cjoint

Publicité


Publicité

Commentaire : nettoyage ordi bilan

Format du document : text/plain

Prévisualisation

Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'analyse: 27/02/2017
Heure de l'analyse: 12:23
Fichier journal: malwarebytes.txt
Administrateur: Oui

-Informations du logiciel-
Version: 3.0.6.1469
Version de composants: 1.0.50
Version de pack de mise à jour: 1.0.1369
Licence: Essai

-Informations système-
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: ordiketrich\ketrich

-Résumé de l'analyse-
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 400713
Temps écoulé: 20 min, 14 s

-Options d'analyse-
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

-Détails de l'analyse-
Processus: 0
(Aucun élément malveillant détecté)

Module: 0
(Aucun élément malveillant détecté)

Clé du registre: 22
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, En quarantaine, [1322], [327206],1.0.1369
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, En quarantaine, [2117], [167673],1.0.1369
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, En quarantaine, [1322], [327205],1.0.1369
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}, En quarantaine, [11208], [169663],1.0.1369
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{b53292ef}, En quarantaine, [46], [260250],1.0.1369
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-5.7, En quarantaine, [307], [375065],1.0.1369
Trojan.P2P, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWS INTERNET NAME SERVICE, En quarantaine, [4926], [214989],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{06DF0A06-02AD-43E2-B3DB-520B151D0ACD}, En quarantaine, [1236], [260101],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{08973536-7DD1-47A3-ABC6-67B78DD73F32}, En quarantaine, [1236], [259453],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0F8ECEC5-C1C9-47F8-8533-EA6B9655F90B}, En quarantaine, [1236], [259452],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{21B0FC87-3587-4004-B73A-2217C94984F3}, En quarantaine, [1236], [260101],1.0.1369
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8BEF425-4B9C-481C-A565-107B2156F004}, En quarantaine, [11208], [253595],1.0.1369
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2562f16b-6f66-4afe-ad35-b0abd764af98}, En quarantaine, [307], [237509],1.0.1369
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{596b4ff5-ef72-4fb2-880c-e87d50047a38}, En quarantaine, [307], [237510],1.0.1369
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6d44992a-baaf-4f16-9e83-f7f5ef01b297}, En quarantaine, [307], [237508],1.0.1369
PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-5.7-chromeinstaller, En quarantaine, [9041], [241784],1.0.1369
PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-5.7-codedownloader, En quarantaine, [9041], [241784],1.0.1369
PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-5.7-enabler, En quarantaine, [9041], [241784],1.0.1369
PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-5.7-firefoxinstaller, En quarantaine, [9041], [241784],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\temp_Plus-HD-5.7-enabler, En quarantaine, [1236], [260103],1.0.1369
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, En quarantaine, [11329], [253616],1.0.1369
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Dynamo Combo, En quarantaine, [71], [253976],1.0.1369

Valeur du registre: 11
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|APPPATH, En quarantaine, [9675], [232752],1.0.1369
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{b53292ef}|1, En quarantaine, [46], [260250],1.0.1369
Trojan.P2P, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWS INTERNET NAME SERVICE|IMAGEPATH, En quarantaine, [4926], [214989],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{06DF0A06-02AD-43E2-B3DB-520B151D0ACD}|PATH, En quarantaine, [1236], [260101],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{08973536-7DD1-47A3-ABC6-67B78DD73F32}|PATH, En quarantaine, [1236], [259453],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0F8ECEC5-C1C9-47F8-8533-EA6B9655F90B}|PATH, En quarantaine, [1236], [259452],1.0.1369
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{21B0FC87-3587-4004-B73A-2217C94984F3}|PATH, En quarantaine, [1236], [260101],1.0.1369
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8BEF425-4B9C-481C-A565-107B2156F004}|APPPATH, En quarantaine, [11208], [253595],1.0.1369
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2562f16b-6f66-4afe-ad35-b0abd764af98}|APPNAME, En quarantaine, [307], [237509],1.0.1369
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{596b4ff5-ef72-4fb2-880c-e87d50047a38}|APPNAME, En quarantaine, [307], [237510],1.0.1369
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6d44992a-baaf-4f16-9e83-f7f5ef01b297}|APPNAME, En quarantaine, [307], [237508],1.0.1369

Données du registre: 9
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{28230CBE-DF15-42C5-8AB0-0034D01AC902}|NameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{28230CBE-DF15-42C5-8AB0-0034D01AC902}|DhcpNameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{76CEF8D3-1128-420B-B997-C0328FC60319}|NameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B810E2B5-64F7-4924-8CB0-57F332E30EA9}|NameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B810E2B5-64F7-4924-8CB0-57F332E30EA9}|DhcpNameServer, Remplacé, [46], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{CBF24574-46E6-43F1-9399-B1F0EE9BBD8A}|NameServer, Remplacé, [46], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NAMESERVER, Remplacé, [7660], [293494],1.0.1369

Flux de données: 0
(Aucun élément malveillant détecté)

Dossier: 8
Adware.VidSquare.BrwsrFlsh, C:\Program Files (x86)\GTFAVENUE Updater\update, En quarantaine, [3215], [361181],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\PROGRAM FILES (X86)\GTFAVENUE UPDATER, En quarantaine, [3215], [361181],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\PROGRAM FILES (X86)\GTFAVENUE, En quarantaine, [3215], [361184],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\img, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\res, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\PROGRAM FILES (X86)\Maoha, En quarantaine, [305], [356754],1.0.1369

Fichier: 35
PUP.Optional.Linkury, C:\USERS\KETRICH\APPDATA\ROAMING\WARMLEX.BIN, En quarantaine, [399], [331415],1.0.1369
PUP.Optional.Linkury.Gen, C:\USERS\KETRICH\APPDATA\ROAMING\SINGTIP.TST, En quarantaine, [19997], [261636],1.0.1369
PUP.Optional.LogicHandler, C:\USERS\KETRICH\APPDATA\ROAMING\SOLLA.BIN, En quarantaine, [4678], [24306],1.0.1369
PUP.Optional.Vosteran, C:\USERS\KETRICH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\84669RBD.DEFAULT\USER.JS, En quarantaine, [9675], [302028],1.0.1369
PUP.Optional.Youndoo, C:\USERS\KETRICH\APPDATA\ROAMING\PROFILES\ATAMERCULT.DEFAULT\SEARCHPLUGINS\MEM4JQTY.XML, En quarantaine, [767], [324489],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\PROGRAM FILES (X86)\GTFAVENUE UPDATER\UNINS000.DAT, En quarantaine, [3215], [361181],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\PROGRAM FILES (X86)\GTFAVENUE\LICENSE.RTF, En quarantaine, [3215], [361184],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\Program Files (x86)\GTFAVENUE\GTFAVENUE.cer, En quarantaine, [3215], [361184],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\Program Files (x86)\GTFAVENUE\Info.rtf, En quarantaine, [3215], [361184],1.0.1369
Adware.VidSquare.BrwsrFlsh, C:\Program Files (x86)\GTFAVENUE\unins000.dat, En quarantaine, [3215], [361184],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\res\support.dat, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\img\app_logo.png, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\img\app_tj.png, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\img\info.png, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\img\litlogo.png, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\img\logo.png, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\welcome\index.html, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\MaohaWiFi.dat, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\PhonetypeData.dat, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\Uninst.dar0, En quarantaine, [305], [356754],1.0.1369
Adware.Elex, C:\Program Files (x86)\Maoha\MaohaAP\Uninst.dar1, En quarantaine, [305], [356754],1.0.1369
PUP.Optional.SweetIM, C:\WINDOWS\INSTALLER\59AB3B.MSI, En quarantaine, [1436], [297640],1.0.1369
PUP.Optional.SweetIM, C:\WINDOWS\INSTALLER\59AB41.MSI, En quarantaine, [1436], [297640],1.0.1369
PUP.Optional.SweetIM, C:\WINDOWS\INSTALLER\59AB26.MSI, En quarantaine, [1436], [297640],1.0.1369
PUP.Optional.Boxore.WnskRST, C:\WINDOWS\INSTALLER\2A01815.MSI, En quarantaine, [15035], [299541],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\TASKS\PLUS-HD-5.7-CODEDOWNLOADER.JOB, En quarantaine, [9041], [241742],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\TASKS\PLUS-HD-5.7-FIREFOXINSTALLER.JOB, En quarantaine, [9041], [241742],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\TASKS\PLUS-HD-5.7-CHROMEINSTALLER.JOB, En quarantaine, [9041], [241742],1.0.1369
PUP.Optional.CrossRider.Generic, C:\WINDOWS\TASKS\TEMP_PLUS-HD-5.7-ENABLER.JOB, En quarantaine, [1236], [260097],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\TASKS\PLUS-HD-5.7-ENABLER.JOB, En quarantaine, [9041], [241742],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\SYSTEM32\TASKS\PLUS-HD-5.7-CODEDOWNLOADER, En quarantaine, [9041], [241739],1.0.1369
PUP.Optional.CrossRider.Generic, C:\WINDOWS\SYSTEM32\TASKS\TEMP_PLUS-HD-5.7-ENABLER, En quarantaine, [1236], [260095],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\SYSTEM32\TASKS\PLUS-HD-5.7-FIREFOXINSTALLER, En quarantaine, [9041], [241739],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\SYSTEM32\TASKS\PLUS-HD-5.7-ENABLER, En quarantaine, [9041], [241739],1.0.1369
PUP.Optional.PlusHD, C:\WINDOWS\SYSTEM32\TASKS\PLUS-HD-5.7-CHROMEINSTALLER, En quarantaine, [9041], [241739],1.0.1369

Secteur physique: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité