cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 08/09/2015
Heure de l'analyse: 14:39
Fichier journal: malware.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.08.04
Base de données de rootkits: v2015.08.16.01
Licence: Premium
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7
Processeur: x86
Système de fichiers: NTFS
Utilisateur: toshiba

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 402384
Temps écoulé: 22 min, 46 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 35
PUP.Optional.AlNaddy, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}, En quarantaine, [5b19939aaeddc274425fecec29d90df3],
PUP.Optional.AlNaddy, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}, En quarantaine, [5b19939aaeddc274425fecec29d90df3],
PUP.Optional.StartPage, HKLM\SOFTWARE\CLASSES\AdSafe.AdSafe, En quarantaine, [e094002d0e7db77f0f8b9e42af53c33d],
PUP.Optional.StartPage, HKLM\SOFTWARE\CLASSES\AdSafe.AdSafe.1, En quarantaine, [75ff2a038cffa6907b1fe8f805fd5ca4],
PUP.Optional.StartPage, HKLM\SOFTWARE\CLASSES\NoVooIT.NoVooIT, En quarantaine, [75ff2a038cffa6907b1fe8f805fd5ca4],
PUP.Optional.StartPage, HKLM\SOFTWARE\CLASSES\NoVooIT.NoVooIT.1, En quarantaine, [75ff2a038cffa6907b1fe8f805fd5ca4],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\Vonteera.Vonteera, En quarantaine, [7ff56ebf058623133d12786959a90ef2],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\Vonteera.Vonteera.1, En quarantaine, [4133c66742495cda3817f8e9e81a0000],
PUP.Optional.AppsHat, HKLM\SOFTWARE\Apps Hat Madness, En quarantaine, [e88c47e6e6a5b0869d2cccaf1ce843bd],
PUP.Optional.Volaro, HKLM\SOFTWARE\Volaro Updater, En quarantaine, [5e168e9f880391a54b291d9dda2acb35],
PUP.Optional.Vonteera, HKLM\SOFTWARE\Vonteera, En quarantaine, [0371a08ddead092d6b1407b32ada847c],
PUP.Optional.Vonteera, HKLM\SOFTWARE\Vontera, En quarantaine, [551f6dc05f2c89ad91efe0da05ffbd43],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\APPID\Vonteera.DLL, En quarantaine, [066eca63fc8f082e7009209a877d6898],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2F48528B-251C-43C0-B7BC-A115125FC246}, En quarantaine, [f97bc26b4b4013233d285e2b1be9946c],
PUP.Optional.Bandoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8792EFD7-175D-409F-BA2B-53D06C9AA61B}, En quarantaine, [f87ccb62711aa88ef0af9ae28f7536ca],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8E7CF638-2890-4D00-88AB-593E261E6F9B}, En quarantaine, [e88c6dc0404bc274b5af70195aaa08f8],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D5DC66D9-75D9-4737-A651-3386C674BD17}, En quarantaine, [ea8a0d201972b581293d7d0cdd270cf4],
PUP.Optional.AppsHat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Apps Hat Madness-chromeinstaller, Supprimer au redémarrage, [373d0e1f256651e582487efd8480ac54],
PUP.Optional.AppsHat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Apps Hat Madness-codedownloader, Supprimer au redémarrage, [fd77d25b1576e4523298ec8f8f75b64a],
PUP.Optional.AppsHat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Apps Hat Madness-enabler, Supprimer au redémarrage, [83f12ffe6328a6903892a3d85ba99c64],
PUP.Optional.AppsHat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Apps Hat Madness-firefoxinstaller, Supprimer au redémarrage, [a4d046e7f398ef47309a94e7cd3749b7],
PUP.Optional.AppsHat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Apps Hat Madness-updater, Supprimer au redémarrage, [2d47f7362c5fe353f9d17902fe06b64a],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MOZILLAPLUGINS\@ei.VideoDownloadConverter_4z.com/Plugin, En quarantaine, [e292101dcbc015213bdd4c5464a0c739],
PUP.Optional.NoVooIT, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\NoVooIT, En quarantaine, [afc5e84597f4a29480e5f4af19ebd62a],
PUP.Optional.Vonteera, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\Vonteera, En quarantaine, [e98b17162b603105a6d54f6b5fa540c0],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{646A8AA3-55A5-4A8B-B0DE-E3D5D57AA951}, En quarantaine, [88ec220bb8d362d476ce1a6fe420728e],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{67CB7B0F-D3E7-437C-BF39-D7FE824DCA4E}, En quarantaine, [482c35f8107bad890b397712d3310af6],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D0AED9E-E6C5-4ABB-B2F0-6EF65CE777DF}, En quarantaine, [8aea34f9ed9edc5ac57ee0a91de7dc24],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7084CFDA-4C23-4D7A-ABED-6E6D5219A840}, En quarantaine, [d99b61cc0388270f6dd6ddacc1438e72],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F43A4C9-9688-4359-8F77-E91913B8E61E}, En quarantaine, [81f34fde3f4c3cfa291afc8da36105fb],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{843D0F7F-6A4A-40C7-94C6-95C0ECD52059}, En quarantaine, [3a3a57d6bad1af87ff452069f50fe020],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E51A3AC-8639-477E-B2F9-4D697AE92B23}, En quarantaine, [373d0429e8a3e4520440f8913fc5fb05],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3E8BDCB-36E6-41DC-A41F-622DB6372A90}, En quarantaine, [42327eafb6d590a62b18791035cf10f0],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B8CCF8CC-51BC-4F5F-A5E8-FDEB6BC11E3B}, En quarantaine, [bdb7ec415b3064d258ebfb8e996b7e82],
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1A51432-6825-42EF-95DB-1ABAA036CC77}, En quarantaine, [3c38b27bb8d371c53b08fc8d47bd9c64],

Valeurs du registre: 19
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2f48528b-251c-43c0-b7bc-a115125fc246}|AppName, Apps Hat Madness-buttonutil.exe, En quarantaine, [f97bc26b4b4013233d285e2b1be9946c]
PUP.Optional.Bandoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8792EFD7-175D-409F-BA2B-53D06C9AA61B}|AppPath, C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE, En quarantaine, [f87ccb62711aa88ef0af9ae28f7536ca]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8e7cf638-2890-4d00-88ab-593e261e6f9b}|AppName, Apps Hat Madness-bg.exe, En quarantaine, [e88c6dc0404bc274b5af70195aaa08f8]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d5dc66d9-75d9-4737-a651-3386c674bd17}|AppName, Apps Hat Madness-codedownloader.exe, En quarantaine, [ea8a0d201972b581293d7d0cdd270cf4]
PUP.Optional.Vonteera, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}|DisplayName, VenteeRo, En quarantaine, [7202c26bccbfeb4bc2bbf8c2c93b1ee2]
PUP.Optional.Arabyonline.R, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}|URL, http://www.arabyonline.com/search.php?src=1000&q={searchTerms}, En quarantaine, [60149796eba003330c830c636d9719e7]
PUP.Optional.CertifiedToolBar.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, En quarantaine, [066ed15c65269a9cbeb5db5e18ebb34d]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{646A8AA3-55A5-4A8B-B0DE-E3D5D57AA951}|AppName, Apps Hat Madness-enabler.exe-codedownloader.exe, En quarantaine, [88ec220bb8d362d476ce1a6fe420728e]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{67CB7B0F-D3E7-437C-BF39-D7FE824DCA4E}|AppName, Apps Hat Madness-enabler.exe-codedownloader.exe, En quarantaine, [482c35f8107bad890b397712d3310af6]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6D0AED9E-E6C5-4ABB-B2F0-6EF65CE777DF}|AppName, Apps Hat Madness-enabler.exe-buttonutil.exe, En quarantaine, [8aea34f9ed9edc5ac57ee0a91de7dc24]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7084CFDA-4C23-4D7A-ABED-6E6D5219A840}|AppName, Apps Hat Madness-enabler.exe-buttonutil.exe, En quarantaine, [d99b61cc0388270f6dd6ddacc1438e72]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F43A4C9-9688-4359-8F77-E91913B8E61E}|AppName, Apps Hat Madness-enabler.exe-buttonutil.exe, En quarantaine, [81f34fde3f4c3cfa291afc8da36105fb]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{843D0F7F-6A4A-40C7-94C6-95C0ECD52059}|AppName, Apps Hat Madness-enabler.exe-codedownloader.exe, En quarantaine, [3a3a57d6bad1af87ff452069f50fe020]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E51A3AC-8639-477E-B2F9-4D697AE92B23}|AppName, Apps Hat Madness-enabler.exe-codedownloader.exe, En quarantaine, [373d0429e8a3e4520440f8913fc5fb05]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3E8BDCB-36E6-41DC-A41F-622DB6372A90}|AppName, Apps Hat Madness-enabler.exe-buttonutil.exe, En quarantaine, [42327eafb6d590a62b18791035cf10f0]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B8CCF8CC-51BC-4F5F-A5E8-FDEB6BC11E3B}|AppName, Apps Hat Madness-enabler.exe-buttonutil.exe, En quarantaine, [bdb7ec415b3064d258ebfb8e996b7e82]
PUP.Optional.CrossRider, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1A51432-6825-42EF-95DB-1ABAA036CC77}|AppName, Apps Hat Madness-enabler.exe-buttonutil.exe, En quarantaine, [3c38b27bb8d371c53b08fc8d47bd9c64]
PUP.Optional.Vonteera, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}|DisplayName, VenteeRo, En quarantaine, [79fb8f9e2566fe38d3a7c9f160a421df]
PUP.Optional.Arabyonline.R, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{756D1D40-E491-4E1D-9BC6-5B37CEDE646E}|URL, http://www.arabyonline.com/search.php?src=1000&q={searchTerms}, En quarantaine, [99dbcf5ecebdb581810dfc7313f132ce]

Données du registre: 1
PUP.Optional.SearchCertifiedTB, HKU\S-1-5-21-876691533-955594958-3400876283-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI|(Default), http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s, Bon : (www.google.com), Mauvais : (http://search.certified-toolbar.com?si=41460&bs=true&tid=2937&q=%s),Remplacé,[eb8988a5eaa194a24f72a2c464a130d0]

Dossiers: 0
(Aucun élément malveillant détecté)

Fichiers: 3
PUP.Optional.APNToolBar, C:\Users\toshiba\Documents\APNSetup1.exe, En quarantaine, [1b59f93463282214ca17c3f5e61bba46],
PUP.Optional.Vonteera, C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jfhbklndhffnahdploecdffbedhgjnce_0.localstorage, En quarantaine, [96dea08dc2c94ceaaec8a9111ce844bc],
PUP.Optional.ASK, C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nmphonkbjeofadodnimkgdghlglkamol_0.localstorage, En quarantaine, [77fdf03d25662b0b26c68241937157a9],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité