Publicité
Publicité
Commentaire : aide
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 11/10/2015
Heure de l'analyse: 16:12
Fichier journal: Malwarebytes Anti-Malware.txt
Administrateur: Oui
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.10.11.03
Base de données de rootkits: v2015.10.06.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Thibaud
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 504550
Temps écoulé: 1 h, 53 min, 56 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 2
PUP.Optional.Miner, C:\ProgramData\Adobe\rundll32.exe, 6140, , [fcb3e47197f4181ee70aee489a6b31cf]
Backdoor.Agent.ADB, C:\ProgramData\Adobe\rundll32.exe, 6140, , [4b64183dfc8f2b0bf4d9d77453b05da3]
Modules: 0
(Aucun élément malveillant détecté)
Clés du registre: 8
PUP.Optional.Miner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [fcb3e47197f4181ee70aee489a6b31cf],
PUP.Optional.Miner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [fcb3e47197f4181ee70aee489a6b31cf],
Backdoor.Agent.ADB, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [4b64183dfc8f2b0bf4d9d77453b05da3],
Backdoor.Agent.ADB, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [4b64183dfc8f2b0bf4d9d77453b05da3],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [8926b99ce5a6191d06ee9af70df7956b],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [0ca3ee67b2d9b581b24221704abafa06],
PUP.Optional.InstallCore, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\ICSW1.14, , [e9c661f4f695de58ba35506824e0c937],
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}, , [d9d6e1743457c175712801d2877d6f91],
Valeurs du registre: 7
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [8926b99ce5a6191d06ee9af70df7956b]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [0ca3ee67b2d9b581b24221704abafa06]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|URL, http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCyD0AzzyD0D0Dzy0AyDtDtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAtA0CyD0CtDtB0AtG0AyCzyyDtG0C0A0AtBtGzzyE0BzztGyBtBtDyCyEyDyEzz0DtDyEtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzy0C0FtAzztDtCtGyB0CtDtBtG0Czy0F0AtGyBzytAtAtGtB0FyD0AyBtByCzz0C0EtD0B2Q&cr=1048675667&ir=, , [d9d6e1743457c175712801d2877d6f91]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|TopResultURLFallback, http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCyD0AzzyD0D0Dzy0AyDtDtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAtA0CyD0CtDtB0AtG0AyCzyyDtG0C0A0AtBtGzzyE0BzztGyBtBtDyCyEyDyEzz0DtDyEtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzy0C0FtAzztDtCtGyB0CtDtBtG0Czy0F0AtGyBzytAtAtGtB0FyD0AyBtByCzz0C0EtD0B2Q&cr=1048675667&ir=, , [0aa5045159326acc15847a590df7c040]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|FaviconPath, C:\Program Files (x86)\Speedial\1.8.29.15\FavIcon.ico, , [46693c199feca09629704291c73dca36]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}, Speedial, , [8d222035a1ea9e989aff07ccde26d52b]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|DisplayName, Speedial, , [b0ffe471a9e22d09a2f7b61ddc28f010]
Données du registre: 0
(Aucun élément malveillant détecté)
Dossiers: 1
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355, , [bcf359fc8704bd794883b3e18b79f709],
Fichiers: 14
PUP.Optional.Miner, C:\ProgramData\Adobe\rundll32.exe, , [fcb3e47197f4181ee70aee489a6b31cf],
PUP.Optional.InstallCore, C:\Users\Thibaud\AppData\Local\Temp\ICReinstall_directx-11.exe, , [773845106c1fd85e7818e40819e8d12f],
Backdoor.Agent.ADB, C:\ProgramData\Adobe\rundll32.exe, , [4b64183dfc8f2b0bf4d9d77453b05da3],
PUP.Optional.WinYahoo, C:\Users\Thibaud\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, , [1c93470eed9e56e0220da1f0f014bc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\026816f45d2e47b2b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\189b814eae567c7cb11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\21dd2fa5f20cc109b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\34c411b0fb868090b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\509988526bee90c2b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\5ba3ff2d19c3f782b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\6757e794ec36f69eb11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\83096e7eaa178540b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\efab86736db47390b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\f7610c3afe2bbcd1b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 11/10/2015
Heure de l'analyse: 16:12
Fichier journal: Malwarebytes Anti-Malware.txt
Administrateur: Oui
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.10.11.03
Base de données de rootkits: v2015.10.06.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Thibaud
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 504550
Temps écoulé: 1 h, 53 min, 56 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 2
PUP.Optional.Miner, C:\ProgramData\Adobe\rundll32.exe, 6140, , [fcb3e47197f4181ee70aee489a6b31cf]
Backdoor.Agent.ADB, C:\ProgramData\Adobe\rundll32.exe, 6140, , [4b64183dfc8f2b0bf4d9d77453b05da3]
Modules: 0
(Aucun élément malveillant détecté)
Clés du registre: 8
PUP.Optional.Miner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [fcb3e47197f4181ee70aee489a6b31cf],
PUP.Optional.Miner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [fcb3e47197f4181ee70aee489a6b31cf],
Backdoor.Agent.ADB, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [4b64183dfc8f2b0bf4d9d77453b05da3],
Backdoor.Agent.ADB, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNDLL32.EXE, , [4b64183dfc8f2b0bf4d9d77453b05da3],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [8926b99ce5a6191d06ee9af70df7956b],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [0ca3ee67b2d9b581b24221704abafa06],
PUP.Optional.InstallCore, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\ICSW1.14, , [e9c661f4f695de58ba35506824e0c937],
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}, , [d9d6e1743457c175712801d2877d6f91],
Valeurs du registre: 7
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [8926b99ce5a6191d06ee9af70df7956b]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [0ca3ee67b2d9b581b24221704abafa06]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|URL, http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCyD0AzzyD0D0Dzy0AyDtDtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAtA0CyD0CtDtB0AtG0AyCzyyDtG0C0A0AtBtGzzyE0BzztGyBtBtDyCyEyDyEzz0DtDyEtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzy0C0FtAzztDtCtGyB0CtDtBtG0Czy0F0AtGyBzytAtAtGtB0FyD0AyBtByCzz0C0EtD0B2Q&cr=1048675667&ir=, , [d9d6e1743457c175712801d2877d6f91]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|TopResultURLFallback, http://speedial.com/results.php?f=4&q={searchTerms}&a=spd_tele_14_25_ff&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCyD0AzzyD0D0Dzy0AyDtDtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAtA0CyD0CtDtB0AtG0AyCzyyDtG0C0A0AtBtGzzyE0BzztGyBtBtDyCyEyDyEzz0DtDyEtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzy0C0FtAzztDtCtGyB0CtDtBtG0Czy0F0AtGyBzytAtAtGtB0FyD0AyBtByCzz0C0EtD0B2Q&cr=1048675667&ir=, , [0aa5045159326acc15847a590df7c040]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|FaviconPath, C:\Program Files (x86)\Speedial\1.8.29.15\FavIcon.ico, , [46693c199feca09629704291c73dca36]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}, Speedial, , [8d222035a1ea9e989aff07ccde26d52b]
PUP.Optional.SpeedDial, HKU\S-1-5-21-2019967907-4093017838-2558531480-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C8E40421-41DB-43FB-A85E-7EFEB3395BF8}|DisplayName, Speedial, , [b0ffe471a9e22d09a2f7b61ddc28f010]
Données du registre: 0
(Aucun élément malveillant détecté)
Dossiers: 1
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355, , [bcf359fc8704bd794883b3e18b79f709],
Fichiers: 14
PUP.Optional.Miner, C:\ProgramData\Adobe\rundll32.exe, , [fcb3e47197f4181ee70aee489a6b31cf],
PUP.Optional.InstallCore, C:\Users\Thibaud\AppData\Local\Temp\ICReinstall_directx-11.exe, , [773845106c1fd85e7818e40819e8d12f],
Backdoor.Agent.ADB, C:\ProgramData\Adobe\rundll32.exe, , [4b64183dfc8f2b0bf4d9d77453b05da3],
PUP.Optional.WinYahoo, C:\Users\Thibaud\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, , [1c93470eed9e56e0220da1f0f014bc44],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\026816f45d2e47b2b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\189b814eae567c7cb11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\21dd2fa5f20cc109b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\34c411b0fb868090b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\509988526bee90c2b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\5ba3ff2d19c3f782b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\6757e794ec36f69eb11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\83096e7eaa178540b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\efab86736db47390b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\15169047292228424355\f7610c3afe2bbcd1b11597dae30464b1.ini, , [bcf359fc8704bd794883b3e18b79f709],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)