cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'examen: 24/06/2014
Heure de l'examen: 01:03:43
Fichier journal: exam menace.txt
Administrateur: Oui

Version: 2.00.2.1012
Base de donn�es Malveillants: v2014.06.23.12
Base de donn�es Rootkits: v2014.06.20.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Self-protection: D�sactiv�(e)

Syst�me d'exploitation: Windows 8.1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: Dominique

Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 378933
Temps �coul�: 7 min, 51 sec

M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Heuristics: Activ�(e)
PUP: Activ�(e)
PUM: Activ�(e)

Processus: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Cl�s du Registre: 10
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-4081526364-3339032386-3191456734-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{06C616B6-FEE6-7B00-A1E5-424FFD13BB22}, Mis en quarantaine, [0ade7ffceb90d2648d9add67897921df],
PUP.Optional.Pricora.A, HKLM\SOFTWARE\WOW6432NODE\Pricora 1.1, Mis en quarantaine, [8f59b1cafc7f60d65652cff75ca625db],
PUP.Optional.HQVPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQ-VPro-1.9, Mis en quarantaine, [e305cfac9fdcf343e36636810af850b0],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Mis en quarantaine, [6583bfbc0d6e75c15cd208b635cd58a8],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.1, Mis en quarantaine, [5791a2d996e546f0d3f6388613ef8a76],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PlusHD Cod, Mis en quarantaine, [46a23a41d5a6c274087abcef35cdde22],
PUP.Optional.Pricora.A, HKU\S-1-5-21-4081526364-3339032386-3191456734-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Pricora 1.1, Mis en quarantaine, [f4f40972582359dd83279d2936cc2bd5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4081526364-3339032386-3191456734-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Mis en quarantaine, [c028235888f3a98d0c2b14e222e14fb1],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-21-4081526364-3339032386-3191456734-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Mis en quarantaine, [dd0b5c1f6813ab8b58d64f6f79894db3],
PUP.Optional.Pricora.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Pricora 1.1, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],

Valeurs du Registre: 3
PUP.Optional.SearchCertified.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401652800000.000007&tguid=80415-23890-1401722644033-A0800C0BF224B6056648CC26B228DD9A&q=%s, Mis en quarantaine, [06e24734b5c632046d4eebbe1ee46799]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_fr_156, Mis en quarantaine, [f6f2bcbfdba0f640668507b0f70ba957],
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_fr_187, Mis en quarantaine, [31b78af1bac17db94c9fc1f654ae768a],

Donn�es du Registre: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplac�,[3aae7407d3a853e348b6641f8b79669a]
PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-4081526364-3339032386-3191456734-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401652800000.000007&tguid=80415-23890-1401722644033-A0800C0BF224B6056648CC26B228DD9A&q=%s, Bon: (http://www.google.com), Mauvais: (http://search.certified-toolbar.com?si=80415&st=bs&tid=23890&ver=6.3&ts=1401652800000.000007&tguid=80415-23890-1401722644033-A0800C0BF224B6056648CC26B228DD9A&q=%s),Remplac�,[1bcdc3b80a713204d6d588fccc38e61a]

Dossiers: 5
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0, Mis en quarantaine, [c523f784d9a2cc6a0d0350476f932dd3],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0, Mis en quarantaine, [6f7996e5f586bc7a5fb1366190724ab6],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],

Fichiers: 60
Trojan.Banker.Kreapixel, C:\Users\Dominique\AppData\Roaming\~uankygw.exe, Mis en quarantaine, [895f95e66f0c93a39977d66b629f03fd],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, Mis en quarantaine, [8662017ad4a79a9cdea8cd700df3728e],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, Mis en quarantaine, [75735e1d0d6ed561dac8cba207fd738d],
PUP.Optional.FlashPro, C:\Users\Dominique\Downloads\flashplayerpro-setup.exe, Mis en quarantaine, [70782d4e02799e980eeea0d3b45033cd],
PUP.Optional.Somoto.A, C:\Users\Dominique\Downloads\FLVPlayerSetup-Nb4HnIdcH.exe, Mis en quarantaine, [8662bcbf4d2ee4526f8e96763dc702fe],
PUP.Optional.InstalleRex, C:\Users\Dominique\Downloads\RP - DTL.zip.exe, Mis en quarantaine, [d4143d3eb4c741f5b7e8652346bbe41c],
PUP.Optional.DomaIQ, C:\Users\Dominique\Downloads\Java (1).exe, Mis en quarantaine, [6682017aff7cb284b4cd3210f30dc838],
PUP.Optional.DomalQ, C:\Users\Dominique\Downloads\Java (2).exe, Mis en quarantaine, [20c81962dc9f8aac6783096c6a9ae719],
PUP.Optional.DomalQ, C:\Users\Dominique\Downloads\Java (3).exe, Mis en quarantaine, [697fc3b8403b13238f5bc4b1848021df],
PUP.Optional.BundleInstaller.A, C:\Users\Dominique\Downloads\Java.exe, Mis en quarantaine, [29bfbcbf25561b1b9d5462e7748d12ee],
PUP.Optional.Tuguu, C:\Users\Dominique\Downloads\New player.exe, Mis en quarantaine, [2bbd334865162f0709e8a0a42ad6cf31],
PUP.Optional.NextInt, C:\Users\Dominique\Downloads\PDFCreator-1_7_2_setup.exe, Mis en quarantaine, [56920873176411250eda96d9ad57926e],
PUP.Optional.OptimumInstaller.A, C:\Users\Dominique\Downloads\Player-Chrome.exe, Mis en quarantaine, [6781621994e76ec82ef63f139d64b749],
PUP.Optional.MySearchDial.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iagcajndpnfncplednpbnkahadegklfa_0.localstorage, Mis en quarantaine, [a3457902accf2c0acd893f7b9e6457a9],
PUP.Optional.MySearchDial.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iagcajndpnfncplednpbnkahadegklfa_0.localstorage-journal, Mis en quarantaine, [9256413a0e6d6bcb5df9cbef689a9868],
PUP.Optional.MySearchDial.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iagcajndpnfncplednpbnkahadegklfa_0.localstorage, Mis en quarantaine, [10d81467077477bf1244dfdb699906fa],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, Mis en quarantaine, [5890a4d78cef7eb84eb54e70db279769],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage-journal, Mis en quarantaine, [9553295297e476c0b350c1fd2ad840c0],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage, Mis en quarantaine, [c4245c1fc6b50f276a99e2dc729006fa],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, Mis en quarantaine, [f8f0c9b2621938fe2e6a1ea75ca620e0],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-bho64.dll, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\1293297481.mxaddon, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\35497.crx, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\35497.xpi, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\360-35497.crx, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\8dbeccc3-0931-46a6-9571-7f235081a991-2.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\8dbeccc3-0931-46a6-9571-7f235081a991-3.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\8dbeccc3-0931-46a6-9571-7f235081a991-4.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\8dbeccc3-0931-46a6-9571-7f235081a991-5.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\background.html, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\bgNova.html, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-bg.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-bho.dll, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-codedownloader.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-nova.dll, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-nova.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1-novainstaller.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Pricora 1.1.ico, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\Uninstall.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.Pricora.A, C:\Program Files (x86)\Pricora 1.1\utils.exe, Mis en quarantaine, [8b5d8deed3a8a49232f1385b0101ed13],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0\1, Mis en quarantaine, [c523f784d9a2cc6a0d0350476f932dd3],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0\16, Mis en quarantaine, [6f7996e5f586bc7a5fb1366190724ab6],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000005.ldb, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000006.log, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\CURRENT, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOCK, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG.old, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\MANIFEST-000004, Mis en quarantaine, [5d8b017a4d2e72c4cc50841326dc2dd3],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000204.ldb, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000209.ldb, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000215.ldb, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000218.ldb, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\000225.log, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\CURRENT, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOCK, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\LOG.old, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.CrossRider.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd\MANIFEST-000223, Mis en quarantaine, [6a7ef18ae596ef47d3491087a35faf51],
PUP.Optional.DefaultSearch.A, C:\Users\Dominique\AppData\Local\Google\Chrome\User Data\Default\Preferences, Bon: (), Mauvais: ( "search_url": "http://www.default-search.net/search?sid=492&aid=148&itype=a&ver=12692&tm=357&src=ds&p={searchTerms}",), Remplac�,[9553d1aa13682e08307a3e73be4626da]

Secteurs physiques: 0
(No malicious items detected)


(end)

Publicité


Signaler le contenu de ce document

Publicité