Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 08/03/2016
Heure de l'analyse: 19:55
Fichier journal: mbm.txt
Administrateur: Oui
Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.03.08.06
Base de données de rootkits: v2016.02.27.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Karine
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 392927
Temps écoulé: 24 min, 50 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 2
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AC2BA14-C8EE-41B6-B7DD-85CC77297D41}, Supprimer au redémarrage, [4b0bc0c52376cd693e8d413b3ec609f7],
PUP.Optional.DNSUnlocker.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81D00973}, En quarantaine, [f066bdc8b6e344f2d2e1740ac73d4fb1],
Valeurs du Registre: 7
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AC2BA14-C8EE-41B6-B7DD-85CC77297D41}|Path, \SMW_UpdateTask_Time_313435333835383834322d325b573423416c45555a2a6c, Supprimer au redémarrage, [4b0bc0c52376cd693e8d413b3ec609f7]
PUP.Optional.DNSUnlocker.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81d00973}|1, 1456049703, En quarantaine, [f066bdc8b6e344f2d2e1740ac73d4fb1]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{1304bfaa-1025-470a-8925-50353cc5836b}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [87cf7312b5e4c076c2c3284afc08b34d]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{38e6c61e-a78f-4734-9d50-de4c9437f516}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [bc9aef969603cb6b4243dd95ff059070]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{58eda661-990e-4a7c-b33f-37893540400d}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [094d04819efb41f589fc1e5439cb22de]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{c3f4ff83-fe8e-4b15-8bc0-d47b642bba0c}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [68eeed981881f2441e67a3cf1fe5fb05]
PUP.Optional.BrowserAir, HKU\S-1-5-21-834990444-1505823523-4223169436-1001\SOFTWARE\REGISTEREDAPPLICATIONS|BrowserAir.ATNF463UELHJJ7YFW7YBVMVMPM, Software\Clients\StartMenuInternet\BrowserAir.ATNF463UELHJJ7YFW7YBVMVMPM\Capabilities, En quarantaine, [193d1570c2d7e5513e8f3b422dd7fc04]
Données du Registre: 1
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.171 82.163.142.173, Bon : (8.8.8.8), Mauvais : (82.163.143.171 82.163.142.173),Remplacé,[57ffe99c5841dc5a784ce02d83829868]
Dossiers: 4
PUP.Optional.Amonetize, C:\ProgramData\{02d6c85e-312c-1}, En quarantaine, [a3b33055d1c88da921c1ad5e3dc6be42],
PUP.Optional.Amonetize, C:\ProgramData\{05aa1434-712c-0}, En quarantaine, [0d49ea9b148550e68b571dee778c9a66],
PUP.Optional.Amonetize, C:\ProgramData\{1174878f-212c-1}, En quarantaine, [d086afd6f4a5082ed210c645a55e22de],
PUP.Optional.Amonetize, C:\ProgramData\{25c11841-012c-0}, En quarantaine, [a7afb8cdbbdeeb4b7f63bb5058ab8d73],
Fichiers: 16
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [5006c3c2bedb7abca45af044ca3afd03],
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [3a1c1075cfcadf5745b920147094b34d],
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [b5a15a2bacede155e5a2ac8ad232b749],
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [11452d580d8c3df9a1e62f0723e1c63a],
PUP.Optional.eShopComp, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.eshopcomp.com_0.localstorage, En quarantaine, [74e2e5a09ffaa393169f353d8e7631cf],
PUP.Optional.eShopComp, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.eshopcomp.com_0.localstorage-journal, En quarantaine, [065097ee85147fb76550d79b37cde917],
PUP.Optional.UTop, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_utop.it_0.localstorage, En quarantaine, [0f47fb8ad7c260d6f5cd9bda59ab09f7],
PUP.Optional.UTop, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_utop.it_0.localstorage-journal, En quarantaine, [6beb05801a7f1f17bb07df9644c0f30d],
PUP.Optional.CrossRider, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [aaac91f4cecb1a1c11fe9fd7de2615eb],
PUP.Optional.CrossRider, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [5ef8157086132b0b1cf34e284eb6be42],
PUP.Optional.UTop, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, En quarantaine, [a5b1533212870c2afccd1866689ca15f],
PUP.Optional.UTop, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, En quarantaine, [aea88df88316db5b55740d7152b2b749],
PUP.Optional.Amonetize, C:\ProgramData\{02d6c85e-312c-1}\BIT7755.tmp, En quarantaine, [a3b33055d1c88da921c1ad5e3dc6be42],
PUP.Optional.Amonetize, C:\ProgramData\{05aa1434-712c-0}\BIT7A36.tmp, En quarantaine, [0d49ea9b148550e68b571dee778c9a66],
PUP.Optional.Amonetize, C:\ProgramData\{1174878f-212c-1}\BIT7794.tmp, En quarantaine, [d086afd6f4a5082ed210c645a55e22de],
PUP.Optional.Amonetize, C:\ProgramData\{25c11841-012c-0}\BIT7999.tmp, En quarantaine, [a7afb8cdbbdeeb4b7f63bb5058ab8d73],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 08/03/2016
Heure de l'analyse: 19:55
Fichier journal: mbm.txt
Administrateur: Oui
Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.03.08.06
Base de données de rootkits: v2016.02.27.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Karine
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 392927
Temps écoulé: 24 min, 50 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du Registre: 2
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AC2BA14-C8EE-41B6-B7DD-85CC77297D41}, Supprimer au redémarrage, [4b0bc0c52376cd693e8d413b3ec609f7],
PUP.Optional.DNSUnlocker.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81D00973}, En quarantaine, [f066bdc8b6e344f2d2e1740ac73d4fb1],
Valeurs du Registre: 7
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AC2BA14-C8EE-41B6-B7DD-85CC77297D41}|Path, \SMW_UpdateTask_Time_313435333835383834322d325b573423416c45555a2a6c, Supprimer au redémarrage, [4b0bc0c52376cd693e8d413b3ec609f7]
PUP.Optional.DNSUnlocker.EncJob, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{81d00973}|1, 1456049703, En quarantaine, [f066bdc8b6e344f2d2e1740ac73d4fb1]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{1304bfaa-1025-470a-8925-50353cc5836b}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [87cf7312b5e4c076c2c3284afc08b34d]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{38e6c61e-a78f-4734-9d50-de4c9437f516}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [bc9aef969603cb6b4243dd95ff059070]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{58eda661-990e-4a7c-b33f-37893540400d}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [094d04819efb41f589fc1e5439cb22de]
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{c3f4ff83-fe8e-4b15-8bc0-d47b642bba0c}|NameServer, 82.163.143.171 82.163.142.173, En quarantaine, [68eeed981881f2441e67a3cf1fe5fb05]
PUP.Optional.BrowserAir, HKU\S-1-5-21-834990444-1505823523-4223169436-1001\SOFTWARE\REGISTEREDAPPLICATIONS|BrowserAir.ATNF463UELHJJ7YFW7YBVMVMPM, Software\Clients\StartMenuInternet\BrowserAir.ATNF463UELHJJ7YFW7YBVMVMPM\Capabilities, En quarantaine, [193d1570c2d7e5513e8f3b422dd7fc04]
Données du Registre: 1
Trojan.DNSChanger.DNSRst, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.171 82.163.142.173, Bon : (8.8.8.8), Mauvais : (82.163.143.171 82.163.142.173),Remplacé,[57ffe99c5841dc5a784ce02d83829868]
Dossiers: 4
PUP.Optional.Amonetize, C:\ProgramData\{02d6c85e-312c-1}, En quarantaine, [a3b33055d1c88da921c1ad5e3dc6be42],
PUP.Optional.Amonetize, C:\ProgramData\{05aa1434-712c-0}, En quarantaine, [0d49ea9b148550e68b571dee778c9a66],
PUP.Optional.Amonetize, C:\ProgramData\{1174878f-212c-1}, En quarantaine, [d086afd6f4a5082ed210c645a55e22de],
PUP.Optional.Amonetize, C:\ProgramData\{25c11841-012c-0}, En quarantaine, [a7afb8cdbbdeeb4b7f63bb5058ab8d73],
Fichiers: 16
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [5006c3c2bedb7abca45af044ca3afd03],
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [3a1c1075cfcadf5745b920147094b34d],
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage, En quarantaine, [b5a15a2bacede155e5a2ac8ad232b749],
PUP.Optional.PastaLeads, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nps.pastaleads.com_0.localstorage-journal, En quarantaine, [11452d580d8c3df9a1e62f0723e1c63a],
PUP.Optional.eShopComp, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.eshopcomp.com_0.localstorage, En quarantaine, [74e2e5a09ffaa393169f353d8e7631cf],
PUP.Optional.eShopComp, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.eshopcomp.com_0.localstorage-journal, En quarantaine, [065097ee85147fb76550d79b37cde917],
PUP.Optional.UTop, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_utop.it_0.localstorage, En quarantaine, [0f47fb8ad7c260d6f5cd9bda59ab09f7],
PUP.Optional.UTop, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_utop.it_0.localstorage-journal, En quarantaine, [6beb05801a7f1f17bb07df9644c0f30d],
PUP.Optional.CrossRider, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [aaac91f4cecb1a1c11fe9fd7de2615eb],
PUP.Optional.CrossRider, C:\Users\Karine\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [5ef8157086132b0b1cf34e284eb6be42],
PUP.Optional.UTop, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage, En quarantaine, [a5b1533212870c2afccd1866689ca15f],
PUP.Optional.UTop, C:\Users\Karine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utop.it_0.localstorage-journal, En quarantaine, [aea88df88316db5b55740d7152b2b749],
PUP.Optional.Amonetize, C:\ProgramData\{02d6c85e-312c-1}\BIT7755.tmp, En quarantaine, [a3b33055d1c88da921c1ad5e3dc6be42],
PUP.Optional.Amonetize, C:\ProgramData\{05aa1434-712c-0}\BIT7A36.tmp, En quarantaine, [0d49ea9b148550e68b571dee778c9a66],
PUP.Optional.Amonetize, C:\ProgramData\{1174878f-212c-1}\BIT7794.tmp, En quarantaine, [d086afd6f4a5082ed210c645a55e22de],
PUP.Optional.Amonetize, C:\ProgramData\{25c11841-012c-0}\BIT7999.tmp, En quarantaine, [a7afb8cdbbdeeb4b7f63bb5058ab8d73],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)