cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 21/10/2015
Heure de l'analyse: 21:01
Fichier journal: Rapport Antimal.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.10.21.06
Base de données de rootkits: v2015.10.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: cococ_000

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 337971
Temps écoulé: 37 min, 11 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 11
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, En quarantaine, [6733dd7cd5b669cddfacba6b0af8f20e],
PUP.Optional.WinManger, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, En quarantaine, [6733dd7cd5b669cddfacba6b0af8f20e],
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, En quarantaine, [6733dd7cd5b669cddfacba6b0af8f20e],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\CLASSES\APPID\{ef494946-9425-4a5c-b373-74ccd38e8c48}, En quarantaine, [d3c74217cdbe5cdabbc683a220e2857b],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{EF494946-9425-4A5C-B373-74CCD38E8C48}, En quarantaine, [d3c74217cdbe5cdabbc683a220e2857b],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{EF494946-9425-4A5C-B373-74CCD38E8C48}, En quarantaine, [d3c74217cdbe5cdabbc683a220e2857b],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143E921-7C9A-4D27-AC43-EACCC78CC55A}, En quarantaine, [712960f9ed9e6fc79a9d5c3cf310ab55],
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MyBrowser 1.0.2V21.10-nv-ie, En quarantaine, [4951a9b01d6ead89997175fbe51e43bd],
PUP.Optional.MyBrowser, HKU\S-1-5-18\SOFTWARE\MyBrowser 1.0.2V21.10-nv-ie, En quarantaine, [118994c5ec9fb185b55495db42c1f40c],
PUP.Optional.Cassiopesa, HKU\S-1-5-21-3482925008-3529643404-215118982-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [2e6c3128ccbf58dea700da7634cf8779],
PUP.Optional.Spigot, HKU\S-1-5-21-3482925008-3529643404-215118982-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C6ABEE49-37B6-4EFD-8BBD-F6F3772F8785}, En quarantaine, [0a903128bad1330385f4d6aa758edb25],

Valeurs du Registre: 7
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_43¶m1=1¶m2=f[712960f9ed9e6fc79a9d5c3cf310ab55]D4%26b[712960f9ed9e6fc79a9d5c3cf310ab55]DIE%26cc[712960f9ed9e6fc79a9d5c3cf310ab55]Dfr%26pa[712960f9ed9e6fc79a9d5c3cf310ab55]DWincy%26cd[712960f9ed9e6fc79a9d5c3cf310ab55]D2XzuyEtN2Y1L1Qzu0A0C0ByDyB0D0D0A0D0FtA0A0EyB0E0AtN0D0Tzu0StCtAzzyBtN1L2XzutAtFtCtAtFyBtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyD0CtDzzzzzy0DyBtGyEtA0F0CtGzyyDyByBtGtDyBzytDtGyE0EyEtCtD0CtAyByE0DyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBtBtCtBzy0DtAtG0Dzz0EtBtGyEzyyCyCtG0AtA0B0AtGyE0A0CtDzz0CyBtAzytBtBtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCtBtD%26cr[712960f9ed9e6fc79a9d5c3cf310ab55]D1354130250%26a[712960f9ed9e6fc79a9d5c3cf310ab55]Dwncy_ir_15_43%26os[712960f9ed9e6fc79a9d5c3cf310ab55]DWindowsEn quarantaineB8.1En quarantaineBConnected&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_43¶m1=1¶m2=f[b9e19bbe1b7046f05ed965331ae912ee]D4%26b[b9e19bbe1b7046f05ed965331ae912ee]DIE%26cc[b9e19bbe1b7046f05ed965331ae912ee]Dfr%26pa[b9e19bbe1b7046f05ed965331ae912ee]DWincy%26cd[b9e19bbe1b7046f05ed965331ae912ee]D2XzuyEtN2Y1L1Qzu0A0C0ByDyB0D0D0A0D0FtA0A0EyB0E0AtN0D0Tzu0StCtAzzyBtN1L2XzutAtFtCtAtFyBtFtAtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyD0CtDzzzzzy0DyBtGyEtA0F0CtGzyyDyByBtGtDyBzytDtGyE0EyEtCtD0CtAyByE0DyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtBtBtCtBzy0DtAtG0Dzz0EtBtGyEzyyCyCtG0AtA0B0AtGyE0A0CtDzz0CyBtAzytBtBtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCtBtD%26cr[b9e19bbe1b7046f05ed965331ae912ee]D1354130250%26a[b9e19bbe1b7046f05ed965331ae912ee]Dwncy_ir_15_43%26os[b9e19bbe1b7046f05ed965331ae912ee]DWindowsEn quarantaineB8.1En quarantaineBConnected&p={searchTerms}, %4, %5
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, MyBrowser, En quarantaine, [c2d8b2a786051d19d0415041699a3cc4]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, En quarantaine, [267476e31576191db160d4bdd82b639d]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, MyBrowser, En quarantaine, [9703fb5e0d7e4de95bb65c35ef14f30d]
PUP.Optional.Cassiopesa, HKU\S-1-5-21-3482925008-3529643404-215118982-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Cassiopesa, En quarantaine, [2e6c3128ccbf58dea700da7634cf8779]
PUP.Optional.Spigot, HKU\S-1-5-21-3482925008-3529643404-215118982-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C6ABEE49-37B6-4EFD-8BBD-F6F3772F8785}|URL, https://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}, En quarantaine, [0a903128bad1330385f4d6aa758edb25]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 1
PUP.Optional.GlobalUpdate, C:\Users\cococ_000\AppData\Local\Temp\comh.128384, En quarantaine, [108a97c27c0fa591fe06490835cd23dd],

Fichiers: 48
Trojan.Dropper, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\109.exe, En quarantaine, [33675bfeb5d62313f5d4051b827f03fd],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\13f13168-3d7d-4e8c-9262-d6644908355f-1-6.exe, En quarantaine, [16840158701bec4aac87bd8f0ff5718f],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\13f13168-3d7d-4e8c-9262-d6644908355f-1-7.exe, En quarantaine, [7822d5846f1c66d0a78c103c887cf808],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\13f13168-3d7d-4e8c-9262-d6644908355f-10.exe, En quarantaine, [643619406a2149ed47eccf7dcd37c739],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\13f13168-3d7d-4e8c-9262-d6644908355f-5.exe, En quarantaine, [8d0d1049dead60d638fb61eb37cd4eb2],
PUP.Optional.OurSeaching, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\amt_oursurfing.exe, En quarantaine, [96041544ee9d0e28fc4481cbf31116ea],
PUP.Optional.Groover, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\awh78C4.tmp, En quarantaine, [8614f86136556ec865c0ce96d52c738d],
Trojan.Dropper, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\bc.exe, En quarantaine, [4f4b17425a318babdbee6cb413eeeb15],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\globalupdate.exe, En quarantaine, [1189afaa870487af9a36ab5f0001ff01],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\globalupdateBroker.exe, En quarantaine, [c7d3233696f56ec81cb4c842837e26da],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\globalupdateCrashHandler.exe, En quarantaine, [6b2f35246b20270fb818ff0bde23a35d],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\globalupdateOnDemand.exe, En quarantaine, [03979ebbf4977db9339d92789170639d],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\goopdate.dll, En quarantaine, [e4b623365437072fd2fe1feb60a136ca],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, En quarantaine, [801a5108afdc66d0923ee02ab64bb24e],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\psmachine.dll, En quarantaine, [1a80d089216a76c0f0e0bd4d24dda65a],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\psuser.dll, En quarantaine, [f6a47cdd8efd7db9904043c726db08f8],
PUP.Optional.SoftwareUpdate, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\SoftwareUpdate.exef7aa5, En quarantaine, [c1d9b3a6513a270f0086bb9323de0df3],
PUP.Optional.ModGoog, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\npglobalupdateUpdate4.dll, En quarantaine, [f6a47adfc9c20630ede3d3379b660af6],
PUP.Optional.OptimizerPro, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\optprosetup.exe, En quarantaine, [742669f06c1feb4b1a115df0c53c60a0],
PUP.Optional.Downloader, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\MyBrowser 1.0.2V21.10\Uninstall.exe, En quarantaine, [9cfee2774546ec4aa264d6742ad76d93],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\MyBrowser 1.0.2V21.10\UninstallBrw.exe, En quarantaine, [22780e4bf19ae94d10230b412cd8d828],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Roaming\ZHP\Quarantine\MyBrowser 1.0.2V21.10\utils.exe, En quarantaine, [8d0de37637547fb7c66db399f50fd729],
PUP.Optional.Downloader, C:\Users\cococ_000\AppData\Local\Temp\Mejores ligas del mundo v_Downloader.exe, En quarantaine, [9604e2774348a49211e6da7507fdc040],
PUP.Optional.CrossRider, C:\Users\cococ_000\AppData\Local\Temp\5439.exe, En quarantaine, [4c4e20392f5c85b1da0df45bd4300ff1],
PUP.Optional.APNToolBar, C:\Users\cococ_000\AppData\Local\Temp\AskPIP_FF_.exe, En quarantaine, [3d5dacad1c6fb87ec4a793b550b1b24e],
PUP.Optional.PCSpeedUp, C:\Users\cococ_000\AppData\Local\Temp\awh7051.tmp, En quarantaine, [d8c2ee6b6229d363b591da73fd040af6],
PUP.Optional.ABengine, C:\Users\cococ_000\AppData\Local\Temp\awh74AC.tmp, En quarantaine, [8b0f7edb3556bf772aba98cdf0112fd1],
PUP.Optional.MyBrowser, C:\Users\cococ_000\AppData\Local\Temp\1827.exe, En quarantaine, [7525ef6ae0abc4723ff4f656fe0639c7],
PUP.Optional.Spigot, C:\Users\cococ_000\AppData\Local\Temp\nsrCF2F.tmp\SM.dll, En quarantaine, [108aafaa4249f0463bdaf15e17ed3fc1],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_pcrossbrowser_installer_multilang.exe, En quarantaine, [0d8d5009e2a9171f0b1f2f1bd52c936d],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\380.exe, En quarantaine, [603a6eebe2a99b9b41e9ab9f37ca28d8],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\420.exe, En quarantaine, [d2c873e6b4d7dc5abb6f9eacfa071ae6],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\583.exe, En quarantaine, [f8a2a1b8eba0a591ec3e301a15ec06fa],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\607.exe, En quarantaine, [acee2930a7e46ec850da1f2bc73acb35],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\643.exe, En quarantaine, [8d0d9cbde0abde58d9518fbbbe43e020],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_airwebbar_installer_multilang.exe, En quarantaine, [aeec44156b201b1bce5c3b0f837e28d8],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_AnySend_installer_multilang.exe, En quarantaine, [4e4c2831612a2412d4560f3ba958e020],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_boxore_installer_multilang.exe, En quarantaine, [6f2b2138cbc03df9e2480c3e956c6e92],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_bubbledock_installer_multilang.exe, En quarantaine, [fe9cbf9a6e1dda5ce149054556aba858],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_bubblefoot_installer_multilang.exe, En quarantaine, [dac00d4c622950e6ec3e93b77e8313ed],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_BubbleSound_installer_multilang.exe, En quarantaine, [7525d386a4e711252208d1791fe2aa56],
PUP.Optional.EoRezo, C:\Users\cococ_000\AppData\Local\Temp\is-S6DIP.tmp\package_pzombie_installer_multilang.exe, En quarantaine, [bfdbc89177148da9101a26249d64ca36],
PUP.Optional.InstallCore, C:\Users\cococ_000\AppData\Local\Temp\is146045244\0748C9D0_stp\icc.dll, En quarantaine, [c8d2d782b3d85fd74bdd3aa83ac77c84],
PUP.Optional.PCOptimizerPro, C:\Users\cococ_000\AppData\Local\Temp\V3T6cfzMbNtXza04Kbt\262\OptimizerPro.exe, En quarantaine, [0694acadd2b9a78f63fd70aa05fc669a],
PUP.Optional.CateredToYou, C:\Users\cococ_000\AppData\Local\Temp\V3T6cfzMbNtXza04Kbt\267\setup.exe, En quarantaine, [455564f5711a6cca0dc83b28a061fe02],
PUP.Optional.Pakilan, C:\Users\cococ_000\AppData\LocalLow\Microsoft\Internet Explorer\Services\Go_Palikan.ico, En quarantaine, [d9c10158bbd087afc4636233bf44f709],
PUP.Optional.Cassiopesa, C:\Users\cococ_000\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, En quarantaine, [7a209ebb98f3eb4bd31eeaab82818977],
PUP.Optional.GlobalUpdate, C:\Users\cococ_000\AppData\Local\Temp\comh.128384\globalupdateHelper.msi, En quarantaine, [108a97c27c0fa591fe06490835cd23dd],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité