cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 25/01/2016
Heure de l'analyse: 19:33
Fichier journal: malwar.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.01.25.03
Base de données de rootkits: v2016.01.20.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Système de fichiers: NTFS
Utilisateur: cino

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 346102
Temps écoulé: 24 min, 7 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 8
PUP.Optional.WdsManPro, HKLM\SOFTWARE\WdsManPro, En quarantaine, [44938cb17a1f92a4dc784cad31d28e72],
PUP.Optional.YourSearching.ShrtCln, HKLM\SOFTWARE\yoursearchingSoftware, En quarantaine, [f2e507368a0f79bd357c052f976d6799],
PUP.Optional.DeskBar, HKLM\SOFTWARE\MICROSOFT\TRACING\DeskBar_RASAPI32, En quarantaine, [b81fe05ddcbd4ee81b499963847f8080],
PUP.Optional.DeskBar, HKLM\SOFTWARE\MICROSOFT\TRACING\DeskBar_RASMANCS, En quarantaine, [706718259aff54e2343049b31de68f71],
PUP.Optional.WindowsProtectionManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WdsManPro, En quarantaine, [51862d10b3e6270f34d679617c864fb1],
PUP.Optional.Searching, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\jlcgehabolcakkjhgmgpkagpolbjlhfa, En quarantaine, [3d9a1e1f5a3faa8c944d4b934ab8fd03],
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{480651E3-BC1B-4BF2-9336-7C7690ED404E}, En quarantaine, [785f1b22c1d8072f8baff844877d9070],
PUP.Optional.DeskCut, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MOZILLA\EXTENDS, En quarantaine, [a92e40fda6f3fa3cbfe3794a9370e51b],

Valeurs du Registre: 5
PUP.Optional.DeskBar, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|DeskBar.exe, 8888, En quarantaine, [c215003ddfbad066a7d185b17d87837d]
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{480651E3-BC1B-4BF2-9336-7C7690ED404E}|URL, http://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G1Lzamobl10924,bdaaceed-81f4-4ad2-90f9-9129cb1764b3,, En quarantaine, [785f1b22c1d8072f8baff844877d9070]
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{480651E3-BC1B-4BF2-9336-7C7690ED404E}|OSDFileURL, http://www-searching.com/opensearch.ashx?s=G1Lzamobl10924,bdaaceed-81f4-4ad2-90f9-9129cb1764b3,, En quarantaine, [934475c86336d0667ebc56e66e9655ab]
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{480651E3-BC1B-4BF2-9336-7C7690ED404E}|FaviconURL, http://www-searching.com/favicon.ico, En quarantaine, [0bcc0538c3d6ac8aa49695a7c73db44c]
PUP.Optional.DeskCut, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MOZILLA\EXTENDS|appid, deskCutv2@gmail.com, En quarantaine, [a92e40fda6f3fa3cbfe3794a9370e51b]

Données du Registre: 1
PUP.Optional.Search.ShrtCln, HKU\S-1-5-21-1821841288-4122943038-2484869299-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www-searching.com/?pid=s&s=G1Lzamobl10924,bdaaceed-81f4-4ad2-90f9-9129cb1764b3,&vp=ch&prd=set_ie, Bon : (www.google.com), Mauvais : (http://www-searching.com/?pid=s&s=G1Lzamobl10924,bdaaceed-81f4-4ad2-90f9-9129cb1764b3,&vp=ch&prd=set_ie),Remplacé,[b91e54e93465ed497b90b10904003fc1]

Dossiers: 4
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\ondemand, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights, En quarantaine, [0dcaa29bcccd33030bcc4093f50d56aa],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\ApplicationHosting, En quarantaine, [24b3f04d4d4c310523cbfcd921e10cf4],

Fichiers: 23
PUP.Optional.HideBaid, C:\Program Files\ppt\Bind.exe, En quarantaine, [ddfa231a7524c472bad9e45e59a86f91],
PUP.Optional.ChinAd, C:\Users\cino\AppData\Local\temp\set.exe, En quarantaine, [7e5967d63960fd39cd3dd6fbf011e61a],
Backdoor.Bifrose.Trace, C:\Users\cino\AppData\Roaming\logs.dat, En quarantaine, [914669d4752444f2aadc9f5aea1926da],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Bamtop.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Config.xml, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Hatlax.dat, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Keyfax.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\md.xml, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Medlight.d.dat, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Medlight.dat, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\PrxCfg.xml, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\ScotSannix.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Tandax.dat, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Unazap.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\uninstall.dat, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Viafresh.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Vilaex.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlight\Xxx-la.bin, En quarantaine, [b81fca73f9a0da5ce8ee04cfa260c53b],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights\ff.HP, En quarantaine, [0dcaa29bcccd33030bcc4093f50d56aa],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights\ff.NT, En quarantaine, [0dcaa29bcccd33030bcc4093f50d56aa],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\Medlights\snp.sc, En quarantaine, [0dcaa29bcccd33030bcc4093f50d56aa],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\ApplicationHosting\ApplicationHosting.dat, En quarantaine, [24b3f04d4d4c310523cbfcd921e10cf4],
PUP.Optional.Linkury.ShrtCln, C:\ProgramData\ApplicationHosting\Config.xml, En quarantaine, [24b3f04d4d4c310523cbfcd921e10cf4],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité