cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 25/09/2015
Heure de l'analyse: 09:43
Fichier journal: mbam.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.24.05
Base de données de rootkits: v2015.09.22.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Système de fichiers: NTFS
Utilisateur: diag auto

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 361532
Temps écoulé: 37 min, 21 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 4
PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExd, Supprimer au redémarrage, [288dc76cd3b82313f9fe6424bc48a55b],
PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExi, Supprimer au redémarrage, [e6cfdc57dcaf72c4f403167229db55ab],
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMupdate1, Supprimer au redémarrage, [7f3682b1b7d47cbaeda5891744c004fc],
PUP.Optional.AnyProtect, HKU\S-1-5-21-723296858-3071427681-845184394-1000\SOFTWARE\ANYPROTECT, En quarantaine, [d5e0141fd0bb6dc9e12c344d1de72dd3],

Valeurs du registre: 2
PUP.Optional.AnyProtect, HKU\S-1-5-21-723296858-3071427681-845184394-1000\SOFTWARE\ANYPROTECT|ABTest, {"general":{"test_id":"B6","installer_pre_page":true,"scanner_pre_page":false},"1":{"email_check":true},"7":{"notification_20_mins":"3A"},"9":{"scan_page_id":2},"12":{"upclick_exit_show":false,"upclick_exit_countries":{"US":{"phone":"(855) 602-9762"},"CA":{"phone":"(855) 602-9762"},"UK":{"phone":"0800 031 4647"},"GB":{"phone":"0800 031 4647"},"AU":{"phone":"1800-762-367"}}},"14":{"upclick_scan_id_show":false,"upclick_scan_id":"000-000-000"},"15":{"upclick_bottom_offer_show":false,"upclick_bottom_offer_countries":{"US":{"phone":"(855) 602-9762"},"GB":{"phone":"0800 031 4647"},"UK":{"phone":"0800 031 4647"},"DE":{"phone":"800-182-0188"},"CA":{"phone":"(855) 602-9762"},"AU":{"phone":"1800-762-367"},"FR":{"phone":"9 75 18 72 00"}}},"18":{"movie":1}}, En quarantaine, [d5e0141fd0bb6dc9e12c344d1de72dd3]
Rootkit.Fileless.MTGen, HKU\S-1-5-21-723296858-3071427681-845184394-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^6e7091da, En quarantaine, [4e675dd6c3c859dd1a12e697986cd42c],

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 8
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\installer, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\language, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\logs, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\scan_results, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\swf, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],

Fichiers: 28
PUP.Optional.WinCheck, C:\Users\diag auto\AppData\Local\wincheck\Uninstall.exe, En quarantaine, [288d68cb13783501004e0bb63cc550b0],
Trojan.FileCryptor.Trace, C:\Users\diag auto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\restore_files_qcsvg.html, En quarantaine, [0ea73ff43f4ccf676cd6107338cc03fd],
Trojan.FileCryptor.Trace, C:\Users\diag auto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\restore_files_qcsvg.txt, En quarantaine, [5b5ada59216ac76f5fe486fdc0444fb1],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\restore_files_qcsvg.html, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\restore_files_qcsvg.txt, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\installer\ab.test.json, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\installer\restore_files_qcsvg.html, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\installer\restore_files_qcsvg.txt, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\installer\tempfile.t, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\language\de.xml, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\language\en.xml, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\language\fr.xml, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\language\restore_files_qcsvg.html, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\language\restore_files_qcsvg.txt, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\logs\restore_files_qcsvg.html, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\logs\restore_files_qcsvg.txt, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.quick.results, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\scan_results\aps.scan.results, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\scan_results\restore_files_qcsvg.html, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\scan_results\restore_files_qcsvg.txt, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\swf\mov01.swf, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\swf\restore_files_qcsvg.html, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.AnyProtect, C:\Users\diag auto\AppData\Roaming\AnyProtectEx\swf\restore_files_qcsvg.txt, En quarantaine, [d8ddb47f28633afc3173ba4e26dd40c0],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\restore_files_qcsvg.html, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\restore_files_qcsvg.txt, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver\Config.xml, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver\restore_files_qcsvg.html, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],
PUP.Optional.ShopperPro, C:\Users\Public\Documents\ShopperPro\JsDriver\restore_files_qcsvg.txt, En quarantaine, [d5e0d162820985b1bdb28c9da360e41c],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité