Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 05/09/2014
Heure de l'examen: 19:20:21
Fichier journal: Malwarebytes journal.txt
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.09.05.06
Base de donn�es Rootkits: v2014.08.21.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Slyr
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 368244
Temps �coul�: 20 min, 34 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 1
PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, 536, Supprim�-au-red�marrage, [51b99e4c38431125e2f34b62eb16728e]
Modules: 0
(No malicious items detected)
Cl�s du Registre: 10
PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update ClearThink, Mis en quarantaine, [51b99e4c38431125e2f34b62eb16728e],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{06e035f9-c6b3-4ae7-a839-ba68791f5499}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{06e035f9-c6b3-4ae7-a839-ba68791f5499}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\ClearThink, Mis en quarantaine, [090136b4a8d3ea4c0893c49b867ea957],
PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util ClearThink, Mis en quarantaine, [40ca856592e9af877e205807f50fa35d],
PUP.Optional.ClearThink.A, HKU\S-1-5-21-817256076-2237896415-224119137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ClearThink, Supprim�-au-red�marrage, [49c17773d5a696a05a4262fd06fe9e62],
Valeurs du Registre: 0
(No malicious items detected)
Donn�es du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 13
PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, Supprim�-au-red�marrage, [51b99e4c38431125e2f34b62eb16728e],
Trojan.Patched, C:\Program Files (x86)\Metro Last Light\steam_api.dll, Mis en quarantaine, [fa109951c6b5cc6a01e3cd8ae22009f7],
PUP.Optional.SearchHijacker.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RJXRBZ1.exe, Mis en quarantaine, [d733ffeb1a61aa8c3a7a1a92d62bfa06],
PUP.Optional.ClearThink.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RKKOV1I.zip, Mis en quarantaine, [64a6d01a98e3e05609cc5c51b05134cc],
PUP.Optional.ClearThink.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$R8331LV.dll, Mis en quarantaine, [0a009a5067144aecac28f3ba45bc31cf],
PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.BrowserAdapterS.dll, Mis en quarantaine, [8882e208cbb0a78fee02494a8978768a],
PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.FeSvc.dll, Mis en quarantaine, [b159e307de9dde5844225a462cd58080],
PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.PurBrowseG.dll, Mis en quarantaine, [7d8d01e9e79490a6c859f590fb0648b8],
PUP.Optional.SearchProtect.A, C:\Users\Slyr\AppData\Local\Temp\utt5570.tmp.exe, Mis en quarantaine, [ec1e03e7403b8babadd03e5133cef40c],
PUP.Optional.OneClickDownloader.A, C:\Users\Slyr\Downloads\Pounding_The_Pledges_XXX_DVDRip_XviD-Pr0nStarS.exe, Mis en quarantaine, [ce3c6387433888aeba96869a7b86827e],
PUP.Optional.OpenCandy, C:\Users\Slyr\Downloads\DAEMONToolsUltra240-0280.exe, Mis en quarantaine, [9476b436bbc02f075cbec94cda2b7987],
PUP.Optional.SweetPage.A, C:\Users\Slyr\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage": "http://www.sweet-page.com/?type=hp&ts=1409601068&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51AB33792737927",), Remplac�,[cf3b72788eed6dc9d43d1211897c738d]
PUP.Optional.SweetPage.A, C:\Users\Slyr\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1409601068&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51AB33792737927" ],), Remplac�,[ae5c4c9ee09bf44274a0180bcc39ce32]
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 05/09/2014
Heure de l'examen: 19:20:21
Fichier journal: Malwarebytes journal.txt
Administrateur: Oui
Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.09.05.06
Base de donn�es Rootkits: v2014.08.21.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)
Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Slyr
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 368244
Temps �coul�: 20 min, 34 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)
Processus: 1
PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, 536, Supprim�-au-red�marrage, [51b99e4c38431125e2f34b62eb16728e]
Modules: 0
(No malicious items detected)
Cl�s du Registre: 10
PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update ClearThink, Mis en quarantaine, [51b99e4c38431125e2f34b62eb16728e],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{06e035f9-c6b3-4ae7-a839-ba68791f5499}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D8972B0D-B0FB-4158-A567-365283693AD6}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{06e035f9-c6b3-4ae7-a839-ba68791f5499}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7E6D4E3E-FC66-4036-9799-CE5C625C4C56}, Mis en quarantaine, [7496c129413a3501b45c1f5c24deb848],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\WOW6432NODE\ClearThink, Mis en quarantaine, [090136b4a8d3ea4c0893c49b867ea957],
PUP.Optional.ClearThink.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util ClearThink, Mis en quarantaine, [40ca856592e9af877e205807f50fa35d],
PUP.Optional.ClearThink.A, HKU\S-1-5-21-817256076-2237896415-224119137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ClearThink, Supprim�-au-red�marrage, [49c17773d5a696a05a4262fd06fe9e62],
Valeurs du Registre: 0
(No malicious items detected)
Donn�es du Registre: 0
(No malicious items detected)
Dossiers: 0
(No malicious items detected)
Fichiers: 13
PUP.Optional.ClearThink.A, C:\Program Files (x86)\ClearThink\updateClearThink.exe, Supprim�-au-red�marrage, [51b99e4c38431125e2f34b62eb16728e],
Trojan.Patched, C:\Program Files (x86)\Metro Last Light\steam_api.dll, Mis en quarantaine, [fa109951c6b5cc6a01e3cd8ae22009f7],
PUP.Optional.SearchHijacker.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RJXRBZ1.exe, Mis en quarantaine, [d733ffeb1a61aa8c3a7a1a92d62bfa06],
PUP.Optional.ClearThink.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RKKOV1I.zip, Mis en quarantaine, [64a6d01a98e3e05609cc5c51b05134cc],
PUP.Optional.ClearThink.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$R8331LV.dll, Mis en quarantaine, [0a009a5067144aecac28f3ba45bc31cf],
PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.BrowserAdapterS.dll, Mis en quarantaine, [8882e208cbb0a78fee02494a8978768a],
PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.FeSvc.dll, Mis en quarantaine, [b159e307de9dde5844225a462cd58080],
PUP.Optional.Sanbreel.A, C:\$Recycle.Bin\S-1-5-21-817256076-2237896415-224119137-1002\$RFESQO4\ClearThink.PurBrowseG.dll, Mis en quarantaine, [7d8d01e9e79490a6c859f590fb0648b8],
PUP.Optional.SearchProtect.A, C:\Users\Slyr\AppData\Local\Temp\utt5570.tmp.exe, Mis en quarantaine, [ec1e03e7403b8babadd03e5133cef40c],
PUP.Optional.OneClickDownloader.A, C:\Users\Slyr\Downloads\Pounding_The_Pledges_XXX_DVDRip_XviD-Pr0nStarS.exe, Mis en quarantaine, [ce3c6387433888aeba96869a7b86827e],
PUP.Optional.OpenCandy, C:\Users\Slyr\Downloads\DAEMONToolsUltra240-0280.exe, Mis en quarantaine, [9476b436bbc02f075cbec94cda2b7987],
PUP.Optional.SweetPage.A, C:\Users\Slyr\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "homepage": "http://www.sweet-page.com/?type=hp&ts=1409601068&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51AB33792737927",), Remplac�,[cf3b72788eed6dc9d43d1211897c738d]
PUP.Optional.SweetPage.A, C:\Users\Slyr\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1409601068&from=cor&uid=WDCXWD10JPVX-22JC3T0_WD-WX51AB33792737927" ],), Remplac�,[ae5c4c9ee09bf44274a0180bcc39ce32]
Secteurs physiques: 0
(No malicious items detected)
(end)