Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 21/03/2016
Heure de l'analyse: 19:51
Fichier journal: mbam.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2016.03.21.05
Base de données de rootkits: v2016.03.12.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 8.1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: USER-HP

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 493252
Temps écoulé: 48 min, 45 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 5
PUP.Optional.SecureWeb, HKU\S-1-5-21-3905468546-2106592361-564293017-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D3C24E2B-C820-4492-9B69-11BF7163F998}, En quarantaine, [c8a16c1eb3e6ae88b5ccd5f313ef54ac], 
PUP.Optional.SecureWeb, HKU\S-1-5-21-3905468546-2106592361-564293017-501\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D3C24E2B-C820-4492-9B69-11BF7163F998}, En quarantaine, [c8a16c1eb3e6ae88b5ccd5f313ef54ac], 
PUP.Optional.GoHD, HKU\S-1-5-21-3905468546-2106592361-564293017-1002\SOFTWARE\-, En quarantaine, [85e4acdeff9a74c27d40d241f50f4db3], 
PUP.Optional.MultiPlug, HKU\S-1-5-21-3905468546-2106592361-564293017-1002_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, En quarantaine, [25442f5be9b0ab8b7cb4d771ff05d828], 
PUP.Optional.MultiPlug, HKU\S-1-5-21-3905468546-2106592361-564293017-1002_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, En quarantaine, [25442f5be9b0ab8b7cb4d771ff05d828], 

Valeurs du registre: 1
PUP.Optional.GoSearchMe, HKU\S-1-5-21-3905468546-2106592361-564293017-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, https://gosearch.me/?u=34d67718b95afb9c23d46c0daed415db&c=gpupdater&src=hp&inst=1445120729, En quarantaine, [fd6ce6a45c3ddf57250539db788c946c]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 13
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\7b@m.net\content, En quarantaine, [4920701a6534f046c8178602ec18c739], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\7b@m.net, En quarantaine, [4920701a6534f046c8178602ec18c739], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\EOT@Z.com\content, En quarantaine, [8edbd4b6d1c88caa31ae7612d133df21], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\EOT@Z.com, En quarantaine, [8edbd4b6d1c88caa31ae7612d133df21], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ld@nDobm.org\content, En quarantaine, [38316228e4b5e74f4996bbcd0ff5b24e], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ld@nDobm.org, En quarantaine, [38316228e4b5e74f4996bbcd0ff5b24e], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ZD@noA.com\content, En quarantaine, [94d5c0cabddc63d322bdbbcdab5926da], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ZD@noA.com, En quarantaine, [94d5c0cabddc63d322bdbbcdab5926da], 
PUP.Optional.Privoxy, C:\Users\USER-HP\AppData\Roaming\Windows Cleaner, En quarantaine, [42275f2bebaee4522a98c4c5a95bc53b], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2\content, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.SecureWeb, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\882acb6c0dae4f6cf90f2e88aed415db\content, En quarantaine, [c6a3fd8d495037ff9e88ca7c8481ad53], 
PUP.Optional.SecureWeb, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\882acb6c0dae4f6cf90f2e88aed415db, En quarantaine, [c6a3fd8d495037ff9e88ca7c8481ad53], 

Fichiers: 48
Backdoor.Agent.WD, C:\Users\USER-HP\AppData\Roaming\ZHP\Quarantine\66BB.tmp.exe, En quarantaine, [86e35b2fdcbd30066c14b16dd7291ae6], 
Trojan.Downloader, C:\Users\USER-HP\AppData\Roaming\ZHP\Quarantine\7465.tmp.exe, En quarantaine, [f5745733d7c245f11e89db79aa580ef2], 
Backdoor.Agent.WD, C:\Users\USER-HP\AppData\Roaming\ZHP\Quarantine\hp_238583.exe, En quarantaine, [b4b5791152471f17542ccf4fbb456898], 
Backdoor.Agent.WD, C:\Users\USER-HP\AppData\Roaming\ZHP\Quarantine\hp_u_823824.exe, En quarantaine, [6ffa4c3ea3f643f3562a5dc1f10fef11], 
PUP.Optional.MultiPlug.UNS, C:\Users\USER-HP\AppData\Roaming\ZHP\Quarantine\Browser AdBlocker\Browser AdBlocker.exe, En quarantaine, [d49542486f2aa195c6cd6333d32fa35d], 
PUP.Optional.MultiPlug, C:\Windows\Temp\tmp7lnkjr\dbghelp.dll, En quarantaine, [b1b83555a4f54ee8ed0468ddd22f35cb], 
PUP.Optional.MultiPlug, C:\Windows\Temp\tmpo_o0fs\LoC6NLkJME9n4KN.exe, En quarantaine, [ec7dc3c78d0c5ed8d1297ec733ce9b65], 
PUP.Optional.MultiPlug, C:\Windows\Temp\tmppzbwo8\dbghelp.dll, En quarantaine, [a3c63951fe9b95a143ae3213758c629e], 
PUP.Optional.MultiPlug.BHO, C:\Windows\Temp\tmpy2jy4s\8SjjO23M4gLXYh.dll, En quarantaine, [69008901712866d07ba0083e5aa7e818], 
PUP.Optional.MultiPlug.BHO64, C:\Windows\Temp\tmpy2jy4s\8SjjO23M4gLXYh.x64.dll, En quarantaine, [2e3b1f6bfb9ebb7bf825c87e4bb6bd43], 
PUP.Optional.MultiPlug, C:\Windows\Temp\tmpy2jy4s\jnhBi6GZRJ3UT6l.exe, En quarantaine, [6405197189108ea87d7df253d32ea858], 
PUP.Optional.APNToolBar, C:\Users\USER-HP\Downloads\Setup-SopCast-4.0.0-2015-8-21.exe, En quarantaine, [e8818dfd5c3d7bbbead9c67b42bff709], 
PUP.Optional.APNToolBar, C:\Users\USER-HP\Downloads\SopCast.zip, En quarantaine, [27426f1b7920340212b158e98a775ca4], 
PUP.Optional.MultiPlug, C:\Users\USER-HP\Downloads\XeMu360_Setup.exe, En quarantaine, [a6c336545841c571c7d34e88e1207a86], 
PUP.Optional.InstallCore, C:\Users\USER-HP\Desktop\Torrents\Téléchargés\[R.G. Mechanics] SimCity\setup.exe, En quarantaine, [5f0a5c2e3762f93d99a1d19745bc0000], 
PUP.Optional.Jelbrus, C:\Users\USER-HP\Desktop\Vidéos\Films\Secondaires\Batman Begins.exe, En quarantaine, [b0b957334455b28441b7a59f3acb41bf], 
PUP.Optional.ShopperDealsWay, C:\Users\USER-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_shopper.deals-way.com_83.localstorage, En quarantaine, [e980cfbb72271a1c2541a89fa55fea16], 
PUP.Optional.ShopperDealsWay, C:\Users\USER-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_shopper.deals-way.com_83.localstorage-journal, En quarantaine, [3b2edfabe1b8d2646402ff48b64e7e82], 
PUP.Optional.CrossRider, C:\Users\USER-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [77f25f2b98012f075bbc6c1af80c1be5], 
PUP.Optional.CrossRider, C:\Users\USER-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [99d03852f0a93cfa1ef9127450b4ba46], 
PUP.Optional.CrossRider, C:\Users\USER-HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, En quarantaine, [83e68a00c7d2a0964fced2b49272cf31], 
PUP.Optional.CrossRider, C:\Users\USER-HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, En quarantaine, [0366404a2a6f3ef8e835e79f9f659967], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\7b@m.net\content\bg.js, En quarantaine, [4920701a6534f046c8178602ec18c739], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\7b@m.net\bootstrap.js, En quarantaine, [4920701a6534f046c8178602ec18c739], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\7b@m.net\chrome.manifest, En quarantaine, [4920701a6534f046c8178602ec18c739], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\7b@m.net\install.rdf, En quarantaine, [4920701a6534f046c8178602ec18c739], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\EOT@Z.com\content\bg.js, En quarantaine, [8edbd4b6d1c88caa31ae7612d133df21], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\EOT@Z.com\bootstrap.js, En quarantaine, [8edbd4b6d1c88caa31ae7612d133df21], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\EOT@Z.com\chrome.manifest, En quarantaine, [8edbd4b6d1c88caa31ae7612d133df21], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\EOT@Z.com\install.rdf, En quarantaine, [8edbd4b6d1c88caa31ae7612d133df21], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ld@nDobm.org\content\bg.js, En quarantaine, [38316228e4b5e74f4996bbcd0ff5b24e], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ld@nDobm.org\bootstrap.js, En quarantaine, [38316228e4b5e74f4996bbcd0ff5b24e], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ld@nDobm.org\chrome.manifest, En quarantaine, [38316228e4b5e74f4996bbcd0ff5b24e], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ld@nDobm.org\install.rdf, En quarantaine, [38316228e4b5e74f4996bbcd0ff5b24e], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ZD@noA.com\content\bg.js, En quarantaine, [94d5c0cabddc63d322bdbbcdab5926da], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ZD@noA.com\bootstrap.js, En quarantaine, [94d5c0cabddc63d322bdbbcdab5926da], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ZD@noA.com\chrome.manifest, En quarantaine, [94d5c0cabddc63d322bdbbcdab5926da], 
PUP.Optional.MultiPlug, C:\Users\Invité\AppData\Roaming\Mozilla\Firefox\Profiles\j2jfv40c.default\extensions\staged\ZD@noA.com\install.rdf, En quarantaine, [94d5c0cabddc63d322bdbbcdab5926da], 
PUP.Optional.Privoxy, C:\Users\USER-HP\AppData\Roaming\Windows Cleaner\Windows Cleaner.exe, En quarantaine, [42275f2bebaee4522a98c4c5a95bc53b], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2\chrome.manifest, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2\install.rdf, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2\content\load.js, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2\content\overlay.xul, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.Helper, C:\Users\USER-HP\AppData\Roaming\Mozilla\Firefox\Profiles\9nm5h55w.default-1438282240751\extensions\firefox@helper2\content\style.css, En quarantaine, [5d0c4d3d6e2b12248a00c852ff047f81], 
PUP.Optional.SecureWeb, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\882acb6c0dae4f6cf90f2e88aed415db\content\load.js, En quarantaine, [c6a3fd8d495037ff9e88ca7c8481ad53], 
PUP.Optional.SecureWeb, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\882acb6c0dae4f6cf90f2e88aed415db\content\overlay.xul, En quarantaine, [c6a3fd8d495037ff9e88ca7c8481ad53], 
PUP.Optional.SecureWeb, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\882acb6c0dae4f6cf90f2e88aed415db\chrome.manifest, En quarantaine, [c6a3fd8d495037ff9e88ca7c8481ad53], 
PUP.Optional.SecureWeb, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\882acb6c0dae4f6cf90f2e88aed415db\install.rdf, En quarantaine, [c6a3fd8d495037ff9e88ca7c8481ad53], 

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)