cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 15/12/2015
Heure de l'analyse: 22:29
Fichier journal: antimalwaretxt2.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.12.15.06
Base de données de rootkits: v2015.12.07.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: inou3

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 331332
Temps écoulé: 13 min, 59 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 1
PUP.Optional.WindowsProtectManager, C:\ProgramData\lWdMl\WdMan.exe, 3344, Supprimer au redémarrage, [f27023826e1db383e990c343cb3927d9]

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 10
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\CLASSES\APPID\{ef494946-9425-4a5c-b373-74ccd38e8c48}, En quarantaine, [ef735d48296292a4fcf566f5c042669a],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{EF494946-9425-4A5C-B373-74CCD38E8C48}, En quarantaine, [ef735d48296292a4fcf566f5c042669a],
PUP.Optional.Cassiopessa, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{EF494946-9425-4A5C-B373-74CCD38E8C48}, En quarantaine, [ef735d48296292a4fcf566f5c042669a],
PUP.Optional.VMNToolBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}, En quarantaine, [6ef4109592f955e1dacb2238dd25728e],
PUP.Optional.SoundPlus, HKLM\SOFTWARE\CLASSES\CLSID\{5013A5D0-34A9-489F-BF9A-3A0E34D8902B}, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, HKLM\SOFTWARE\CLASSES\CLSID\{B43F10EC-BD1C-48D5-A123-3DCA3321C187}, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.WindowsProtectManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WdMan, En quarantaine, [f27023826e1db383e990c343cb3927d9],
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}, En quarantaine, [aeb4c4e18a0172c442a15fa1c044fb05],
PUP.Optional.YourSites123.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, En quarantaine, [b5ada104becde353105833d37094aa56],
PUP.Optional.YourSites123.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\yoursites123Software, En quarantaine, [164c3d686c1f87afe288ff076c98ea16],

Valeurs du Registre: 5
PUP.Optional.SoundPlus, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Sound+, "C:\Program Files\Sound+\Sound+.exe", En quarantaine, [f46ebce9aedd49edd6051c8e57aa06fa]
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|URL, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tgsam_15_49&cd=2XzuyEtN2Y1L1Qzu0D0AyD0D0EtB0ByBtAtBzztAyC0EzzyEtN0D0Tzu0StCyEtAtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByByBzyzztD0CtDtGtDtA0ByDtGyE0D0C0EtGtAyE0BtBtGyBtDzz0AyCtC0DyBzy0C0ByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyEyD0D0Fzz0DtCtG0BtD0AzztGyEtByCyEtGzytCzztDtG0D0FyE0ByB0DtDzy0BtBtDtA2QtN0A0LzuyE&cr=445865243&ir=, En quarantaine, [62004a5b9af1bb7be8959eeb23e0be42]
PUP.Optional.Cassiopesa, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}|TopResultURLFallback, http://www.cassiopessa.com/results.php?f=4&q={searchTerms}&a=csp_tgsam_15_49&cd=2XzuyEtN2Y1L1Qzu0D0AyD0D0EtB0ByBtAtBzztAyC0EzzyEtN0D0Tzu0StCyEtAtCtN1L2XzutAtFtCtBtFyDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByByBzyzztD0CtDtGtDtA0ByDtGyE0D0C0EtGtAyE0BtBtGyBtDzz0AyCtC0DyBzy0C0ByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyEyD0D0Fzz0DtCtG0BtD0AzztGyEtByCyEtGzytCzztDtG0D0FyE0ByB0DtDzy0BtBtDtA2QtN0A0LzuyE&cr=445865243&ir=, En quarantaine, [df837b2aa0eb3df97ffe9ced768dd52b]
PUP.Optional.YourSites123.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.yoursites123.com/web/?type=ds&ts=1449666373&z=a288b665a97745b6931c5e6g1z8zet1q2q7qfc2b6q&from=ient07021&uid=WDCXWD10JPVX-60JC3T0_WD-WXT1E15A4FZWA4FZW&q={searchTerms}, En quarantaine, [b5ada104becde353105833d37094aa56]
PUP.Optional.WindowsProtectManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WDMAN|ImagePath, C:\ProgramData\lWdMl\WdMan.exe -svr, En quarantaine, [df837d289bf05bdb91e9a363719306fa]

Données du Registre: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[75ed2a7b206ba393e16bea970cf82bd5]
PUP.Optional.YourSites123.ShrtCln, HKU\S-1-5-21-1217413680-453520946-1221773790-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\MICROSOFTEDGE\MAIN|HomeButtonPage, http://www.yoursites123.com/?type=hp&ts=1449666373&z=a288b665a97745b6931c5e6g1z8zet1q2q7qfc2b6q&from=ient07021&uid=WDCXWD10JPVX-60JC3T0_WD-WXT1E15A4FZWA4FZW, Bon : (http://www.google.com), Mauvais : (http://www.yoursites123.com/?type=hp&ts=1449666373&z=a288b665a97745b6931c5e6g1z8zet1q2q7qfc2b6q&from=ient07021&uid=WDCXWD10JPVX-60JC3T0_WD-WXT1E15A4FZWA4FZW),Remplacé,[273b5055eaa18bab16ab6d1805ffd22e]

Dossiers: 7
PUP.Optional.SoundPlus, C:\Program Files\Sound+, Supprimer au redémarrage, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\config, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.WindowsProtectManager, C:\ProgramData\lWdMl, Supprimer au redémarrage, [f27023826e1db383e990c343cb3927d9],
PUP.Optional.WindowsProtectManager, C:\ProgramData\lWdMl\aaaa, En quarantaine, [f27023826e1db383e990c343cb3927d9],
PUP.Optional.WindowsProtectManager, C:\ProgramData\pWdMp, En quarantaine, [59091194098289ad19605aac0103c739],
PUP.Optional.WindowsProtectManager, C:\ProgramData\pWdMp\aaaa, En quarantaine, [59091194098289ad19605aac0103c739],
PUP.Optional.SoundPlus, C:\Users\inou3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0, En quarantaine, [b1b1bce90d7e9d9925706e3917ebcf31],

Fichiers: 60
PUP.Optional.SoundPlus, C:\Program Files\Sound+\Sound+.exe, En quarantaine, [f46ebce9aedd49edd6051c8e57aa06fa],
PUP.Optional.MaxDriverUpdater, C:\Users\inou3\AppData\Local\Temp\0TKBI9UA4N\newversion.exe, En quarantaine, [f46eaafb6625ad89fde1e36730d1b44c],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\inou3\AppData\Local\Temp\is-03JS6.tmp\306.exe, En quarantaine, [b9a9a7fe1c6f46f0dbcbbedf13f113ed],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\inou3\AppData\Local\Temp\is-0DCA6.tmp\306.exe, En quarantaine, [8ad8d2d31279bc7ae0c6e0bd24e006fa],
PUP.Optional.InstallMonster, C:\Users\inou3\AppData\Local\Temp\is-0HLQF.tmp\prsetup.exe, En quarantaine, [87dba9fc25669a9c3d7276417f82f30d],
PUP.Optional.EoRezo, C:\Users\inou3\AppData\Local\Temp\is-16S10.tmp\package_istartsurfp_installer_multilang.exe, En quarantaine, [4d15abfa1a7171c529b7b5786f92649c],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-27AIM.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [471b2085b6d52d09b0aee6cf35cc9a66],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-2RPJK.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [4022cdd8810aa294ca94caeb7f82db25],
PUP.Optional.EoRezo, C:\Users\inou3\AppData\Local\Temp\is-3QBH4.tmp\package_istartsurfp_installer_multilang.exe, En quarantaine, [b2b07f2696f573c39d43ef3e91705fa1],
PUP.Optional.EoRezo, C:\Users\inou3\AppData\Local\Temp\is-4CN7L.tmp\package_istartsurfp_installer_multilang.exe, En quarantaine, [b7ab1194593252e4f1efa48936cbbc44],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-5EPT4.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [045ed7ce2269fb3bb9a54174cb3628d8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\inou3\AppData\Local\Temp\is-5NG5V.tmp\306.exe, En quarantaine, [2f336045543786b0f2b41b821ce8b44c],
PUP.Optional.EoRezo, C:\Users\inou3\AppData\Local\Temp\is-7DL8F.tmp\package_istartsurfp_installer_multilang.exe, En quarantaine, [69f9cdd81d6e9e9840a02a03a55c649c],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-C8J92.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [e77bc0e5d1ba2f0769f5a90c778a21df],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-CEQ50.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [eb7771345437c57194ca7d38c041e61a],
PUP.Optional.EoRezo, C:\Users\inou3\AppData\Local\Temp\is-CVR0O.tmp\package_istartsurfp_installer_multilang.exe, En quarantaine, [7ae8753094f75cdaf3edc36ae021e51b],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-EMS9N.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [b5adc6dfb3d8270fde804d683ac7629e],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\inou3\AppData\Local\Temp\is-FFQEP.tmp\306.exe, En quarantaine, [e082cadbcebda195b9edaeefc73d916f],
PUP.Optional.EoRezo, C:\Users\inou3\AppData\Local\Temp\is-OQCNL.tmp\package_istartsurfp_installer_multilang.exe, En quarantaine, [7de58223b5d657df3ea271bcba47ba46],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\is-RB5A7.tmp\Z2VudGxlbWptcF9pZXU=.exe, En quarantaine, [4220e8bd7c0f85b11e4034812cd5c23e],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\inou3\AppData\Local\Temp\is-VHFUD.tmp\306.exe, En quarantaine, [c69cc7deb8d31026277f1d8022e221df],
PUP.Optional.MaxDriverUpdater, C:\Users\inou3\AppData\Local\Temp\MU2X8MLBBK\newversion.exe, En quarantaine, [60029312fd8e290d3da1ae9c08f98e72],
PUP.Optional.CheckOffer, C:\Users\inou3\AppData\Local\Temp\nsjFCD2.tmp\nsCBHTML5.dll, En quarantaine, [085aa104652683b3ed757f888e733cc4],
PUP.Optional.MaxDriverUpdater, C:\Users\inou3\AppData\Local\Temp\ONKOJA39AF\newversion.exe, En quarantaine, [79e982233d4e3ff7db031f2b8a777888],
PUP.Optional.MaxDriverUpdater, C:\Users\inou3\AppData\Local\Temp\XT7ADDEU6X\newversion.exe, En quarantaine, [4a182a7b335862d4ad31b199857cb848],
PUP.Optional.Tuto4PC, C:\Users\inou3\AppData\Local\Temp\XT7ADDEU6X\SVH.exe, En quarantaine, [d78b4362b2d9f343602dc475db25946c],
PUP.Optional.Wajam, C:\Users\inou3\AppData\Local\Temp\5bcd76c7-d57d-4eca-9d6a-7ecb72a12b5c\wwe_1.54.1.13.exe, En quarantaine, [b5adb5f04942ec4a44e6b49cd031da26],
PUP.Optional.MyStartTB.ShrtCln, C:\Users\inou3\AppData\Local\Temp\5d0775cb-471f-4ddd-97be-5c55a5bdff02\mystarttb_5.5.0.2_samba.exe, En quarantaine, [8bd7485db5d6e3533d66693d28d8c33d],
PUP.Optional.OneSystemCare, C:\Users\inou3\AppData\Local\Temp\c795163e-2bf3-46aa-8ba8-b4af486b631d\onesystemcare.exe, En quarantaine, [530f5055117a9e98dfe2aff70ef6ac54],
PUP.Optional.MaxDriverUpdater, C:\Users\inou3\AppData\Local\Temp\KNRYTIPCOJ\newversion.exe, En quarantaine, [7be742633d4e63d356882e1c3bc6c739],
PUP.Optional.MaxDriverUpdater, C:\Users\inou3\AppData\Local\Temp\H0RDJL340V\newversion.exe, En quarantaine, [9bc7f2b3484343f3fce264e6936ebc44],
PUP.Optional.WebBar, C:\Users\inou3\AppData\Local\Temp\13789806-009f-4394-b98c-fb9a8036cd21\web_bar_setup_is2.exe, En quarantaine, [7ee4e2c33d4eeb4b9e5557dbfe03ca36],
PUP.Optional.OneSystemCare, C:\Users\inou3\AppData\Local\Temp\1cdca5fc-76aa-4846-9881-b8dc86a7d8a9\onesystemcare.exe, En quarantaine, [09591f86c2c9d06689382e78b84ccd33],
FraudTool.YAC, C:\Users\inou3\Downloads\yet_another_cleaner_bro (1).exe, En quarantaine, [b3af693ced9ed660524cfca212f28779],
FraudTool.YAC, C:\Users\inou3\Downloads\yet_another_cleaner_bro (2).exe, En quarantaine, [e57d792c2863a78f7628d0ce1ce8c63a],
FraudTool.YAC, C:\Users\inou3\Downloads\yet_another_cleaner_bro.exe, En quarantaine, [4f132c798605280ecfcfb0ee5da756aa],
PUP.Optional.Goobzo, C:\Windows\rsrcs.dll, En quarantaine, [bea48d18f09b88aee7e895205aa746ba],
PUP.Optional.Search, C:\Users\inou3\AppData\Local\Temp\Saerch.lnk, En quarantaine, [5d056e37206b16208b2361485da5867a],
PUP.Optional.BrowserAir, C:\Users\inou3\AppData\Local\Temp\BrowserAirInst.exe, En quarantaine, [91d1cbda77140f279d4acedc768c03fd],
PUP.Optional.MyStartTB.ShrtCln, C:\Users\inou3\AppData\Local\Temp\mystarttb_Install_Log.txt, En quarantaine, [7de5277eddae68ce2db81365877ccc34],
PUP.Optional.MyStart, C:\Users\inou3\AppData\Local\Temp\mystart-manifest.xml, En quarantaine, [ca98f7aec1cac274ec6f3d6ba55e2cd4],
PUP.Optional.MyStart, C:\Users\inou3\AppData\Local\Temp\mystart-toolbar.xml, En quarantaine, [b2b001a4632844f27ddfe5c315ee2fd1],
PUP.Optional.Cassiopesa, C:\Users\inou3\AppData\LocalLow\Microsoft\Internet Explorer\Services\Tny_Cassiopesa.ico, En quarantaine, [ec769015d7b44beb4c1528a4ad56c33d],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\silentunconfigurator.exe, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\backup_Realtek High Definition Audio_Haut-parleur_Ecouteurs.reg, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\silentconfigurator.exe, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\SoundP.dll, Supprimer au redémarrage, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\Uninstall.exe, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\config\SoundP.conf, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\config\SoundP.err, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\config\SoundPLinks.conf, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.SoundPlus, C:\Program Files\Sound+\config\SoundPUser.conf, En quarantaine, [0f53b3f2a4e7999d2261fc04de2655ab],
PUP.Optional.AdNetworkPerformance, C:\Users\inou3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, En quarantaine, [fb67cfd604876ccaf9d962a39470a858],
PUP.Optional.AdNetworkPerformance, C:\Users\inou3\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, En quarantaine, [d29004a10b80a78f17bbfe07ad571fe1],
PUP.Optional.WindowsProtectManager, C:\ProgramData\lWdMl\WdMan.exe, Supprimer au redémarrage, [f27023826e1db383e990c343cb3927d9],
PUP.Optional.WindowsProtectManager, C:\ProgramData\lWdMl\aaaaconf, En quarantaine, [f27023826e1db383e990c343cb3927d9],
PUP.Optional.WindowsProtectManager, C:\ProgramData\pWdMp\WdMan.exe, En quarantaine, [59091194098289ad19605aac0103c739],
PUP.Optional.WindowsProtectManager, C:\ProgramData\pWdMp\aaaaconf, En quarantaine, [59091194098289ad19605aac0103c739],
PUP.Optional.SoundPlus, C:\Users\inou3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0\Sound+.lnk, En quarantaine, [b1b1bce90d7e9d9925706e3917ebcf31],
PUP.Optional.SoundPlus, C:\Users\inou3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sound+ 1.0\Uninstall.lnk, En quarantaine, [b1b1bce90d7e9d9925706e3917ebcf31],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité