cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 07/09/2015
Heure de l'analyse: 21:34
Fichier journal: Journal d'analyses Malwarebytes.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.07.03
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Maxime

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 459689
Temps écoulé: 27 min, 9 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 14
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, En quarantaine, [d936e24b870466d0c0ad3f992cd6fc04],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, En quarantaine, [bb54022b8efd58dee13f90e6a16021df],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, En quarantaine, [bb54022b8efd58dee13f90e6a16021df],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B119F957-DB79-47B8-AB97-56C5147344DC}, En quarantaine, [21eedd504c3f4ee8348fec9c7391d22e],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR, En quarantaine, [10ff2805791263d3f466e7d073914cb4],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, En quarantaine, [2ee11e0f870493a380d9df87f60eb947],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, En quarantaine, [cd4262cbb4d7f83e5ff9462001035ba5],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CineDPV2V27.09, En quarantaine, [739cfb32ddae7abc0856daa7a55ff709],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C8692F3-25ED-4A61-B988-A2E75EC694F9}, En quarantaine, [4ac5a687820981b534ee067e27dd19e7],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B119F957-DB79-47B8-AB97-56C5147344DC}, En quarantaine, [838cff2eeaa1e155a41f068209fb8779],
PUP.Optional.Cinema, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\APPDATALOW\SOFTWARE\CineDPV2V27.09, En quarantaine, [749b1617a4e7f73f16360978bb49857b],
PUP.Optional.AdLyrics, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\APPDATALOW\SOFTWARE\XingHaoLyrics, En quarantaine, [e12eb875dab1f244e68846333cc8d030],
PUP.Optional.CrossRider, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{451389F5-6AB4-4355-A113-D30CBAA32A90}, En quarantaine, [77986dc02b60c86e33701b6d43c1cd33],
PUP.Optional.CrossRider, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B119F957-DB79-47B8-AB97-56C5147344DC}, En quarantaine, [858a5ad3d8b3fe38a9f83c4cb64ea15f],

Valeurs du registre: 10
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b119f957-db79-47b8-ab97-56c5147344dc}|AppName, CineDPV2V27.09-bg.exe, En quarantaine, [21eedd504c3f4ee8348fec9c7391d22e]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130563031058431217, En quarantaine, [1ff0a4895f2c1b1b91c82790a75d41bf]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130563031058431217, En quarantaine, [50bf6bc20f7cc17553067d3a14f03cc4]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130563031058431217, En quarantaine, [09066cc199f25cda7ddc02b537cd19e7]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130563031058431217, En quarantaine, [8b84909dbecdeb4b91c8d7e0d62ea65a]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130563031058431217, En quarantaine, [10ff2805791263d3f466e7d073914cb4]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C8692F3-25ED-4A61-B988-A2E75EC694F9}|AppPath, C:\Users\Maxime\AppData\Local\Conduit\CT2849852, En quarantaine, [4ac5a687820981b534ee067e27dd19e7]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b119f957-db79-47b8-ab97-56c5147344dc}|AppName, CineDPV2V27.09-bg.exe, En quarantaine, [838cff2eeaa1e155a41f068209fb8779]
PUP.Optional.CrossRider, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{451389f5-6ab4-4355-a113-d30cbaa32a90}|AppName, CineDPV2V27.09-codedownloader.exe, En quarantaine, [77986dc02b60c86e33701b6d43c1cd33]
PUP.Optional.CrossRider, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{b119f957-db79-47b8-ab97-56c5147344dc}|AppName, CineDPV2V27.09-bg.exe, En quarantaine, [858a5ad3d8b3fe38a9f83c4cb64ea15f]

Données du registre: 3
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[6da26fbe1f6c1e187d76f56d6a9b2ad6]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[16f99994ee9d83b324cf075bf60f28d8]
PUP.Optional.SearchCertifiedTB, HKU\S-1-5-21-578327087-4110603385-1361986703-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, http://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=6.9&ts=1411768800000.000009&tguid=77302-18195-1411831525619-C046CAD69C5FD6EDAC7252990FCF222E&q=%s, Bon : (www.google.com), Mauvais : (http://search.certified-toolbar.com?si=77302&st=bs&tid=18195&ver=6.9&ts=1411768800000.000009&tguid=77302-18195-1411831525619-C046CAD69C5FD6EDAC7252990FCF222E&q=%s),Remplacé,[719e4ce13e4dec4ae20d54114bba3dc3]

Dossiers: 3
Rogue.Multiple, C:\ProgramData\374311380, En quarantaine, [12fdf03de0ab57dfca10855cf909c040],
PUP.Optional.BitTorrentBar, C:\Users\Maxime\AppData\LocalLow\BittorrentBar_FR, En quarantaine, [4bc4210c2d5ee3531c00c03cb34f6a96],
PUP.Optional.BitTorrentBar, C:\Users\Maxime\AppData\LocalLow\BittorrentBar_FR\Logs, En quarantaine, [4bc4210c2d5ee3531c00c03cb34f6a96],

Fichiers: 15
PUP.Optional.CrossRider, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\BZEAJ.exe, En quarantaine, [db348da08dfe2b0ba05ddb7b50b09e62],
PUP.Optional.BrowserApps, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\CE.exe, En quarantaine, [749be944d6b5cf6714fb98219c655ca4],
PUP.Optional.ModGoog, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\GoogleUpdate.exe, En quarantaine, [bb54022b8efd58dee13f90e6a16021df],
PUP.Optional.BrowserApps, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\LDYPF.exe, En quarantaine, [25eaed40ed9eab8b1af5befbba47ca36],
PUP.Optional.RegCleanPro, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\roboot64.exe, En quarantaine, [db345ecfc5c69b9bd1d4aa7b2ad7926e],
PUP.Optional.CrossRider, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\ZADXN.exe, En quarantaine, [0609a7863754da5cf10e371f8977da26],
PUP.Optional.ModGoog, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\npGoogleUpdate4.dll, En quarantaine, [40cf7fae5239082e4cd4cda9768b44bc],
PUP.Optional.WindowsProtectManger, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\ProtectWindowsManager.exe, En quarantaine, [f9162409d0bb1d191dd648770ef3ed13],
PUP.Optional.SnapDo, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\OpenCandy\805AEA38426A44E0BF883BB99F28E2A4\LinkuryInstaller.msi, En quarantaine, [cb44b6771e6d989e9566bb039071f30d],
PUP.Optional.SmartBar, C:\Users\Maxime\AppData\Roaming\ZHP\Quarantine\OpenCandy\805AEA38426A44E0BF883BB99F28E2A4\LinkuryInstaller_p1v16.exe, En quarantaine, [9c73f83502897cbaaa77af7cc43ca15f],
PUP.Optional.SnapDo, C:\Windows\Installer\e0c9ce.msi, En quarantaine, [818ec964cebd092d4ead7a44ac551fe1],
PUP.Optional.SmartBar, C:\Windows\Installer\MSIF5EF.tmp-\Smartbar.Installer.CustomActions.dll, En quarantaine, [0d02dd5043483204938e6ac126da9967],
PUP.Optional.BitTorrentBar, C:\Users\Maxime\AppData\LocalLow\BittorrentBar_FR\ldrtbBitt.dll, En quarantaine, [4bc4210c2d5ee3531c00c03cb34f6a96],
PUP.Optional.BitTorrentBar, C:\Users\Maxime\AppData\LocalLow\BittorrentBar_FR\tbBitt.dll, En quarantaine, [4bc4210c2d5ee3531c00c03cb34f6a96],
PUP.Optional.BitTorrentBar, C:\Users\Maxime\AppData\LocalLow\BittorrentBar_FR\toolbar.cfg, En quarantaine, [4bc4210c2d5ee3531c00c03cb34f6a96],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité