cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 05/03/2016
Heure de l'analyse: 13:54
Fichier journal: rapport malwarebyte.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.03.05.03
Base de données de rootkits: v2016.02.27.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: cash-cash

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 444258
Temps écoulé: 30 min, 35 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 1
PUP.Optional.Tuto4PC, HKU\S-1-5-21-556216214-171715033-564700377-1002\SOFTWARE\MICROSOFT\OTUT, En quarantaine, [121598ec6534ed493fd1c7b4cd37d62a],

Valeurs du Registre: 7
PUP.Optional.Iminent, HKU\S-1-5-21-556216214-171715033-564700377-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [65c222625d3cc373ba2a5160d62c23dd],
PUP.Optional.Iminent, HKU\S-1-5-21-556216214-171715033-564700377-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [65c222625d3cc373ba2a5160d62c23dd],
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_en_037050257, "C:\Program Files (x86)\mbot_en_037050257\mbot_en_037050257.exe", En quarantaine, [63c489fb73260036e7b10afeeb1930d0]
PUP.Optional.MobilePCStarterKit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mpck_en_005030257, "C:\Program Files (x86)\mpck_en_005030257\mpck_en_005030257.exe", En quarantaine, [f136077d9ffa82b41ea8030911f342be]
PUP.Optional.Recover, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|rec_fr_216, "C:\Program Files (x86)\rec_fr_216\rec_fr_216.exe", En quarantaine, [9e89bbc9d0c9ea4cb7d62de8877d49b7]
PUP.Optional.Tuto4PC, HKU\S-1-5-21-556216214-171715033-564700377-1002\SOFTWARE\MICROSOFT\OTUT|product, tutoproduct, En quarantaine, [121598ec6534ed493fd1c7b4cd37d62a]
PUP.Optional.Tuto4PC, HKU\S-1-5-21-556216214-171715033-564700377-1002\SOFTWARE\MICROSOFT\OTUT|partner, tuto, En quarantaine, [83a4c1c3bcddf73f937d5c1fc83cd52b]

Données du Registre: 2
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[899eff858514d561f55665987f85fb05]
Hijack.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|userinit, wscript C:\WINDOWS\run.vbs,, Bon : (userinit.exe), Mauvais : (wscript C:\WINDOWS\run.vbs,),Remplacé,[c364bbc91c7de551f457ad50fe06de22]

Dossiers: 1
PUP.Optional.ConvertAd, C:\Users\cash-cash\AppData\Local\E99EC000-1457135213-1086-8A75-237792E56B63, En quarantaine, [0d1ab3d14653f93d6285a54db84b0ef2],

Fichiers: 43
Adware.ConvertAd, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\ASPackage\ASPackage.exe, En quarantaine, [5ec91e66dcbdba7cf9907b8204fd58a8],
Adware.ConvertAd, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\ASPackage\Uninstall.exe, En quarantaine, [cc5ba6de55442412d7b254a95ca5b44c],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\mpck_en_005030257\predm.exe, En quarantaine, [36f187fd2970ef475dbb3f1bad53bf41],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\mpck_en_005030257\mpck_en_005030257\upmpck_en_005030257.exe, En quarantaine, [0a1d6c183861d2644962834b43be847c],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\rec_fr_216\predm.exe, En quarantaine, [b3747c08d0c91b1bfe1ad58542becf31],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\rec_fr_216\rec_fr_216.exe, En quarantaine, [1f0840445049ef472f32a9e8837ed927],
PUP.Optional.PennyBee, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\shopperz040320160936\unins000.exe, En quarantaine, [ae79caba8f0a2115abdae5e5ea17b749],
PUP.Optional.SpaceSoundPro, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\Sound+\idscservice.exe, En quarantaine, [1b0c9fe51188a3934fecd321827f55ab],
PUP.Optional.SpaceSoundPro, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\Sound+\uninstaller.exe, En quarantaine, [34f32e56c6d3e84eff3c4ca8867bd729],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\SunnyDay3\predm.exe, En quarantaine, [51d6533192071f17cd4b78e241bf619f],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\SunnyDay3\SunnyDay.exe, En quarantaine, [cc5be2a28b0e63d36bf698f93bc647b9],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\SunnyDay3\SunnyDay3\usun.exe, En quarantaine, [c760661e02973006b1fa3a9425dc8b75],
PUP.Optional.TrailerTime, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\TrailerTime.DIR\Uninstall.exe, En quarantaine, [aa7d780cc5d496a02dbb9e398e7342be],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\mbot_en_037050257\predm.exe, En quarantaine, [55d2caba871239fd5fb99cbee818837d],
Adware.EoRezo, C:\Users\cash-cash\AppData\Roaming\ZHP\Quarantine\mbot_en_037050257\mbot_en_037050257\upmbot_en_037050257.exe, En quarantaine, [52d5f3914f4a45f12289c905ca375ba5],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\30DD.tmp.exe, En quarantaine, [aa7d5d27b5e451e5c24d154beb1548b8],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\E6E1.tmp.exe, En quarantaine, [0d1a96ee06933afcba55ea76b05030d0],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\EC4B.tmp.exe, En quarantaine, [d94ec4c0801956e043cc2d3326daa45c],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\7653.tmp.exe, En quarantaine, [9790196b21783006cf40560ae61a7f81],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\7CC7.tmp.exe, En quarantaine, [50d7f490c9d0f54132dd78e814ecdf21],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\4F68.tmp.exe, En quarantaine, [80a74b39e5b40f27db3490d012eede22],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\5EFA.tmp.exe, En quarantaine, [41e6e2a246530c2a4ac58bd54bb5ec14],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\F052.tmp.exe, En quarantaine, [d255592b0693241227e8f16fba46ec14],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\D3EB.tmp.exe, En quarantaine, [55d2374d9afff640a06f5a067f8144bc],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\B474.tmp.exe, En quarantaine, [f433e69eaaef8aac4fc0134db14ff60a],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\C0A3.tmp.exe, En quarantaine, [2ef91b69663334023ad593cdc838c43c],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\CA3E.tmp.exe, En quarantaine, [7aad23616e2bc3736ba496cade2205fb],
PUP.Optional.ConvertAd, C:\Users\cash-cash\AppData\Local\Temp\nsu18B9.tmp, En quarantaine, [2ef903813f5acd691055fd8392702bd5],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\9006.tmp.exe, En quarantaine, [a681dda75f3adb5bd7388fd1d12f59a7],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\A172.tmp.exe, En quarantaine, [d84f98ec2c6d16200609f769de227d83],
PUP.Optional.BundleInstaller, C:\Users\cash-cash\AppData\Local\Temp\A53A.tmp.exe, En quarantaine, [0f185c282a6fb680e02fef71d42c4db3],
PUP.Optional.CheckOffer, C:\Users\cash-cash\AppData\Local\Temp\nsf1F4.tmp\nsCBHTML5.dll, En quarantaine, [a681b0d479202e085298f423e21f2ed2],
Adware.AdLoad, C:\Windows\Temp\C313.tmp, En quarantaine, [d7502361524702346e9dc52391706997],
PUP.Optional.PreInstaller, C:\Windows\Temp\C323.tmp, En quarantaine, [be69d8acc6d35cda820a83be51b01ee2],
PUP.Optional.CheckOffer, C:\Windows\Temp\C325.tmp, En quarantaine, [81a61e664f4a1323f0fa25f258a9ae52],
PUP.Optional.Amonetize, C:\Users\cash-cash\Downloads\That Night In Rio 1941 Alice Downloader__3687_i1887322381_il2036309.exe, En quarantaine, [d7502c58e7b2ca6c91406398936e0bf5],
PUP.Optional.ConvertAd, C:\Users\cash-cash\AppData\Local\E99EC000-1457135213-1086-8A75-237792E56B63\pnse641F.exe, En quarantaine, [de49c7bd1c7d5fd7c45d6b1c857dd52b],
PUP.Optional.ConvertAd, C:\Users\cash-cash\AppData\Local\E99EC000-1457135213-1086-8A75-237792E56B63\rnsp640E.exe, En quarantaine, [dd4a4e36d8c13402645a44baa45d9f61],
PUP.Optional.ConvertAd, C:\Users\cash-cash\AppData\Local\E99EC000-1457135213-1086-8A75-237792E56B63\Uninstall.exe, En quarantaine, [0d1ab3d14653f93d6285a54db84b0ef2],
PUP.Optional.BestPriceNinja, C:\Users\cash-cash\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage, En quarantaine, [e146077dfb9e42f4b0602f3b4bb94fb1],
PUP.Optional.BestPriceNinja, C:\Users\cash-cash\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal, En quarantaine, [be6951336d2cfb3b17f9ee7c22e2d828],
PUP.Optional.CrossRider, C:\Users\cash-cash\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_q2u3z6t7.ssl.hwcdn.net_0.localstorage, En quarantaine, [7fa8770dadecfa3cafa8b5bd08fc0af6],
PUP.Optional.CrossRider, C:\Users\cash-cash\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_q2u3z6t7.ssl.hwcdn.net_0.localstorage-journal, En quarantaine, [ad7a4242d6c345f1d38422503fc5ba46],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité