cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 05/01/2016
Heure de l'analyse: 13:03
Fichier journal: journal de l'historique d'analyse.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.05.03
Base de données de rootkits: v2015.12.26.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Système de fichiers: NTFS
Utilisateur: PATRICK

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 345718
Temps écoulé: 19 min, 29 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 10
PUP.Optional.Koyote, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Free mp3 Wma Converter, En quarantaine, [d5325fd703969e98a4e8f53dd62b07f9],
PUP.Optional.Pakilan, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ljibkigjccbegnbeojkoafejpoiachej, En quarantaine, [cc3b94a2396085b104d3be0510f258a8],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\DKNNNEMLGGNBPCEOFNCDGNAKMGFNHBLI, En quarantaine, [3acd9a9c7b1e2c0a5a4ceadbfd05b749],
PUP.Optional.Palikan, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\palikan, En quarantaine, [cc3b270f7821bf774daea917887b0ff1],
PUP.Optional.Pakilan, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ljibkigjccbegnbeojkoafejpoiachej, En quarantaine, [b84faa8c5d3ce3538551be0517ebb44c],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\DKNNNEMLGGNBPCEOFNCDGNAKMGFNHBLI, En quarantaine, [dc2b0f2790092d09980f269fdc2628d8],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct3274043, En quarantaine, [39cedd59d8c143f31d10d4f1f1111de3],
PUP.Optional.PCMechanic, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\E15CC4B1_0, En quarantaine, [56b150e6d1c8b6804dbd42db81837888],
PUP.Optional.Wajam, HKU\S-1-5-21-488908626-3959387196-2964971739-1003\SOFTWARE\Wajam, En quarantaine, [6d9a0432bcdde2540cf215c0ce359967],
PUP.Optional.SystemHealer, HKU\S-1-5-21-488908626-3959387196-2964971739-1003\SOFTWARE\SYSTEM HEALER, En quarantaine, [29de33038316b1856c43ce43f90b2dd3],

Valeurs du Registre: 5
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dknnnemlggnbpceofncdgnakmgfnhbli|path, C:\Users\PATRICK\AppData\Local\CRE\dknnnemlggnbpceofncdgnakmgfnhbli.crx, En quarantaine, [3acd9a9c7b1e2c0a5a4ceadbfd05b749]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dknnnemlggnbpceofncdgnakmgfnhbli|path, C:\Users\PATRICK\AppData\Local\CRE\dknnnemlggnbpceofncdgnakmgfnhbli.crx, En quarantaine, [dc2b0f2790092d09980f269fdc2628d8]
PUP.Optional.PCMechanic, HKU\S-1-5-21-488908626-3959387196-2964971739-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\e15cc4b1_0, {0.0.0.00000000}.{cb06cd38-4d78-4c54-87b5-cb235c9100a5}|\Device\HarddiskVolume1\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe%b{00000000-0000-0000-0000-000000000000}, En quarantaine, [56b150e6d1c8b6804dbd42db81837888]
PUP.Optional.SystemHealer, HKU\S-1-5-21-488908626-3959387196-2964971739-1003\SOFTWARE\SYSTEM HEALER|HomePage, http://systemhealer.com/, En quarantaine, [29de33038316b1856c43ce43f90b2dd3]
PUP.Optional.SystemHealer, HKU\S-1-5-21-488908626-3959387196-2964971739-1003\SOFTWARE\SYSTEM HEALER|SupportPage, http://systemhealer.com/support/#contact, En quarantaine, [ce396cca9cfd58de9817858c64a02fd1]

Données du Registre: 1
PUP.Optional.Amonetize, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\{DC8E3~1\235~1.56\tafa.dll, Bon : (), Mauvais : (C:\PROGRA~2\{DC8E3~1\235~1.56\tafa.dll),Remplacé,[aa5dd26457422f070299b7e29a69ab55]

Dossiers: 6
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\xpi, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\xpi\defaults, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\xpi\defaults\preferences, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.Amonetize, C:\ProgramData\{DC8E344D-8C0C-E5CB-3D8A-9549ED0846C7}\2.3.5.56, En quarantaine, [aa5dd26457422f070299b7e29a69ab55],
PUP.Optional.Amonetize, C:\ProgramData\{DC8E344D-8C0C-E5CB-3D8A-9549ED0846C7}, En quarantaine, [aa5dd26457422f070299b7e29a69ab55],

Fichiers: 59
Adware.Boxore, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\BoxoreInstall.exe, En quarantaine, [32d53bfb4554bc7a9b83db9ff808b34d],
PUP.Optional.DealPly, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\dp.exe, En quarantaine, [20e7ce688d0c4aec5d5ec9f7bd47b44c],
PUP.Optional.Iminent, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Iminent_0102-0d89a395.exe, En quarantaine, [3bccec4a2772e650f79271c0eb16e61a],
PUP.Optional.PCMechanic, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\pm-standalone-setup.exe, En quarantaine, [d037eb4bfd9c3501911f978a36cb17e9],
PUP.Optional.Wajam, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\wajam_install.exe, En quarantaine, [6f9879bd5841d85e99f464ca5fa119e7],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\BrowserConnection.dll, En quarantaine, [d532c3735940db5b4b5dfcc93dc7d729],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\DataMngr.dll, En quarantaine, [b84f2c0a227742f4a304656034d00df3],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\DataMngrUI.exe, En quarantaine, [ea1da096c7d272c4ddcae9dcf50ff20e],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\DnsBHO.dll, En quarantaine, [4bbc85b1a6f37eb87137a124b351f20e],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\IEBHO.dll, En quarantaine, [b55259dd7b1e45f1aafeab1a4bb927d9],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\SearchquMediaBar.exe, En quarantaine, [cf381a1c257485b1693e52730301bc44],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\x64\BrowserConnection.dll, En quarantaine, [6d9a989e0693f4428b1d04c1d034fe02],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\x64\DataMngr.dll, En quarantaine, [10f7c571f6a35dd933754f76e81c56aa],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\x64\DataMngrUI.exe, En quarantaine, [0afdd5618d0c93a3c1e612b3f70d966a],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\x64\DnsBHO.dll, En quarantaine, [7b8c7bbba9f0f83e792f6f56c1437d83],
PUP.Optional.Bandoo.AppFlsh, C:\Users\PATRICK\AppData\Roaming\ZHP\Quarantine\Searchqu_DM\x64\IEBHO.dll, En quarantaine, [b0573cfa6f2af442c9dfdaebc143ab55],
PUP.Optional.Koyote, C:\Program Files\Free mp3 Wma Converter\Uninstall.exe, En quarantaine, [d5325fd703969e98a4e8f53dd62b07f9],
Adware.Downloader, C:\Temp\partner66.exe, En quarantaine, [5daa3cfa93069d99c6caa3c82fd1e719],
PUP.Optional.BundleInstaller, C:\Users\PATRICK\AppData\Local\Temp\36cdInstaller.exe, En quarantaine, [ae59e84e9405171f84b38e3661a3f010],
Trojan.RotBrow.A, C:\Users\PATRICK\AppData\Local\Temp\cheE43.tmp, En quarantaine, [7493bb7b2a6f49edf4639325ce328779],
PUP.Optional.SoftPulse, C:\Users\PATRICK\AppData\Local\Temp\instloffer.exe, En quarantaine, [f215fc3a029713234a8fd0812ad7b34d],
PUP.Optional.Vittalia, C:\Users\PATRICK\AppData\Local\Temp\itinstallerp.exe, En quarantaine, [907744f23465092db7e256438080cb35],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\tbBTCo.dll, En quarantaine, [d1361f17f6a363d3512e95299470c937],
PUP.Optional.InstallBrain, C:\Users\PATRICK\AppData\Local\Temp\80A4.tmp, En quarantaine, [878064d2fa9f0234079a9f926d94867a],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\iet79C1.tmp.exe, En quarantaine, [45c29b9b1f7a60d666197e40eb1922de],
Trojan.RotBrowse, C:\Users\PATRICK\AppData\Local\Temp\CC34.tmp, En quarantaine, [7493df5768311f17e7c5e16c8282857b],
Trojan.RotBrow.A, C:\Users\PATRICK\AppData\Local\Temp\che1055.tmp, En quarantaine, [0601e84e960379bdb89f33853cc451af],
PUP.Optional.Conduit, C:\Users\PATRICK\AppData\Local\Temp\che8F6.tmp, En quarantaine, [b65139fdd3c6ed49b5ea72e56e96d828],
PUP.Optional.Babylon, C:\Users\PATRICK\AppData\Local\Temp\E1E2F51A-BAB0-7891-82F8-CD5954BEFB3B\Latest\BExternal.dll, En quarantaine, [26e13105bfda0135f8799b90fa065aa6],
Trojan.RotBrowse, C:\Users\PATRICK\AppData\Local\Temp\E1E2F51A-BAB0-7891-82F8-CD5954BEFB3B\Latest\ccp.exe, En quarantaine, [4eb9d4627a1f96a09f0d50fd2ed60bf5],
PUP.Optional.Babylon, C:\Users\PATRICK\AppData\Local\Temp\E1E2F51A-BAB0-7891-82F8-CD5954BEFB3B\Latest\CrxInstaller.dll, En quarantaine, [b057d95decad8da9a63c69c59968f709],
PUP.Optional.Delta.ShrtCln, C:\Users\PATRICK\AppData\Local\Temp\E1E2F51A-BAB0-7891-82F8-CD5954BEFB3B\Latest\MyBabylonTB.exe, En quarantaine, [15f244f24d4c62d4041c7a3b31cfdc24],
PUP.Optional.Babylon, C:\Users\PATRICK\AppData\Local\Temp\E1E2F51A-BAB0-7891-82F8-CD5954BEFB3B\Latest\Setup.exe, En quarantaine, [c2450c2a0b8ea591d7a26ac134cc33cd],
PUP.Optional.Delta.ShrtCln, C:\Users\PATRICK\AppData\Local\Temp\nsvC65D.tmp\DeltaTB_2501-c733154b.exe, En quarantaine, [57b0fe3886135fd7fce4bade18e86799],
PUP.Optional.Wajam, C:\Users\PATRICK\AppData\Local\Temp\nsvC65D.tmp\wajam_3108-3b9b7359.exe, En quarantaine, [5cab280eb4e5f93dbdd0b37bf50b6a96],
PUP.Optional.BrowseFox, C:\Users\PATRICK\AppData\Local\Temp\is1668783924\yontoo-c4.exe, En quarantaine, [ff0872c498011026eaeb4c76e51fd828],
PUP.Optional.Vittalia, C:\Users\PATRICK\AppData\Local\Temp\nsh7926.tmp\tkDecript.dll, En quarantaine, [b1563afc376264d2cb84cb10d22f867a],
PUP.Optional.Delta.ShrtCln, C:\Users\PATRICK\AppData\Local\Temp\F7E78E30-BAB0-7891-94EF-A20121651BE4\Latest\MyBabylonTB.exe, En quarantaine, [9473e94d06932511a27e189d15eb2ad6],
PUP.Optional.Babylon, C:\Users\PATRICK\AppData\Local\Temp\F7E78E30-BAB0-7891-94EF-A20121651BE4\Latest\BExternal.dll, En quarantaine, [a166bb7bd8c18caa3b36e843c739d52b],
Trojan.RotBrowse, C:\Users\PATRICK\AppData\Local\Temp\F7E78E30-BAB0-7891-94EF-A20121651BE4\Latest\ccp.exe, En quarantaine, [48bf03339108d0668d1fb39a25df9b65],
PUP.Optional.Babylon, C:\Users\PATRICK\AppData\Local\Temp\F7E78E30-BAB0-7891-94EF-A20121651BE4\Latest\CrxInstaller.dll, En quarantaine, [42c564d272273df93da5ef3fd9280ef2],
PUP.Optional.Delta.ShrtCln, C:\Users\PATRICK\AppData\Local\Temp\9B3FD978-BAB0-7891-8C9E-D370F748151B\Latest\MyBabylonTB.exe, En quarantaine, [df28d066455489ade739fdb810f07a86],
Trojan.RotBrowse, C:\Users\PATRICK\AppData\Local\Temp\9B3FD978-BAB0-7891-8C9E-D370F748151B\Latest\ccp.exe, En quarantaine, [58af5cdab8e195a1f3b94706867e26da],
PUP.Optional.Babylon, C:\Users\PATRICK\AppData\Local\Temp\9B3FD978-BAB0-7891-8C9E-D370F748151B\Latest\CrxInstaller.dll, En quarantaine, [0dfacc6a3c5dd46222c04fdf6f92718f],
PUP.Optional.InstallCore, C:\Users\PATRICK\Downloads\Malavida_Download_Manager.exe, En quarantaine, [63a4072ffd9c55e1a44438f9699857a9],
PUP.Optional.InstallCore, C:\Users\PATRICK\Downloads\windows-live-movie-maker.exe, En quarantaine, [13f448ee3a5f34025da007473bc68779],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\manifest.json, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\conduit.xml, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\CT3274043.txt, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\CT3274043.xpi, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\dtime.csf, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\initData.json, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\version.txt, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\xpi\install.rdf, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.ConduitTB.Gen, C:\Users\PATRICK\AppData\Local\Temp\CT3274043\xpi\defaults\preferences\defaults.js, En quarantaine, [c93e6acc3b5edd59d1d8cdf879892ad6],
PUP.Optional.Amonetize, C:\ProgramData\{DC8E344D-8C0C-E5CB-3D8A-9549ED0846C7}\2.3.5.56\Sqlite3.dll, En quarantaine, [aa5dd26457422f070299b7e29a69ab55],
PUP.Optional.Amonetize, C:\ProgramData\{DC8E344D-8C0C-E5CB-3D8A-9549ED0846C7}\2.3.5.56\tafa.dll, En quarantaine, [aa5dd26457422f070299b7e29a69ab55],
PUP.Optional.Conduit, C:\Users\PATRICK\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.vaccint.com_0.localstorage, En quarantaine, [a2652a0c1d7c72c4633ba67314f0bd43],
PUP.Optional.Palikan, C:\Users\PATRICK\AppData\LocalLow\Microsoft\Internet Explorer\Services\Palikan.ico, En quarantaine, [0ff89f979efbaf876a47e33ccc38c13f],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité