cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 14/10/2015
Heure de l'analyse: 14:27:08
Fichier journal: ????? ?????.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.10.14.03
Base de données de rootkits: v2015.10.06.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows XP Service Pack 3
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Administrateur

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 263034
Temps écoulé: 18 min, 40 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 3
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}, En quarantaine, [8e4d1b3bbbd0b482d87b0e7637ccf010],
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}, En quarantaine, [21ba64f2355662d491c0c8bc55ae39c7],
PUP.Optional.OutBrowse, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\OB, En quarantaine, [c912094dabe0bd792533e2bc21e20af6],

Valeurs du Registre: 15
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}|DisplayName, default-search.net, En quarantaine, [8e4d1b3bbbd0b482d87b0e7637ccf010]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}|URL, http://www.default-search.net/search?sid=492&aid=198&itype=n&ver=16064&tm=700&src=ds&p={searchTerms}, En quarantaine, [ebf05cfabecdf244173c8bf9c53e0ef2]
PUP.Optional.DefaultSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}|SuggestionsURL_JSON, http://www.default-search.net?sid=492&aid=198&itype=n&ver=16064&tm=700&src=ds&p={searchTerms}&ft=json, En quarantaine, [805b82d43457a294450e95efde25649c]
PUM.LowRiskFileTypes, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LowRiskFileTypes, .rtf;.doc;.cab;.torrent;.diz;.nfo;.mp4;.mpc;.7z;.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.png;.jpeg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.wmv;.flac;.ogg, En quarantaine, [6e6d3620d7b467cf4b821b68be44d32d]
Hijack.ControlPanelStyle, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, En quarantaine, [a833fe58b3d83ef834aba64059a97d83]
PUM.LowRiskFileTypes, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LowRiskFileTypes, .rtf;.doc;.cab;.torrent;.diz;.nfo;.mp4;.mpc;.7z;.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.png;.jpeg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.wmv;.flac;.ogg, En quarantaine, [e0fb61f57c0f45f129a4047f40c2f709]
Hijack.ControlPanelStyle, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, En quarantaine, [e1fad680abe0f73fb42bebfbc141fa06]
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}|DisplayName, default-search.net, En quarantaine, [21ba64f2355662d491c0c8bc55ae39c7]
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}|URL, http://www.default-search.net/search?sid=492&aid=198&itype=n&ver=16064&tm=700&src=ds&p={searchTerms}, En quarantaine, [fcdfdb7bf99245f198b9196b1de61ce4]
PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}|SuggestionsURL_JSON, http://www.default-search.net?sid=492&aid=198&itype=n&ver=16064&tm=700&src=ds&p={searchTerms}&ft=json, En quarantaine, [9f3cf165aae11b1b024f8ff518eb21df]
PUM.LowRiskFileTypes, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LowRiskFileTypes, .rtf;.doc;.cab;.torrent;.diz;.nfo;.mp4;.mpc;.7z;.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.png;.jpeg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;.wmv;.flac;.ogg, En quarantaine, [62795105d1bad85ebd10c0c30ff33ac6]
Hijack.ControlPanelStyle, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, En quarantaine, [bc1f6aeca4e70d29479883637a88b14f]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\OB|monitype20, 8/24/15 15:39:40, En quarantaine, [c912094dabe0bd792533e2bc21e20af6]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\OB|monitype24, 8/24/15 15:39:40, En quarantaine, [d70435210a81f5413523930baf5419e7]
PUP.Optional.OutBrowse, HKU\S-1-5-21-1409082233-261478967-1177238915-500\SOFTWARE\OB|monitype27, 8/24/15 15:39:40, En quarantaine, [fcdfa5b19fecef47a3b5306e679c35cb]

Données du Registre: 2
PUM.Hijack.Help, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp, 1, Bon : (0), Mauvais : (1),Remplacé,[7f5c88ce9deed95d3ceb96a50301b24e]
PUM.Hijack.Help, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp, 1, Bon : (0), Mauvais : (1),Remplacé,[d50678dee3a8f73f68bf300bbf45f60a]

Dossiers: 21
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\10, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\10bak, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12\resources, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12bak, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12bak\resources, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3bak, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\5, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\5bak, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7\resources, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7bak, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7bak\resources, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\8, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\8bak, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],
PUP.Optional.GreatFind, C:\Program Files\Fichiers communs\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc, En quarantaine, [518af165751659dde06076e67a88946c],
PUP.Optional.GreatFind, C:\Program Files\Fichiers communs\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater, En quarantaine, [518af165751659dde06076e67a88946c],

Fichiers: 3
Trojan.PWS.Zbot, C:\WINDOWS\system32\notepad.exe, En quarantaine, [c21986d0d5b6d3634daa97014ab624dc],
Trojan.PWS.Zbot, C:\WINDOWS\NOTEPAD.EXE, En quarantaine, [d10afa5c018a31056394d5c3e818af51],
PUP.Optional.GreatFind, C:\Documents and Settings\All Users\Application Data\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\temp, En quarantaine, [27b4be98afdc5ed8d26d5804dc268878],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité