Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 21/04/2014
Heure de l'examen: 23:49:04
Fichier journal:
Administrateur: Oui
Version: 2.00.1.1004
Base de donn�es Malveillants: v2014.04.21.07
Base de donn�es Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Chameleon: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Mahdid
Type d'examen: Examen "Menaces"
R�sultat: Annul�
Objets analys�s: 47614
Temps �coul�: 5 min, 27 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Shuriken: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 3
Adware.Adpeak, C:\Program Files\003\nuttkoqiez64.exe, 4684, Supprim�-au-red�marrage, [e11adf4d4a31e94dd966f32c08fcb24e]
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, 2256, Supprim�-au-red�marrage, [42b92b015328191d628528dab74a3ec2]
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, 4948, Supprim�-au-red�marrage, [42b92b015328191d628528dab74a3ec2]
Modules: 0
(No malicious items detected)
Cl�s du Registre: 20
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nuttkoqiez64, Mis en quarantaine, [e11adf4d4a31e94dd966f32c08fcb24e],
PUP.Optional.Iminent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SProtection, Mis en quarantaine, [42b92b015328191d628528dab74a3ec2],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, Mis en quarantaine, [05f66ebe116a290dc704958312f00cf4],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, Mis en quarantaine, [05f66ebe116a290dc704958312f00cf4],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{17734227-EAAA-4C5E-9AA3-036AD981B3A6}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8C973B84-E6DA-49D8-B786-9C93C2E587F5}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8C973B84-E6DA-49D8-B786-9C93C2E587F5}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{17734227-EAAA-4C5E-9AA3-036AD981B3A6}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{23AF19F7-1D5B-442C-B14C-3D1081953C94}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Mis en quarantaine, [2dce54d87704ce6863cdc18c03ff3bc5],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Mis en quarantaine, [906b0e1e2556f83e959c4c014cb63fc1],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [c3381e0e81fa191d497c70dc5ea45aa6],
PUP.Optional.BubbleDock.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Bubble Dock, Mis en quarantaine, [817ae4484536c2745c5065d0956c7d83],
Valeurs du Registre: 2
PUP.Optional.Iminent.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [c3381e0e81fa191d497c70dc5ea45aa6],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [3bc0d05c700b42f45e67103c2ad828d8],
Donn�es du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 8
Adware.Adpeak, C:\Program Files\003\nuttkoqiez64.exe, Supprim�-au-red�marrage, [e11adf4d4a31e94dd966f32c08fcb24e],
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, Supprim�-au-red�marrage, [42b92b015328191d628528dab74a3ec2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\SupraSavings\2rs3.dll, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15],
PUP.Optional.BubbleDock.A, C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, C:\Users\Mahdid\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock Update.exe, Mis en quarantaine, [4eadef3deb906ec897153df8b74a01ff],
PUP.Optional.BubbleDock.A, C:\Users\Mahdid\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe, Mis en quarantaine, [817ae4484536c2745c5065d0956c7d83],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Mis en quarantaine, [af4c38f488f30234fa78ac91e41c37c9],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Mis en quarantaine, [e5161913adce7bbbe808e4398a7a06fa],
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 21/04/2014
Heure de l'examen: 23:49:04
Fichier journal:
Administrateur: Oui
Version: 2.00.1.1004
Base de donn�es Malveillants: v2014.04.21.07
Base de donn�es Rootkits: v2014.03.27.01
Licence: Premium
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Chameleon: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Mahdid
Type d'examen: Examen "Menaces"
R�sultat: Annul�
Objets analys�s: 47614
Temps �coul�: 5 min, 27 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Shuriken: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 3
Adware.Adpeak, C:\Program Files\003\nuttkoqiez64.exe, 4684, Supprim�-au-red�marrage, [e11adf4d4a31e94dd966f32c08fcb24e]
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, 2256, Supprim�-au-red�marrage, [42b92b015328191d628528dab74a3ec2]
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, 4948, Supprim�-au-red�marrage, [42b92b015328191d628528dab74a3ec2]
Modules: 0
(No malicious items detected)
Cl�s du Registre: 20
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nuttkoqiez64, Mis en quarantaine, [e11adf4d4a31e94dd966f32c08fcb24e],
PUP.Optional.Iminent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SProtection, Mis en quarantaine, [42b92b015328191d628528dab74a3ec2],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, Mis en quarantaine, [05f66ebe116a290dc704958312f00cf4],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}, Mis en quarantaine, [05f66ebe116a290dc704958312f00cf4],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{23AF19F7-1D5B-442c-B14C-3D1081953C94}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{17734227-EAAA-4C5E-9AA3-036AD981B3A6}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8C973B84-E6DA-49D8-B786-9C93C2E587F5}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8C973B84-E6DA-49D8-B786-9C93C2E587F5}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{17734227-EAAA-4C5E-9AA3-036AD981B3A6}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{23AF19F7-1D5B-442C-B14C-3D1081953C94}, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Nosibay.SurfMatch.1, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Mis en quarantaine, [2dce54d87704ce6863cdc18c03ff3bc5],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Mis en quarantaine, [906b0e1e2556f83e959c4c014cb63fc1],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [c3381e0e81fa191d497c70dc5ea45aa6],
PUP.Optional.BubbleDock.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Bubble Dock, Mis en quarantaine, [817ae4484536c2745c5065d0956c7d83],
Valeurs du Registre: 2
PUP.Optional.Iminent.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [c3381e0e81fa191d497c70dc5ea45aa6],
PUP.Optional.Iminent.A, HKU\S-1-5-21-2949105948-2489377250-420207002-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Mis en quarantaine, [3bc0d05c700b42f45e67103c2ad828d8],
Donn�es du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 8
Adware.Adpeak, C:\Program Files\003\nuttkoqiez64.exe, Supprim�-au-red�marrage, [e11adf4d4a31e94dd966f32c08fcb24e],
PUP.Optional.Iminent, C:\Program Files (x86)\Common Files\Umbrella\Umbrella233.exe, Supprim�-au-red�marrage, [42b92b015328191d628528dab74a3ec2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\SupraSavings\2rs3.dll, Mis en quarantaine, [8378a587abd00a2c6ae964b2788aeb15],
PUP.Optional.BubbleDock.A, C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll, Mis en quarantaine, [7f7cbf6da7d4d462f906958139c9a759],
PUP.Optional.BubbleDock.A, C:\Users\Mahdid\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock Update.exe, Mis en quarantaine, [4eadef3deb906ec897153df8b74a01ff],
PUP.Optional.BubbleDock.A, C:\Users\Mahdid\AppData\Roaming\Nosibay\Bubble Dock\Uninstall Bubble Dock.exe, Mis en quarantaine, [817ae4484536c2745c5065d0956c7d83],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Mis en quarantaine, [af4c38f488f30234fa78ac91e41c37c9],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Mis en quarantaine, [e5161913adce7bbbe808e4398a7a06fa],
Secteurs physiques: 0
(No malicious items detected)
(end)