cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 04/01/2016
Heure de l'analyse: 12:12
Fichier journal: MBAM.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.09.22.05
Base de données de rootkits: v2015.12.26.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Elisa

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 405419
Temps écoulé: 39 min, 53 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 10
Trojan.FakeMS, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\System Update kb70007, En quarantaine, [1bd2b9795c2fbc7a3e0a37148a77936d],
PUP.Optional.FTDownloader, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bbffdhejhaoiflnpooogkckfdcmmjppn, En quarantaine, [99540a28d2b96ec8f0e5b9e3fc0835cb],
PUP.Optional.FTDownloader, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\lgnbhdnimikkoodkogjlcllngimhlapp, En quarantaine, [6e7f45edcfbc0b2bf9de9507887c0bf5],
PUP.Optional.SlickSavings, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, En quarantaine, [85688ea47813b38353d83d7ff70d6b95],
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HBCENNHACFAAGDOPIKCEGFCOBCADEOCJ, En quarantaine, [10dd4ee43655c3731f2cc8f6719352ae],
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ICDLFEHBLMKLKIKFIGMJHBMMPMKMPOOJ, En quarantaine, [d91458dae8a3b18526256e50cf357e82],
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PFNDAKLGOLLADNIICKLEHHANCNLGOCPP, En quarantaine, [d716ee44c1ca93a33219546a798ba060],
PUP.Optional.FTDownloader, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\FTdownloader V7.0, En quarantaine, [3fae2e04791259ddd9f7cece61a3cc34],
PUP.Optional.GoPhoto, HKU\S-1-5-21-1173956183-3864705670-133296147-1001\SOFTWARE\COOL MIRAGE LTD\gophotoit, En quarantaine, [11dc5ed4dbb0ac8a12aa128c45bf59a7],
PUP.Optional.SystemUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\System Update kb70007, En quarantaine, [c02d3ff393f82313e50ab4760300df21],

Valeurs du Registre: 5
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj|path, C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx, En quarantaine, [10dd4ee43655c3731f2cc8f6719352ae]
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj|path, C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx, En quarantaine, [d91458dae8a3b18526256e50cf357e82]
PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp|path, C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx, En quarantaine, [d716ee44c1ca93a33219546a798ba060]
PUM.Bad.Proxy, HKU\S-1-5-19\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, En quarantaine, [985539f98ffcec4a6c8e591e30d422de]
PUM.Bad.Proxy, HKU\S-1-5-20\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, En quarantaine, [8b6250e2602b4ee86397601712f2ed13]

Données du Registre: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[6c8190a29cefcb6be61f294b3acb11ef]

Dossiers: 15
PUP.Optional.CoolMirage, C:\Users\Elisa\AppData\Roaming\Cool Mirage Ltd, En quarantaine, [8d603ef4d0bb68ce4b96533dc242817f],
PUP.Optional.CoolMirage, C:\Users\Elisa\AppData\Roaming\Cool Mirage Ltd\1.8.29.5, En quarantaine, [8d603ef4d0bb68ce4b96533dc242817f],
PUP.Optional.CoolMirage, C:\Users\Elisa\AppData\Roaming\Cool Mirage Ltd\gophotoit, En quarantaine, [8d603ef4d0bb68ce4b96533dc242817f],
PUP.Optional.CoolMirage, C:\Users\Elisa\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5, En quarantaine, [8d603ef4d0bb68ce4b96533dc242817f],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.CrossRider, C:\Users\Elisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kfakeonomonapccoamcmdgpoaicnpnoo, En quarantaine, [e50863cf94f73006241a7e95bd460df3],
PUP.Optional.GoPhoto, C:\Users\Elisa\AppData\LocalLow\Cool Mirage Ltd\gophotoit, En quarantaine, [d6171220216a2d09c835ac6c9d660df3],
PUP.Optional.Spigot, C:\Users\Elisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj, En quarantaine, [a74652e02e5d4de903b479b0e023d12f],
PUP.Optional.Spigot, C:\Users\Elisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\icdlfehblmklkikfigmjhbmmpmkmpooj, En quarantaine, [a746032f5635b97dd3e5bd6cbe45ba46],
PUP.Optional.Spigot, C:\Users\Elisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mhkaekfpcppmmioggniknbnbdbcigpkk, En quarantaine, [7776f141612afd39e6d44edb857e7987],
PUP.Optional.Spigot, C:\Users\Elisa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp, En quarantaine, [2ac385adbdce3006c4f836f3f80b2cd4],
PUP.Optional.SystemUpdater, C:\Windows\Microsoft\System Update kb70007, En quarantaine, [c02d3ff393f82313e50ab4760300df21],

Fichiers: 26
Trojan.FakeMS, C:\Windows\Microsoft\System Update kb70007\WINDOWSUPDATER.EXE, En quarantaine, [1bd2b9795c2fbc7a3e0a37148a77936d],
PUP.Optional.AdPeak, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\netfilter64.sys, En quarantaine, [8e5f5bd78a0165d15df57f2bbd486e92],
PUP.Optional.PCPerformer, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\roboot64.exe, En quarantaine, [9f4e12200b8032043c3e3523df2119e7],
PUP.Optional.Desk365, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\Desk 365\components\libcef_1.1364_wallpaper.exe, En quarantaine, [3ab34de538539c9a0bd1862121e4936d],
PUP.Optional.Desk365, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\eIntaller\64F0E380BF8F4f1e9D7207972F16962E\Desk365.exe, En quarantaine, [41ac9e94abe0d75f332400bbd928738d],
PUP.Optional.DealPly, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\eIntaller\682C6E1BBD7E4f1592B7E0F095ABB60A\dp.exe, En quarantaine, [9a539e94ddae261047943b6c1aebbf41],
PUP.Optional.NextLive, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\genienext\nengine.dll, En quarantaine, [7e6fce649af150e6582d5f5f976af40c],
PUP.Optional.Desk365, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\Omiga Plus\wallpaper_components.exe, En quarantaine, [f6f72f036f1c2e08e2fa30779a6b37c9],
PUP.Optional.Amonetize, C:\Users\Elisa\AppData\Roaming\ZHP\Quarantine\SwvUpdater\Updater.exe, En quarantaine, [8469171b2b60ba7c17a1b241738dd62a],
PUP.Optional.AdPeak, C:\temp\t.msi, En quarantaine, [d716a48e107bd363ed953e1e50b56b95],
PUP.Optional.Somoto, C:\Windows\Installer\21c863.msi, En quarantaine, [f1fcbc761477fe383c6450ca6a973bc5],
PUP.Optional.CoolMirage, C:\Users\Elisa\AppData\Roaming\Cool Mirage Ltd\sqlite3.dll, En quarantaine, [8d603ef4d0bb68ce4b96533dc242817f],
PUP.Optional.CoolMirage, C:\Users\Elisa\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx, En quarantaine, [8d603ef4d0bb68ce4b96533dc242817f],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\lsdb.js, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\background.html, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\content.js, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\kk9Gg_slzZv.js, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\manifest.json, En quarantaine, [11dc56dc4b40e84e67b0c6e763a132ce],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\lsdb.js, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\background.html, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\content.js, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\kk9Gg_slzZv.js, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljlfhkhmoffbechibmlhflfjnnkapkco\2.2\manifest.json, En quarantaine, [ffee5cd6acdfcb6ba96e129b5da7857b],
PUP.Optional.SystemUpdater, C:\Windows\Microsoft\System Update kb70007\Installer.dll, En quarantaine, [c02d3ff393f82313e50ab4760300df21],
PUP.Optional.SystemUpdater, C:\Windows\Microsoft\System Update kb70007\win32.reg, En quarantaine, [c02d3ff393f82313e50ab4760300df21],
PUP.Optional.SystemUpdater, C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe, En quarantaine, [c02d3ff393f82313e50ab4760300df21],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité