f442bd67fea440c4b24e]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype24, 9/2/15 22:32:47, En quarantaine, [b92b59d294f7bf77c163178b55af12ee]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype27, 9/2/15 22:32:47, En quarantaine, [16ce2b00c9c275c178ac9b07ac58fb05]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype41, 9/2/15 22:32:47, En quarantaine, [618375b6286342f45bc9e5bd71938d73]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype42, 9/2/15 22:32:47, En quarantaine, [8460fb30810a78bec85cdbc7778dfd03]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype15, 9/2/15 22:33:17, En quarantaine, [9450d4572e5d38febe661b876b9919e7]
PUP.Optional.OutBrowse, HKU\S-1-5-21-386934570-2420369890-760383783-1001\SOFTWARE\OB|monitype6, 9/2/15 22:33:35, En quarantaine, [82625ad167247cba3aea9111f60e7987]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.IOProtect, C:\Users\Pierre\AppData\Local\Temp\WIZZ, En quarantaine, [657f15167d0e0b2b59f4e9ac8480b947],
PUP.Optional.TVTime, C:\ProgramData\TVTime, En quarantaine, [756fe5465d2e132392591d98c242619f],
PUP.Optional.WebBar, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, En quarantaine, [954fee3d4a4162d40cbe793f927251af],

Fichiers: 9
PUP.Optional.WProtectManager, C:\Users\Pierre\AppData\Roaming\ZHP\Quarantine\WdsManPro.exe, En quarantaine, [895b80ab8308bc7a0af724740302c937],
PUP.Optional.SoftwareUpdate, C:\Users\Pierre\AppData\Roaming\ZHP\Quarantine\Software\Update\SoftwareUpdate.exe, En quarantaine, [a04434f76d1ed75fb0022a94679a4db3],
Trojan.Banker, C:\Users\Pierre\AppData\Local\Temp\WIZZ\ioprotect.exe, En quarantaine, [2aba2dfe2566a3934fce3e5708fab848],
PUP.Optional.IOProtect, C:\Users\Pierre\AppData\Local\Temp\WIZZ\ioprotect_conf.xml, En quarantaine, [657f15167d0e0b2b59f4e9ac8480b947],
PUP.Optional.IOProtect, C:\Users\Pierre\AppData\Local\Temp\WIZZ\ioproduct.exe, En quarantaine, [657f15167d0e0b2b59f4e9ac8480b947],
PUP.Optional.IOProtect, C:\Users\Pierre\AppData\Local\Temp\WIZZ\ioprotect.exe, En quarantaine, [657f15167d0e0b2b59f4e9ac8480b947],
PUP.Optional.TVTime, C:\ProgramData\TVTime\app.dat, En quarantaine, [756fe5465d2e132392591d98c242619f],
PUP.Optional.TVTime, C:\ProgramData\TVTime\data.dat, En quarantaine, [756fe5465d2e132392591d98c242619f],
PUP.Optional.WebBar, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, En quarantaine, [954fee3d4a4162d40cbe793f927251af],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité