cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 22/10/36
Heure de l'analyse: 08:59 ã
Fichier journal: 11111.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.08.07.04
Base de données de rootkits: v2015.08.06.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: dell

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 356930
Temps écoulé: 18 min, 56 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 19
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [778945c1b8d3a19555e473209171f20e],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [778945c1b8d3a19555e473209171f20e],
PUP.Optional.StartPage.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{598AC71E-BE58-3981-B78A-5C138F423AD6}, En quarantaine, [6a96ce38dab16acceef70fbe8b77b24e],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\TYPELIB\{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\INTERFACE\{63D2A451-3351-178C-7BC4-13C4D58A7652}, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.Vonteera, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{63D2A451-3351-178C-7BC4-13C4D58A7652}, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{63D2A451-3351-178C-7BC4-13C4D58A7652}, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.Vonteera, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.Vonteera, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{3FC2D59A-5C76-1E97-30DC-1EC6784419E5}, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT1561552, En quarantaine, [7789c73f68232412c6f5a6fd55af857b],
PUP.Optional.Ext, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\4CEFD9B73D6C-1CRMOI2, Supprimer au redémarrage, [02fe46c0216a3bfb83462fe5956e01ff],
PUP.Optional.Updater.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\9A5A8340-6B15, Supprimer au redémarrage, [c33ded19f09bb581a12ada39649faa56],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT1561552, En quarantaine, [45bb27df404bb284c9f2b8eb23e18c74],
PUP.Optional.InstallCore.C, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\InstallCore, En quarantaine, [18e80105dab1d363c5cd762ff90bfc04],
PUP.Optional.NoVooIT.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\NoVooIT, En quarantaine, [8080f511c7c45bdb29e152eb838046ba],
PUP.Optional.NoVooIT.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\NoVooITSet, En quarantaine, [c43cac5ae4a7c373abca2008b44f13ed],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\Tbccint, En quarantaine, [4cb47a8c800b8ea8b029901310f4bd43],
PUP.Optional.Conduit.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\Tbccint_HKLM, En quarantaine, [c937060004878bab94ce772cb54fb34d],
PUP.Optional.Vonteera.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\Vonteera Safe ads, En quarantaine, [46ba7f87e9a2b48210fe57e6ff0415eb],

Valeurs du registre: 3
PUP.Optional.Trovi.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MAAAE86D5-B0A2-4D75-824B-D266C4FFD35F&SearchSource=58&CUI=&UM=6&UP=SPFF78F080-2F2F-4328-BAD6-7B89E8E3F7DE&q={searchTerms}&SSPV=, En quarantaine, [b94786807219d3632cdee4b6e91ba060]
PUP.Optional.Conduit.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, En quarantaine, [619fdf27fa9166d07eca51ca5aa9ce32]
PUP.Optional.Trovi.A, HKU\S-1-5-21-506657601-157788839-3318356469-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi search, En quarantaine, [35cb0bfb117a2b0b54b65a40b45031cf]

Données du registre: 0
(Aucun élément malveillant détecté)

Dossiers: 10
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy\C89F0B2B2BCD4FBCA68A88FE7E1A1725, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy\DA0892A956CF4DA8BCB54D8E195FC76F, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.ARHome.A, C:\Users\dell\AppData\Roaming\ARHome, En quarantaine, [669aff07fc8f2313be5e698ee0229f61],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\skin, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.VolIE.A, C:\Users\dell\AppData\Roaming\VolIE, En quarantaine, [c33dd234612abe786855b95427dc5ea2],
PUP.Optional.Conduit.A, C:\Program Files (x86)\Tbccint, En quarantaine, [33cdf610d8b33afc2427bc53c53e758b],

Fichiers: 28
PUP.Optional.InstallCore, C:\Users\dell\AppData\Roaming\0F1L1I1P0H1L1E1E1F\Foxit Reader Packages\uninstaller.exe, En quarantaine, [45bbbe48fc8f80b6a194ce0b38c902fe],
PUP.Optional.OpenCandy.A, C:\Users\dell\AppData\Roaming\OpenCandy\C89F0B2B2BCD4FBCA68A88FE7E1A1725\dm.exe, En quarantaine, [c23e29ddb2d96bcb92969364619f9c64],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\RHEng\B9EA4158D9BE4B18B138CA24B99D39D0\dlm312b.exe, En quarantaine, [f709b55146459b9b6a6dcfdd23de8e72],
PUP.Optional.Opencandy, C:\Users\dell\AppData\Roaming\rmi\offer_downloader.exe, En quarantaine, [718fa660bbd02511f87280ed3fc353ad],
PUP.Optional.Vonteera, C:\Users\dell\AppData\Roaming\VolIE\FoxPro_32.dll, En quarantaine, [12eee026f19a61d59c94b12824dd7090],
PUP.Optional.Vonteera, C:\Users\dell\AppData\Roaming\VolIE\FoxPro_64.dll, En quarantaine, [dc247f87ed9eeb4b84ab3c9d03feb44c],
PUP.Optional.BundleInstaller, C:\Users\dell\Downloads\installer______1_1_beta_portable_Arabic.exe, En quarantaine, [eb1535d1a3e852e46f250d1452b38977],
PUP.Optional.Vonteera.A, C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\xwibiqxs.default\searchPlugins\VenteeRo.xml, En quarantaine, [0ff1a75f612ac86ea468cc7131d2d52b],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy\C89F0B2B2BCD4FBCA68A88FE7E1A1725\6834.ico, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy\C89F0B2B2BCD4FBCA68A88FE7E1A1725\PokkiInstaller.exe, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy\C89F0B2B2BCD4FBCA68A88FE7E1A1725\PokkiPACK_Stp3v5.exe, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Roaming\OpenCandy\DA0892A956CF4DA8BCB54D8E195FC76F\TuneUpUtilities2014WORLDW1D_en-US.exe, En quarantaine, [926ee91d3754e35362856c73d82a03fd],
PUP.Optional.ARHome.A, C:\Users\dell\AppData\Roaming\ARHome\qhnsjt.dat, En quarantaine, [669aff07fc8f2313be5e698ee0229f61],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome.manifest, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\install.rdf, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\filesrv.js, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\globals.js, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\main.js, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\main.xul, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\prefs.js, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\tabs_listener.js, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\skin\Vonteera-48-48.png, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.Vonteera.A, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\addon@Vonteera.com\chrome\content\skin\vonteera.ico, En quarantaine, [e11f1fe790fbfd3947325bae3ac925db],
PUP.Optional.VolIE.A, C:\Users\dell\AppData\Roaming\VolIE\onload.js, En quarantaine, [c33dd234612abe786855b95427dc5ea2],
PUP.Optional.Vonteera.A, C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\xwibiqxs.default\prefs.js, Bon : (), Mauvais : (user_pref("browser.search.order.1", "VenteeRo");), Remplacé,[7d8307ffd8b3171fb3fd6a1a17eedf21]
PUP.Optional.Vonteera.A, C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\xwibiqxs.default\prefs.js, Bon : (), Mauvais : (e while the application is running,
* the changes wil), Remplacé,[827e07ff5b3030063e7295ef020332ce]
PUP.Optional.ArabyOnline.A, C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\xwibiqxs.default\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "http://www.arabyonline.com/search.php?src=1000&q={searchTerms}");), Remplacé,[b848d333d6b558deff8694f23dc88e72]
PUP.Optional.ArabyOnline.A, C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\xwibiqxs.default\prefs.js, Bon : (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (browser.startup.homepage", "http://www.arabyonline.com), Remplacé,[60a009fded9e92a475df790f22e3bc44]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité