cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 17/12/2014
Heure de l'examen: 17:45:00
Fichier journal: MBAM.txt
Administrateur: Oui

Version: 2.00.4.1028
Base de donn�es Malveillants: v2014.12.17.03
Base de donn�es Rootkits: v2014.12.14.01
Licence: Essai
Protection contre les malveillants: Activ�(e)
Protection contre les sites Web malveillants: Activ�(e)
Auto-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Mathieu

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 455431
Temps �coul�: 16 min, 13 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristique: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(Aucun �l�ment malicieux detect�)

Modules: 0
(Aucun �l�ment malicieux detect�)

Cl�s du Registre: 8
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, Mis en quarantaine, [34b3ef74f785191deb6b3b9502029070],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, Mis en quarantaine, [cc1bf66d0f6d76c0d1e6213118eb0df3],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, Mis en quarantaine, [b3345f047efe86b021353f9133d109f7],
PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, Mis en quarantaine, [eafd11526814ed496eae2a7e9074ee12],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, Mis en quarantaine, [8e59b4af4933fb3bdf7dcd9e58ab59a7],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-1062012398-3580864159-2090864348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, Mis en quarantaine, [3bacfc677a02a096282fc50b9074d32d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1062012398-3580864159-2090864348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Mis en quarantaine, [e9fe92d1146834027b6fc4d0a162768a],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1062012398-3580864159-2090864348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Mis en quarantaine, [3daa8ed5592304329079b4f7c044d22e],

Valeurs du Registre: 3
PUP.Optional.FreeMakeConverter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|fmconverter@gmail.com, C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\, Mis en quarantaine, [c81fb8ab84f8fe3817b048114ab92ad6]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\WINDOWS\system32\drivers\SPPD.sys, Mis en quarantaine, [8e59b4af4933fb3bdf7dcd9e58ab59a7]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1062012398-3580864159-2090864348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, Mis en quarantaine, [3daa8ed5592304329079b4f7c044d22e]

Donn�es du Registre: 1
PUP.Optional.Astromenda.A, HKU\S-1-5-21-1062012398-3580864159-2090864348-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://astromenda.com/?f=1&a=ast_tele_14_41_ch&cd=2XzuyEtN2Y1L1QzuyC0CyBtC0DzytC0F0D0A0DzyyBtC0BtAtN0D0Tzu0StCtDtCtCtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyC0BzyzytAtDzztGzz0ByBzztG0ByB0BzztG0B0CyCyDtGyD0AyB0FyD0EyB0E0D0FzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0FyEtBzzyEzz0AtGzztCyCyDtGyE0C0FyEtGzy0B0D0AtG0AyDyBtD0A0A0AtA0D0FzzyE2Q&cr=1353222928&ir=, Bon: (www.google.com), Mauvais: (http://astromenda.com/?f=1&a=ast_tele_14_41_ch&cd=2XzuyEtN2Y1L1QzuyC0CyBtC0DzytC0F0D0A0DzyyBtC0BtAtN0D0Tzu0StCtDtCtCtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyC0BzyzytAtDzztGzz0ByBzztG0ByB0BzztG0B0CyCyDtGyD0AyB0FyD0EyB0E0D0FzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0FyEtBzzyEzz0AtGzztCyCyDtGyE0C0FyEtGzy0B0D0AtG0AyDyBtD0A0A0AtA0D0FzzyE2Q&cr=1353222928&ir=),Remplac�,[07e01b48adcf3bfb7245d79c6a9b21df]

Dossiers: 4
Rogue.Multiple, C:\ProgramData\374311380, Mis en quarantaine, [a1462b38a3d95cda27f07b9438cb5ba5],
PUP.Optional.OpenCandy, C:\Users\Mathieu\AppData\Roaming\OpenCandy, Mis en quarantaine, [4a9ddc87b6c66acc6841a07ebe45d32d],
PUP.Optional.OpenCandy, C:\Users\Mathieu\AppData\Roaming\OpenCandy\4183595D687C4E88BC04994CF68BD2E6, Mis en quarantaine, [4a9ddc87b6c66acc6841a07ebe45d32d],
PUP.Optional.OpenCandy, C:\Users\Mathieu\AppData\Roaming\OpenCandy\59591C93A7DB453CA5DDE51AEAE87E70, Mis en quarantaine, [4a9ddc87b6c66acc6841a07ebe45d32d],

Fichiers: 17
PUP.Optional.OpenCandy.A, C:\Users\Mathieu\AppData\Roaming\OpenCandy\4183595D687C4E88BC04994CF68BD2E6\rcmswdlm_279.exe, Mis en quarantaine, [7176d0934b313105bd3279c39d6449b7],
PUP.Optional.Conduit.A, C:\Users\Mathieu\AppData\Roaming\OpenCandy\59591C93A7DB453CA5DDE51AEAE87E70\sp-downloader.exe, Mis en quarantaine, [c027065dbfbd8fa7ad8055e5c33e44bc],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsa2F51.exe, Mis en quarantaine, [8760481b314b68cecc77257b6c9554ac],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsdF777.exe, Mis en quarantaine, [61860f549ce0ec4aa89be9b7dd246f91],
PUP.Optional.Conduit.A, C:\Windows\Temp\nseD1BF.exe, Mis en quarantaine, [c5228ad90e6e7fb7e95a6b35e12048b8],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsg3A4D.exe, Mis en quarantaine, [6b7c5e0599e37db92221e4bc0df456aa],
PUP.Optional.Conduit.A, C:\Windows\Temp\nskA9F8.exe, Mis en quarantaine, [10d78fd4b6c62115f74c67396e939967],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsn9CC3.exe, Mis en quarantaine, [9750b2b1552762d456edebb50bf62cd4],
PUP.Optional.Conduit.A, C:\Windows\Temp\nst38D3.exe, Mis en quarantaine, [7c6b0c57bebe90a6af94f4acf40d1ce4],
PUP.Optional.Conduit.A, C:\Windows\Temp\nstE6ED.exe, Mis en quarantaine, [36b113500f6dda5ce55e217f05fc58a8],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsw7F05.exe, Mis en quarantaine, [86613a2968145bdb90b35f41738e6a96],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsx3D30.exe, Mis en quarantaine, [29beca99eb915fd748fb821ea1600af6],
PUP.Optional.AZLyrics.A, C:\Users\Mathieu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage, Mis en quarantaine, [1ec9e3800f6d30061ddccd8746bd23dd],
PUP.Optional.AZLyrics.A, C:\Users\Mathieu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal, Mis en quarantaine, [03e4e182f08c290d42b789cbb54ef10f],
Rogue.Multiple, C:\ProgramData\374311380\BITE004.tmp, Mis en quarantaine, [a1462b38a3d95cda27f07b9438cb5ba5],
PUP.Optional.OpenCandy, C:\Users\Mathieu\AppData\Roaming\OpenCandy\4183595D687C4E88BC04994CF68BD2E6\3217.ico, Mis en quarantaine, [4a9ddc87b6c66acc6841a07ebe45d32d],
PUP.Optional.OpenCandy, C:\Users\Mathieu\AppData\Roaming\OpenCandy\4183595D687C4E88BC04994CF68BD2E6\speedupmypcFR_p3v1.exe, Mis en quarantaine, [4a9ddc87b6c66acc6841a07ebe45d32d],

Secteurs physiques: 0
(Aucun �l�ment malicieux detect�)


(end)

Publicité


Signaler le contenu de ce document

Publicité