cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 04/09/2015
Heure de l'analyse: 15:16
Fichier journal: rapport Mamb.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.09.04.05
Base de données de rootkits: v2015.08.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Agnès Laurent

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 436457
Temps écoulé: 1 h, 6 min, 50 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 7
PUP.Optional.AffiliatedUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AffiliatedUpdate, , [11d4c962c9c225115ef2d7a1ed17f709],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct2504091, , [6481210a0e7d1224c5f62102a06317e9],
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [a63fbd6e1d6e3df908c3951c5ca8817f],
PUP.Optional.TornTV, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [c22370bb058614229d676c49d82c6d93],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-57572251-4058249640-4065957296-1001\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct2504091, , [12d377b46823181edcda1b0858ab3ec2],
PUP.Optional.Spigot, HKU\S-1-5-21-57572251-4058249640-4065957296-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{086721B5-D18B-4CA4-A6BD-55E1B9CDA2CB}, , [bf26e64591fafc3af826ddd3a3615ba5],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-57572251-4058249640-4065957296-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CHCT2504091, , [3ea745e64f3cd264bd3da3ca9d67f50b],

Valeurs du registre: 1
PUP.Optional.Spigot, HKU\S-1-5-21-57572251-4058249640-4065957296-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{086721B5-D18B-4CA4-A6BD-55E1B9CDA2CB}|URL, https://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}, , [bf26e64591fafc3af826ddd3a3615ba5]

Données du registre: 1
PUP.Optional.Spigot, HKU\S-1-5-21-57572251-4058249640-4065957296-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/?type=994519&fr=spigot-yhp-ie, Bon : (www.google.com), Mauvais : (https://fr.search.yahoo.com/?type=994519&fr=spigot-yhp-ie),,[578eb972ccbf41f51af9174d4cb9d828]

Dossiers: 3
PUP.Optional.ConduitTB.Gen, C:\Users\Agnès Laurent\AppData\Local\CRE, , [a441a18aafdcf541ca8de242f013be42],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate, , [e203aa81206bf73fa7e523936b996b95],

Fichiers: 28
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\SearchProtectionSetup.exe, , [c520ab801873b97da06f8c0aa36209f7],
PUP.Optional.Yontoo, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\updategrabrez.exe.VIR, , [7d68210a8b00082e1e0f5d3bea1b30d0],
PUP.Optional.Yontoo, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\utilgrabrez.exe.VIR, , [df0603283b50e84e210c6632877eec14],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\BrowserExtensions\Button.exe, , [f1f43af18704f442b25dd0c642c345bb],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\BrowserExtensions\Button64.exe, , [1dc80f1cacdf44f263ac187e778e639d],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\BrowserExtensions\ButtonWrap.dll, , [a144c06bd4b79c9acf40c1d511f431cf],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\BrowserExtensions\ButtonWrap64.dll, , [0fd653d86724b97d14fbf6a03cc9d729],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\BrowserExtensions\Coupons64.dll, , [6283e5462b6057df2de24056bd48d927],
PUP.Optional.Sambreel, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\grabrez.DIR\GrabRez.FirstRun.exe, , [e3024ae190fbfe38030b4975f8094fb1],
PUP.Optional.Yontoo, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\grabrez.DIR\updateGrabRez.exe, , [37aea08b197239fdb17c58406f96f30d],
PUP.Optional.Yontoo, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\grabrez.DIR\bin\utilGrabRez.exe, , [489dfc2f96f5db5b81ac7a1ece376a96],
PUP.Optional.Yontoo, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\grabrez.DIR\GrabRez\updateGrabRez.exe, , [b5307dae2e5dcf6730fd6d2b8b7ab749],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\ZHP\Quarantine\Spigot\SearchProtectionStub.exe, , [7174ff2cbbd064d21ff04c4a15f00df3],
PUP.Optional.ConduitTB.Gen, C:\Users\Agnès Laurent\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx, , [a441a18aafdcf541ca8de242f013be42],
PUP.Optional.AffiliatedUpdate, C:\Windows\System32\Tasks\AffiliatedUpdate, , [33b2bb70137874c295b91c5cb94b2bd5],
PUP.Optional.AffiliatedUpdate, C:\Windows\Tasks\AffiliatedUpdate.job, , [eef70d1eff8c3bfb6ee191e77f852dd3],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\yahoo_ff.xml, , [aa3b56d5cac12e0847d3902021e324dc],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\eiso4ob3.default\searchplugins\yahoo_ff.xml, , [3ea7ad7ebccf201660ba80301ce81fe1],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc\prod.dat, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc\config.dat, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc\info.dat, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc\STTL.DAT, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc\TTL.DAT, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.UpdateProc, C:\Users\Agnès Laurent\AppData\Roaming\AffiliatedUpdate\UpdateProc\UpdateTask.exe, , [e203aa81206bf73fa7e523936b996b95],
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "https://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=");), ,[e2038f9c3c4f87afc5043763c34233cd]
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js, Bon : (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (browser.startup.homepage", "https://fr.search.yahoo.com/?type=994519&fr=spigot-), ,[9550e04bbecdbb7b5b27d3cda1640df3]
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\eiso4ob3.default\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "https://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p=");), ,[8362ff2cdead55e12c9d801a7095867a]
PUP.Optional.Spigot, C:\Users\Agnès Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\eiso4ob3.default\prefs.js, Bon : (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (browser.startup.homepage", "https://fr.search.yahoo.com/?type=994519&fr=spigot-), ,[7f66b07bf992f3432d55940c996cb14f]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité