Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 14/09/2016 Heure de l'analyse: 05:00 Fichier journal: Rapport Malwarebytes.txt Administrateur: Oui Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.09.14.02 Base de données de rootkits: v2016.08.15.01 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: ADONCUMI Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 458692 Temps écoulé: 45 min, 19 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Activé PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 27 PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd.1, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKU\S-1-5-21-1083923445-2926721701-3890759838-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKU\S-1-5-21-1083923445-2926721701-3890759838-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.SpringFiles, HKLM\SOFTWARE\WOW6432NODE\SrpnFiles, En quarantaine, [19f181f1f2a8979f508c4485b25038c8], PUP.Optional.SpringFiles, HKU\S-1-5-21-1083923445-2926721701-3890759838-1000\SOFTWARE\SrpnFiles, En quarantaine, [31d98be7c4d6280e45758247cf33b848], Valeurs du Registre: 6 PUP.Optional.ASK, HKU\S-1-5-21-1083923445-2926721701-3890759838-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, | ÔJ f@¡­BCØ t@, En quarantaine, [a466b5bd4a50d16525450f9cd331728e] PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], PUP.Optional.ASK, HKU\S-1-5-21-1083923445-2926721701-3890759838-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [d2383a38dbbf46f0cf9bbfec1fe5a858], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, En quarantaine, [54b682f0396196a0df8b634884806f91], Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://stoppblock.org/wpad.dat?215a08ef4c27a7a30dba66fb8384d4b514634832, En quarantaine, [2ae08ce695052610fdaabdf6b64ec43c] Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1083923445-2926721701-3890759838-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://stoppblock.org/wpad.dat?215a08ef4c27a7a30dba66fb8384d4b514634832, En quarantaine, [d238a0d2ebaf8fa7a206c9ea788c817f] Données du Registre: 0 (Aucun élément malveillant détecté) Dossiers: 3 PUP.Optional.ASK, C:\Users\Administrateur\AppData\Local\Temp\APNLogs, En quarantaine, [67a3d1a1aaf0c373b066cf02b250e41c], PUP.Optional.SpringFiles, C:\Users\ADONCUMI\AppData\Roaming\SpringFiles, En quarantaine, [a66495dda5f54bebbe043f8309f946ba], PUP.Optional.ASK, C:\Users\ADONCUMI\AppData\LocalLow\AskToolbar, En quarantaine, [f01ad49e9406ba7c7a663690e81a5ea2], Fichiers: 14 PUP.Optional.ASK, C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll, En quarantaine, [a466b5bd4a50d16525450f9cd331728e], RiskWare.Tool.CK, C:\Users\ADONCUMI\AppData\Roaming\ZHP\Quarantine\kmservice.exe.VIR, En quarantaine, [7199cda59505ef479aed9a6e46bc1ee2], RiskWare.Tool.HCK, C:\Users\ADONCUMI\Desktop\Internet Download Manager (IDM) 6.23 Build 15 Registered (32bit + 64bit Patch) [CrackingPatching].zip, En quarantaine, [2fdb056d306aae8862cfaa5e4cb5f50b], PUP.Optional.ASK, C:\Program Files (x86)\Ask.com\UpdateTask.exe, En quarantaine, [e624353dbae0b383cae4f5c7847de11f], Trojan.Injector.AutoIt, C:\Users\ADONCUMI\Downloads\CCleaner 5.20.5668 Retail.zip, En quarantaine, [d832353dddbd2c0af26ec382e121b64a], PUP.Optional.InstallMonster, C:\Users\ADONCUMI\Downloads\Setup Incl Crack.zip, En quarantaine, [9674660c3565320429b623b3cd377090], PUP.Optional.OpenCandy, C:\Users\ADONCUMI\Music\Connectify Hotspot PRO 7.3.0.30245 Incl Patch [KaranPC].zip, En quarantaine, [35d53c364357979f5e70c160e21e9f61], PUP.Optional.OpenCandy, C:\Users\ADONCUMI\Desktop\Connectify Hotspot PRO 7.3.0.30245 Incl Patch [KaranPC]\Connectify Hotspot PRO 7.3.0.30245 Incl Patch [KaranPC]\Connectify_7.3.0.30245_setup.exe, En quarantaine, [907a4e246a30e25407c767ba0df3f010], HackTool.FilePatch, C:\Users\ADONCUMI\Desktop\Connectify Hotspot PRO 7.3.0.30245 Incl Patch [KaranPC]\Connectify Hotspot PRO 7.3.0.30245 Incl Patch [KaranPC]\Patch.exe, En quarantaine, [b654e88a8f0b79bd3af609400004936d], PUP.Optional.IntroKeygen, C:\Users\ADONCUMI\Desktop\UltraISO Premium Edition v9.5.2.2836 Multilingual Incl Keymaker-CORE\CORE10k.EXE, En quarantaine, [2cde4c266139f1452b8f152f1de70af6], PUP.Optional.ASK, C:\Users\Administrateur\AppData\Local\Temp\APNLogs\ci.log, En quarantaine, [67a3d1a1aaf0c373b066cf02b250e41c], PUP.Optional.ASK, C:\Users\Administrateur\AppData\Local\Temp\APNLogs\iw.log, En quarantaine, [67a3d1a1aaf0c373b066cf02b250e41c], PUP.Optional.ASK, C:\Users\ADONCUMI\AppData\LocalLow\AskToolbar\cache.dat, En quarantaine, [f01ad49e9406ba7c7a663690e81a5ea2], PUP.Optional.ASK, C:\Users\ADONCUMI\AppData\LocalLow\AskToolbar\config.xml, En quarantaine, [f01ad49e9406ba7c7a663690e81a5ea2], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)