cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 12/10/2015
Heure de l'analyse: 13:17
Fichier journal: rapport malware.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.10.11.05
Base de données de rootkits: v2015.10.06.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: imane

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 494197
Temps écoulé: 1 h, 23 min, 25 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 9
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, En quarantaine, [b1001f36c1ca0d29b7d5629c877b30d0],
PUP.Optional.RobinHood, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iidmoehhpbghchkaogkhmcckhlhebekn, En quarantaine, [2b86c392810add59aefcf2da867e32ce],
PUP.Optional.SlickSavings, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, En quarantaine, [ac050f460e7def47d469656dc14306fa],
PUP.Optional.DealPly, HKU\S-1-5-21-3607479210-5047180-1821071610-1001\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, En quarantaine, [ded3e96c4348d561c4441d8f34d0bc44],
PUP.Optional.DataMngr, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\Datamngr, En quarantaine, [38794213533870c6c8ebfdae1aea827e],
PUP.Optional.InstallCore, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\InstallCore, En quarantaine, [dad757feeba00e282d37d6e3ad57ca36],
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\mysearchdial, En quarantaine, [3f7292c33a51a294887bc004c0447789],
PUP.Optional.AdLyrics, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\APPDATALOW\SOFTWARE\XingHaoLyrics, En quarantaine, [704162f3b0db46f017e56d2e23e10ef2],
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7A14AD9A-02BD-426D-805E-30C98F4CC465}, En quarantaine, [7f32b79ecdbe290df012695b18ecbb45],

Valeurs du registre: 6
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7A14AD9A-02BD-426D-805E-30C98F4CC465}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103aw&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyCtCyB0DzzyDyEtB0E0CtN0D0Tzu0CyByBtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1763924188&ir=, En quarantaine, [7f32b79ecdbe290df012695b18ecbb45]
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7A14AD9A-02BD-426D-805E-30C98F4CC465}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103aw&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyCtCyB0DzzyDyEtB0E0CtN0D0Tzu0CyByBtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1763924188&ir=, En quarantaine, [1d947fd6a7e473c3b44e24a0cc387b85]
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7A14AD9A-02BD-426D-805E-30C98F4CC465}|FaviconPath, C:\Users\Invité\AppData\Local\Mysearchdial\1.8.21.0\FavIcon.ico, En quarantaine, [258cf2633b50db5b28da5d67ce365ea2]
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7A14AD9A-02BD-426D-805E-30C98F4CC465}, Mysearchdial, En quarantaine, [4a67eb6a6a21d1653bc7309457ad2cd4]
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{7A14AD9A-02BD-426D-805E-30C98F4CC465}|DisplayName, Mysearchdial, En quarantaine, [cde492c399f267cfcc36f5cf8b799c64]
PUP.Optional.AdLyrics, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|lrcspal@xinghao.net, C:\Program Files (x86)\XingHaoLyrics\FF\, En quarantaine, [e4cdea6b7c0f30061fea7f1dbc48bb45]

Données du registre: 1
PUP.Optional.MySearchDial, HKU\S-1-5-21-3607479210-5047180-1821071610-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.mysearchdial.com/?f=1&a=irmsd0103aw&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyCtCyB0DzzyDyEtB0E0CtN0D0Tzu0CyByBtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1763924188&ir=, Bon : (www.google.com), Mauvais : (http://start.mysearchdial.com/?f=1&a=irmsd0103aw&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEyCtCyB0DzzyDyEtB0E0CtN0D0Tzu0CyByBtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1763924188&ir=),Remplacé,[7e336ee7810afd39380f2b67739246ba]

Dossiers: 1
PUP.Optional.DataMngr, C:\Users\imane\AppData\LocalLow\DataMngr, En quarantaine, [3d74e471f9923ff741632800f60d28d8],

Fichiers: 5
PUP.Optional.InstallCore, C:\Users\Invité\AppData\Local\Temp\ICReinstall_installer_virtual_dj_French.exe, En quarantaine, [dcd5cb8a375461d52fe380f7917456aa],
PUP.Optional.InstallCore, C:\Users\Invité\AppData\Local\Temp\Mysearchdial.exe.9381478, En quarantaine, [2b86d382a7e40f272655fbf66d9415eb],
PUP.Optional.DataMngr, C:\Users\imane\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, En quarantaine, [3d74e471f9923ff741632800f60d28d8],
PUP.Optional.DataMngr, C:\Users\imane\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}64, En quarantaine, [3d74e471f9923ff741632800f60d28d8],
PUP.Optional.Spigot, C:\Users\imane\AppData\Roaming\Mozilla\Firefox\Profiles\2h17rum8.default\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "http://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=");), Remplacé,[4968163fb9d2b97dc3b24e7ced18df21]

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité