cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 24/01/2016
Heure de l'analyse: 18:51
Fichier journal: Rapport Malware.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.24.05
Base de données de rootkits: v2016.01.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Serop

Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 601324
Temps écoulé: 3 h, 42 min, 36 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 12
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, , [383dc07d3e5b1620e7c284aad133de22],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\CLASSES\PCSU.Registry, , [4332f746f6a32d09777fe8f31fe41ce4],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\CLASSES\PCSU.Registry.1, , [4a2b7dc0cdcc5dd97680419a7f844ab6],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\WOW6432NODE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, , [086db489f6a3ca6cedbcc16d8b79a15f],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PCSU.Registry, , [cea7f4494e4b7db9a25417c434cf1ae6],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PCSU.Registry.1, , [0273c5788712f93d995d06d5897af10f],
PUP.Optional.PCCleanPlus, HKLM\SOFTWARE\WOW6432NODE\PC\CLEAN\Plus, , [8fe60b324851191d43cf192439cb8d73],
PUP.Optional.Shopperz.BrwsrFlsh, HKU\.DEFAULT\SOFTWARE\MICROSOFT\INTERNET EXPLORER\INTERNETREGISTRY\REGISTRY\USER\S-1-5-18\SOFTWARE\shopperz240120161253, , [f97cd8655c3d73c3fafc6dc9e61e41bf],
PUP.Optional.Komodia, HKU\S-1-5-21-646260728-1802877308-3728991705-1002\SOFTWARE\INSTALLPATH\STATUS, , [84f151eca9f015213e24290f4fb5d52b],
PUP.Optional.PCCleanPlus, HKU\S-1-5-21-646260728-1802877308-3728991705-1002\SOFTWARE\PC\CLEAN\Plus, , [7ef70b326633bc7a40d02518e61ec43c],
PUP.Optional.MultiPlug, HKU\S-1-5-21-646260728-1802877308-3728991705-1002_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [a1d462dbbcddae88957edb24af54c23e],
PUP.Optional.MultiPlug, HKU\S-1-5-21-646260728-1802877308-3728991705-1002_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [a1d462dbbcddae88957edb24af54c23e],

Valeurs du Registre: 1
PUP.Optional.Komodia, HKU\S-1-5-21-646260728-1802877308-3728991705-1002\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, Y, , [84f151eca9f015213e24290f4fb5d52b]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.VBates, C:\Users\Serop\AppData\LocalLow\Company\Product\1.0, , [9bda66d71188e94d81405ea0ae556997],
PUP.Optional.VBates, C:\Users\Serop\AppData\LocalLow\Company\Product, , [9bda66d71188e94d81405ea0ae556997],
Adware.LaSuperba, C:\uninst, , [b3c287b616831a1c61b6b638e61ea060],

Fichiers: 68
Rootkit.Komodia.PUA, C:\WINDOWS\SYSTEM32\drivers\bsdriver.sys, , [2597ece3cab548c4ba4bc3798a672301],
PUP.Optional.Cherimoya, C:\WINDOWS\SYSTEM32\drivers\cherimoya.sys, , [2fed22167820da74dd6ffd68f375166b],
PUP.Optional.Nosibay, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\B92OX0R41.exe, , [d1a4ec517a1f64d2859d7172877dc937],
PUP.Optional.Cherimoya, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\bsdriver.sys, , [1e5741fce0b996a0364b36af5fa5c739],
PUP.Optional.Cherimoya, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\cherimoya.sys, , [45308ab3bfdafe38b7ca8f56ec188f71],
PUP.Optional.PCSpeedUp, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\pcspeedup_V7R80D1ER_.exe, , [027392ab4f4a7bbbbabf40f61fe2748c],
PUP.Optional.PCSpeedUp, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\V7R80D1ER.exe, , [690c112ccdcc83b3f089280ed92835cb],
PUP.Optional.YesSearches, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\ACGPro.DIR\ACGPro Update\ACGPro.exe, , [ff7657e68514102655b6d7ff42bf9967],
Trojan.Downloader, C:\Users\Serop\AppData\Roaming\ZHP\Quarantine\SearchesToYesbnd.DIR\executer.exe, , [4233033a485138fee4722db0b24fcd33],
PUP.Optional.SoundPlus, C:\AdwCleaner\Quarantine\C\Program Files\SOUND+\Sound+.exe.vir, , [6411cd70693074c2d65d664aba47ed13],
PUP.Optional.SoundPlus, C:\AdwCleaner\Quarantine\C\Program Files\SOUND+\uninstaller.exe.vir, , [581dd36a1089181e46c1ded8c63eee12],
PUP.Optional.PCSpeedUp, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Accelerer PC\PCSpeedUp.sys.vir, , [264faf8e4f4a2b0b9adfef47728fb050],
PUP.Optional.PCSpeedUp, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Accelerer PC\PCSUUCC.exe.vir, , [95e0112ca6f396a07cfd73c3f110639d],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DBAB96BD-1453635874-E111-BC80-10BF4847877D\hnsm8E8.tmp.vir, , [066f35083d5cbe7872eb82d3cf334ab6],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DBAB96BD-1453635874-E111-BC80-10BF4847877D\jnsgF1EC.tmp.vir, , [3f36af8ed7c273c3520dea6bf1116c94],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DBAB96BD-1453635874-E111-BC80-10BF4847877D\vnsg8F9A.tmp.vir, , [3540c677a4f5a98de1ac97c408fa06fa],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Program Files (x86)\DBAB96BD-1453635978-E111-BC80-10BF4847877D\vnsm2373.tmp.vir, , [334295a89dfcad8934fabb1b956c7d83],
PUP.Optional.Tuto4PC, C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_fr_005010216\gamesdesktop_widget.exe.vir, , [591c91acd7c2bc7ac344f75cea16af51],
Adware.EoRezo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_fr_005010216\gmsd_fr_005010216.exe.vir, , [4035dd6090098da9525e64227e833ac6],
Adware.EoRezo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_fr_005010216\predm.exe.vir, , [195cc27ba3f6d5616a5ae8e348b9e61a],
PUP.Optional.NoteUp, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Note-up\Note-up.exe.vir, , [6d08003dcfcae94d597f6aee23decb35],
PUP.Optional.PCCleanPlus, C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe.vir, , [d0a57cc18910d06672a3ce0c38c9a65a],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\AZDLL.dll.vir, , [6c09a39a7d1c3ff78ca31ab2857cce32],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\AZDLL64.dll.vir, , [aec784b9326790a60c23399310f13ac6],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\AZDLL64.exe.vir, , [6d0878c5e4b5df574ee115b7d928e818],
PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcengine.dll.vir, , [32432b121683c670c1c25374e31e58a8],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcengine.exe.vir, , [6c09a19c3c5d0c2adb54b4184bb67c84],
PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcengine64.dll.vir, , [1362ea53742560d685fedee94eb356aa],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcenginecert.dll.vir, , [babb6dd0a2f7ff3745ea913b20e13ac6],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcinstaller.exe.vir, , [8aebb18c1c7d24126220b2152bd6fa06],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcwfp.sys.vir, , [bdb8013c8a0f80b60b7756714eb3eb15],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcwfp64.sys.vir, , [4233ba839ffa053198ea56719968a15f],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zengine.exe.vir, , [1d587cc11b7e49edfb344884bb4646ba],
PUP.Optional.Komodia, C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zengine64.exe.vir, , [393c43fa3b5edb5b29069834d22f6d93],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro3\ShopperPro3.dll.vir, , [beb7e35a09903df9d9a7c0947f81857b],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro3\ShopperPro364.dll.vir, , [1e57bb8270293ff7a3dd4a0a1ce48977],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro3\JSDriver\jsdrv.exe.vir, , [0a6bc37ac3d6eb4b110ff0e10bf619e7],
PUP.Optional.ShopperPro, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro3\JSDriver\jsdrv.sys.vir, , [0f66e5587c1d5fd794d2dff143be9967],
PUP.Optional.WindoWeather, C:\AdwCleaner\Quarantine\C\Program Files (x86)\WindoWeather\uninst.exe.vir, , [2c499aa3237640f6fe896765cc356898],
PUP.Optional.WindoWeather, C:\AdwCleaner\Quarantine\C\Program Files (x86)\WindoWeather\WindoWeather.exe.vir, , [542194a9693077bf7a3661f215eb35cb],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro3\ShopperPro3.dll.vir, , [2e47fb42fd9c91a5017f83d138c82cd4],
PUP.Optional.Goobzo, C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro3\ShopperPro364.dll.vir, , [df961627732686b08cf45bf957a9b44c],
PUP.Optional.CouponMarvel, C:\AdwCleaner\Quarantine\C\ProgramData\TomorrowGames\uninstall.exe.vir, , [3c390b32aaef6dc9b9676b27ba47a060],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Local\DBAB96BD-1453639571-E111-BC80-10BF4847877D\snsrC8F.tmp.vir, , [9ed7e45926731e182a69bf1bb84927d9],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Local\DBAB96BD-1453640135-E111-BC80-10BF4847877D\qnsvA297.tmp.vir, , [a1d4c27b9bfe33032996577a5aa7f010],
Adware.EoRezo, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Local\gmsd_fr_005010216\upgmsd_fr_005010216.exe.vir, , [185d7fbecbcef83eb85f467e709121df],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\ASPackage\ASPackage.exe.vir, , [0b6a2617fe9bd066012db1258e737b85],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock Uninstall.exe.vir, , [472ec17c0c8d181efe24ae3551b324dc],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock Update.exe.vir, , [b9bc0a3328712a0cae742bb87292a45c],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe.vir, , [4134d4693069132379a9a63d4fb5a55b],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe.vir, , [611446f750490432869c9f449074a858],
PUP.Optional.ConvertAd, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\NUIns\NUIns.exe.vir, , [d2a31b2236631125187590cba65c21df],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\Store\WindApp\WindApp Uninstall.exe.vir, , [a5d09f9ec6d39f97d34f7370a4604fb1],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\Store\WindApp\WindApp Update.exe.vir, , [e98cb489a2f786b03ce62ab93dc79c64],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\WTools\Selection Tools\Selection Tools Uninstall.exe.vir, , [85f0eb528b0e7cbaac7640a321e30bf5],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\WTools\Selection Tools\Selection Tools Update.exe.vir, , [81f4ac91bcdd7eb845dd5a89b450c13f],
PUP.Optional.Nosibay, C:\AdwCleaner\Quarantine\C\Users\Serop\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe.vir, , [cbaa4af301981d191f03ca1905ff1ee2],
Trojan.FilePatch.DNSApi, C:\AdwCleaner\Quarantine\C\Windows\SysNative\dnsapi.dll.vir, , [522357e65544e74ff48def11ba46bc44],
PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Windows\SysNative\zcengine64.dll.vir, , [136214291a7fcd69582b09be2dd48779],
Trojan.FilePatch.DNSApi, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\dnsapi.dll.vir, , [e5906ecfcecb1422d0b08e729c64bf41],
PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\zcengine.dll.vir, , [3f36f8457029fc3a98eb6a5d80817d83],
PUP.Optional.VBates, C:\Users\Serop\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, , [9bda66d71188e94d81405ea0ae556997],
PUP.Optional.VBates, C:\Users\Serop\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, , [9bda66d71188e94d81405ea0ae556997],
PUP.Optional.Komodia, C:\Windows\Temp\zcengine.log, , [571e91ac198037ff52ac72c507fd7090],
Adware.LaSuperba, C:\uninst\uninstall.html, , [b3c287b616831a1c61b6b638e61ea060],
PUP.Optional.YesSearches, C:\Users\Serop\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml, , [80f54df0099041f501843fafe123ae52],
PUP.Optional.YesSearches, C:\Users\Serop\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js, Bon : (), Mauvais : (user_pref("browser.search.searchengine.url", "http://www.yessearches.com/chrome.php?mode=ffseng&ptid=sqr&q={searchTerms}&ts=AHEpAnMnBH8oAE..&uid=74A7AD54BAC65C2F11D319B7659581E6&v=20160108");), ,[8ee79ca13a5f8caa8c27f6f88f75dc24]
PUP.Optional.HijackHosts.Gen, C:\Windows\System32\nuzb\fhj\khfi.dat, , [74010e2f96031e187d5cd910ce3609f7],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité