cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 23/10/2015
Heure de l'analyse: 23:25
Fichier journal: mbam.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.10.23.06
Base de données de rootkits: v2015.10.23.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Yasmine92

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 334143
Temps écoulé: 6 min, 58 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 15
PUP.Optional.Convertor, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\2pP, Supprimer au redémarrage, [313193c7088392a4e8f8546442c16a96],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, En quarantaine, [273ba5b5e3a85bdb4073761d659e8b75],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, En quarantaine, [e37f93c75239ca6c466de4afdc277b85],
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PhraseProfessorAutoUpdateClient_RASAPI32, En quarantaine, [78ea25358902cf6732bcd5bf956e669a],
PUP.Optional.PhraseProfessor, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PhraseProfessorAutoUpdateClient_RASMANCS, En quarantaine, [075bf169414ae056f8f6286ced166e92],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SwiftSearchAutoUpdateClient_RASAPI32, En quarantaine, [d1917bdfbdce90a6b4d1177d82815aa6],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\SwiftSearchAutoUpdateClient_RASMANCS, En quarantaine, [0d55500aff8cc5715530ff951ce751af],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\WordwizardAutoUpdateClient_RASAPI32, En quarantaine, [431fc3978cffcd694b137d1939cac739],
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\WordwizardAutoUpdateClient_RASMANCS, En quarantaine, [8ed49bbf0487fd3976e884128d7605fb],
PUP.Optional.CinePlus, HKU\S-1-5-18\SOFTWARE\CinePlus-1.44V23.10-nv, En quarantaine, [f56dd5854447bb7bcc578bc6dc2724dc],
PUP.Optional.CinePlus, HKU\S-1-5-18\SOFTWARE\CinePlus-1.44V23.10-nv-ie, En quarantaine, [8ed47bdfaae11b1b5dc675dc8182936d],
PUP.Optional.MyBrowser, HKU\S-1-5-18\SOFTWARE\MyBrowser 1.0.2V23.10-nv, En quarantaine, [3032d08ac3c891a50c386c0356adcf31],
PUP.Optional.MyBrowser, HKU\S-1-5-18\SOFTWARE\MyBrowser 1.0.2V23.10-nv-ie, En quarantaine, [3a283f1bf794fd395ee64f206a99b848],
PUP.Optional.MultiPlug, HKU\S-1-5-21-3555728656-2322670981-870577601-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, En quarantaine, [382aaeaca0eb6dc90ea14f48bc47f20e],
PUP.Optional.MultiPlug, HKU\S-1-5-21-3555728656-2322670981-870577601-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, En quarantaine, [382aaeaca0eb6dc90ea14f48bc47f20e],

Valeurs du Registre: 5
PUP.Optional.SpaceSoundPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SpaceSoundPro, "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe", En quarantaine, [f66c0c4e1f6cd85e57dd9ce36e95b749]
PUP.Optional.WindeskWinsearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Windesk Winsearch, C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe, En quarantaine, [1d452337a3e8cb6b858bd2b821e2a759]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, Crossbrowse, En quarantaine, [530f5dfd9fec2016296e8ec6010206fa]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, En quarantaine, [6ef44317335864d2465182d2b152d927]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, Crossbrowse, En quarantaine, [70f2cb8f1477e155aee962f2ca392cd4]

Données du Registre: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[63ffd585b9d2a690cfe6bf7039cb50b0]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[d38ff6645734999dab0a9a951ee6867a]

Dossiers: 6
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Wiculupsu\1.0.6.1, En quarantaine, [085a9ac0e8a3ea4ce07269d9f50e3cc4],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Wiculupsu, En quarantaine, [085a9ac0e8a3ea4ce07269d9f50e3cc4],
PUP.Optional.WebBar, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar, En quarantaine, [570bc4964b403afc193e77116a99f808],
PUP.Optional.Convertor, C:\Users\Yasmine92\AppData\Roaming\PlusN, En quarantaine, [75edb7a30e7df541d3e583146b986799],
PUP.Optional.GlobalUpdate, C:\Users\Yasmine92\AppData\Local\Temp\comh.153936, En quarantaine, [451d4d0d8902092d1645fc575ba7b848],
PUP.Optional.GlobalUpdate, C:\Users\Yasmine92\AppData\Local\Temp\comh.428054, En quarantaine, [cd953f1b1e6dae88e6754310659d30d0],

Fichiers: 57
PUP.Optional.ZombieInvasion, C:\ProgramData\ZTYXMLtZEtJ\dat\GSYkCi.dll, En quarantaine, [382afc5e96f5cc6a567b2ce1e91b52ae],
PUP.Optional.Nosibay, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\Bubble Dock Uninstall.exe, En quarantaine, [bca695c58b004ceaa0941f3544c08a76],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\npglobalupdateUpdate4.dll, En quarantaine, [cb97095112793402c6b3659eff0228d8],
PUP.Optional.PhraseProfessor, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\ppfd_vw_1_10_0_24.sys, En quarantaine, [8fd30159a7e4a98d281b79db64a025db],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\psmachine.dll, En quarantaine, [8dd5a2b8f19ad2645920a360d13030d0],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\psuser.dll, En quarantaine, [ed75f06ad8b39d994534ca39c43d7789],
PUP.Optional.Nosibay, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\Selection Tools Uninstall.exe, En quarantaine, [243eadad8dfe93a3a68e5ff5679d8c74],
PUP.Optional.SwiftSearch, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\swsedrvr_vw_1_10_0_25.sys, En quarantaine, [283a471394f7092d186f94c039cbf50b],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\globalupdateBroker.exe, En quarantaine, [b9a989d1583384b2dc9dc83b6a97f50b],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\globalupdateCrashHandler.exe, En quarantaine, [1f434d0d5b30280efe7be91afd040bf5],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\globalupdateOnDemand.exe, En quarantaine, [253d17436526b185d8a1768d758c38c8],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\goopdate.dll, En quarantaine, [045eeb6f424968ce83f69d6627dae31d],
PUP.Optional.CheckOffer, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\VuuPC_VO2_8907[1].exe, En quarantaine, [c79bc09a1378b97de54ee531b8498b75],
PUP.Optional.Nosibay, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\WindApp Uninstall.exe, En quarantaine, [88da90ca97f4cf672a0acc88cb39956b],
PUP.Optional.WindeskWinsearch, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\WindeskWinsearch_IN063A[1].exe, En quarantaine, [b2b01f3ba7e4e45276f287c82fd50df3],
PUP.Optional.Vitruvian, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\wwfd_vw_1_10_0_24.sys, En quarantaine, [c2a081d91972b87e019ee978c73ab947],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\globalupdate.exe, En quarantaine, [29390357c5c6c571fb7eeb1889781de3],
PUP.Optional.ModGoog, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\goopdateres_en.dll, En quarantaine, [6ff3ef6bc0cbeb4be693000345bc2ed2],
PUP.Optional.HealthAlert, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\mwfKRSg.exe, En quarantaine, [aeb4f9619fecb87e92cb57eb58a96799],
HackTool.KMS, C:\Users\Yasmine92\AppData\Roaming\ZHP\Quarantine\AutoKMS\trzBA95.tmp, En quarantaine, [ce944f0b365558dec4dc3ca3af5254ac],
PUP.Optional.OutBrowse, C:\Program Files (x86)\Microsoft Toolkit Final\Microsoft Toolkit 2.5.4.exe, En quarantaine, [b1b1ff5b6d1eed491cb5273833ce2bd5],
PUP.Optional.CrossBrowse, C:\Users\Yasmine92\AppData\Local\Temp\1849.exe, En quarantaine, [f66c54067615a492819f0c35d42d5ca4],
PUP.Optional.PreInstaller, C:\Users\Yasmine92\AppData\Local\Temp\nsh2D65.tmp, En quarantaine, [ef730f4b99f25ed83cdc59ecb0518a76],
PUP.Optional.Vitruvian, C:\Users\Yasmine92\AppData\Local\Temp\nsj7543.tmp, En quarantaine, [6bf72f2bcdbe8da999063b26f50cf010],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Yasmine92\AppData\Local\Temp\nslEA7B.tmp, En quarantaine, [86dc9cbed5b60e28b75cf954ae56d12f],
PUP.Optional.CheckOffer, C:\Users\Yasmine92\AppData\Local\Temp\nsq9BF4.tmp, En quarantaine, [9ac86eec177432049a9952c4926f35cb],
PUP.Optional.CheckOffer, C:\Users\Yasmine92\AppData\Local\Temp\nsx1FD2.tmp, En quarantaine, [89d9f76378132016bb7869addb2624dc],
PUP.Optional.Vitruvian, C:\Users\Yasmine92\AppData\Local\Temp\nsy90.tmp, En quarantaine, [b7abb5a56a210f277e2159081be6ef11],
PUP.Optional.CheckOffer, C:\Users\Yasmine92\AppData\Local\Temp\nsz9DDE.tmp, En quarantaine, [f76b70eae8a32115a48f44d212efec14],
PUP.Optional.CrossRider, C:\Users\Yasmine92\AppData\Local\Temp\9106.exe, En quarantaine, [7fe3fe5ca2e960d606995cf77f85e11f],
PUP.Optional.CheckOffer, C:\Users\Yasmine92\AppData\Local\Temp\nsoA899.tmp\nsCBHTML5.dll, En quarantaine, [3e24cd8ded9eab8ba98acb4b3bc6ce32],
PUP.Optional.Wajam, C:\Users\Yasmine92\AppData\Local\Temp\nsoA899.tmp\wajam_install.exe, En quarantaine, [f0721c3e66250c2a424ad4960af77f81],
PUP.Optional.WindeskWinsearch, C:\Users\Yasmine92\AppData\Local\Temp\nsoA899.tmp\WindeskWinsearch_IN063A.exe, En quarantaine, [342e2634c6c5dc5aa9bf024dd3310bf5],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-0D4IQ.tmp\473.exe, En quarantaine, [b8aa85d533580036f1cc1e236998ab55],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-6GF1I.tmp\465.exe, En quarantaine, [dd85b1a9ff8ce056dde0c978669b52ae],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-BCLVH.tmp\473.exe, En quarantaine, [8ad8560495f6d165d1eca29f3dc4a15f],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-BCLVH.tmp\package_airwebbar_installer_multilang.exe, En quarantaine, [93cf5ffb92f9e650f1ccd46df1102cd4],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-MO6DF.tmp\583.exe, En quarantaine, [d48eef6b2d5eb87e8f2ef34e669b9070],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-MO6DF.tmp\package_AnySend_installer_multilang.exe, En quarantaine, [eb77ca9008831b1b279656eb13ee36ca],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-MO6DF.tmp\package_pzombie_installer_multilang.exe, En quarantaine, [1e44c09a9bf058de7b42e25f60a1d52b],
PUP.Optional.SwiftSearch, C:\Users\Yasmine92\AppData\Local\Temp\is-SOVMO.tmp\465.exe, En quarantaine, [b3af2a3093f80234375080d43dc7619f],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\465.exe, En quarantaine, [1a4888d266259e98546990b1ca371ee2],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\473.exe, En quarantaine, [8ad85efc67244fe728950f32a958fa06],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\583.exe, En quarantaine, [0b57e278e6a58aac14a9152c40c1c040],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\607.exe, En quarantaine, [174b6eecd0bb66d0c2fbb38ea160a858],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\package_airwebbar_installer_multilang.exe, En quarantaine, [9bc7263496f5de580ab3d76a05fc25db],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\package_AnySend_installer_multilang.exe, En quarantaine, [085a3921b4d78fa7ead3c57c4fb29b65],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\package_pcrossbrowser_installer_multilang.exe, En quarantaine, [b7ab95c5c7c4eb4b3d8064dd30d17a86],
PUP.Optional.EoRezo, C:\Users\Yasmine92\AppData\Local\Temp\is-VV7I1.tmp\package_pzombie_installer_multilang.exe, En quarantaine, [263c8fcb9fece84e6e4f79c89e6320e0],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Wiculupsu\1.0.6.1\hailulip.exe.config, En quarantaine, [085a9ac0e8a3ea4ce07269d9f50e3cc4],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Wiculupsu\1.0.6.1\sqlite3.dll, En quarantaine, [085a9ac0e8a3ea4ce07269d9f50e3cc4],
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Wiculupsu\dat.dat, En quarantaine, [085a9ac0e8a3ea4ce07269d9f50e3cc4],
PUP.Optional.WebBar, C:\Windows\System32\config\systemprofile\AppData\Local\WebBar\wb.log, En quarantaine, [570bc4964b403afc193e77116a99f808],
PUP.Optional.Convertor, C:\Users\Yasmine92\AppData\Roaming\PlusN\gup.xml, En quarantaine, [75edb7a30e7df541d3e583146b986799],
PUP.Optional.Convertor, C:\Windows\System32\Tasks\2pP, En quarantaine, [e37fcd8db6d593a3d5092098b64de719],
PUP.Optional.GlobalUpdate, C:\Users\Yasmine92\AppData\Local\Temp\comh.153936\globalupdateHelper.msi, En quarantaine, [451d4d0d8902092d1645fc575ba7b848],
PUP.Optional.GlobalUpdate, C:\Users\Yasmine92\AppData\Local\Temp\comh.428054\globalupdateHelper.msi, En quarantaine, [cd953f1b1e6dae88e6754310659d30d0],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité