cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 16/11/2015
Heure de l'analyse: 02:28
Fichier journal: malwarebytes 16.11.15.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.11.13.07
Base de données de rootkits: v2015.11.13.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Mon Pc

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 436449
Temps écoulé: 51 min, 5 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 16
PUP.Optional.SearchQu, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, En quarantaine, [4e3d89f4d2b9ea4c4dfde13199699e62],
PUP.Optional.SearchQu, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, En quarantaine, [4e3d89f4d2b9ea4c4dfde13199699e62],
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, En quarantaine, [4e3d89f4d2b9ea4c4dfde13199699e62],
PUP.Optional.Bandoo, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D717F81-9148-4F12-8568-69135F087DB0}, En quarantaine, [365598e52e5d21153dc1082730d239c7],
PUP.Optional.Bandoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9D717F81-9148-4F12-8568-69135F087DB0}, En quarantaine, [365598e52e5d21153dc1082730d239c7],
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9D717F81-9148-4F12-8568-69135F087DB0}, En quarantaine, [365598e52e5d21153dc1082730d239c7],
PUP.Optional.Bandoo, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D717F81-9148-4F12-8568-69135F087DB0}, En quarantaine, [365598e52e5d21153dc1082730d239c7],
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}, En quarantaine, [04878eef9dee999d66d19fef2fd429d7],
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce, En quarantaine, [3655433aa1ea74c2bf6fee97af547f81],
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7E203FF6-0306-4C02-9DA6-7653068FF4F9}, En quarantaine, [3e4d07768308c2742e1c4f104ab9e719],
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}, En quarantaine, [83089edfd4b7ac8a0c2b94fa4eb5ac54],
PUP.Optional.1ClickDownload, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\1ClickDownload, En quarantaine, [d6b5c7b6513ae74f0b2707553ec5f10f],
PUP.Optional.Conduit, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, En quarantaine, [e5a6ea9393f8fc3a3fee83e410f3e818],
PUP.Optional.SerachQU, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, En quarantaine, [404bb8c5c1ca69cd7efc93fc976c7e82],
PUP.Optional.Conduit, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{025345FC-78ED-4B0E-A323-D3C2C4AED7A4}, En quarantaine, [8a011766543795a1072c7cebb64d7789],
PUP.Optional.SearchQu, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}, En quarantaine, [e5a6740996f5fc3a7eb6830b8083936d],

Valeurs du Registre: 15
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Searchqu Toolbar, En quarantaine, [4e3d89f4d2b9ea4c4dfde13199699e62]
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{99079a25-328f-4bd4-be04-00955acaa0a7}, En quarantaine, [17741964f19a90a67eccf9195ea42bd5],
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}|URL, http://www.searchqu.com//web?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}, En quarantaine, [04878eef9dee999d66d19fef2fd429d7]
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php?src=ieb&appid=0&systemid=414&qu={searchTerms}&ft=json, En quarantaine, [b8d34f2e9af1b185d36490fe1ce7768a]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, En quarantaine, [92f9a9d449424fe7e37e5f35748e60a0]
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7E203FF6-0306-4C02-9DA6-7653068FF4F9}|AppPath, C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar, En quarantaine, [3e4d07768308c2742e1c4f104ab9e719]
PUP.Optional.Bandoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99079a25-328f-4bd4-be04-00955acaa0a7}|AppPath, C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar, En quarantaine, [1a7193eaafdc6bcbe664590608fb37c9]
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}|URL, http://www.searchqu.com//web?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}, En quarantaine, [83089edfd4b7ac8a0c2b94fa4eb5ac54]
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php?src=ieb&appid=0&systemid=414&qu={searchTerms}&ft=json, En quarantaine, [4d3e80fd9dee2511fa3d87073fc46e92]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, En quarantaine, [e1aae19cf794dd590e53266e0cf6e51b]
PUP.Optional.Conduit, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{025345FC-78ED-4B0E-A323-D3C2C4AED7A4}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282722&CUI=UN17741253933037214&UM=2&SSPV=TB_TIS, En quarantaine, [8a011766543795a1072c7cebb64d7789]
PUP.Optional.Conduit, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{025345FC-78ED-4B0E-A323-D3C2C4AED7A4}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&SearchSource=4&ctid=CT3282722&CUI=UN17741253933037214&UM=2&SSPV=TB_TIS, En quarantaine, [afdcfe7f5a310630949f1651976c946c]
PUP.Optional.Conduit, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{025345FC-78ED-4B0E-A323-D3C2C4AED7A4}|FaviconURL, http://search.conduit.com/favicon.ico, En quarantaine, [2b6005787a1191a53102d59214ef6e92]
PUP.Optional.SearchQu, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}|URL, http://www.searchqu.com//web?src=ieb&appid=0&systemid=414&sr=0&q={searchTerms}, En quarantaine, [e5a6740996f5fc3a7eb6830b8083936d]
PUP.Optional.SearchQu, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php?src=ieb&appid=0&systemid=414&qu={searchTerms}&ft=json, En quarantaine, [3754314cc2c98aacf044c4ca36cd758b]

Données du Registre: 5
PUP.Optional.HelperBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}),Remplacé,[791295e81c6f0036a89d470be321b64a]
PUP.Optional.HelperBar, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}),Remplacé,[94f7423bf5969e980a36e1710cf87f81]
PUP.Optional.HelperBar, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}),Remplacé,[4b40037ac9c2e353172b31211de7e21e]
PUP.Optional.HelperBar, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}),Remplacé,[85062954771477bfd072232fa65e1ee2]
PUP.Optional.HelperBar, HKU\S-1-5-21-4287026981-1210057374-3009538498-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://feed.helperbar.com/?publisher=OC&dpid=OC&co=FR&userid=000472d8-2fe6-41c7-9daa-45de9d90afbb&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}),Remplacé,[d9b2215cdcafd0668fb494be7e86aa56]

Dossiers: 8
Adware.InstallPedia, C:\Program Files (x86)\InstallPedia, En quarantaine, [0a81f9842b60b97d06b3a4a0af53d927],
PUP.Optional.OpenCandy, C:\Users\Mon Pc\AppData\Roaming\OpenCandy, Supprimer au redémarrage, [7912bdc04e3d37ff95381f2eaa5807f9],
PUP.Optional.OpenCandy, C:\Users\Mon Pc\AppData\Roaming\OpenCandy\8AED6DFF5ECA4C029BB6263A185F75A7, En quarantaine, [7912bdc04e3d37ff95381f2eaa5807f9],
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Conduit\Community Alerts, En quarantaine, [6229a5d8d3b8f0469af434298d75e719],
PUP.Optional.DataMngr, C:\Users\Mon Pc\AppData\LocalLow\DataMngr, En quarantaine, [becd790427646ec8c3098ed625dd6e92],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchquband, En quarantaine, [444729543952c571be580473e022ee12],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar, Supprimer au redémarrage, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\coupons, En quarantaine, [e5a66419b5d642f41601284f669cc937],

Fichiers: 19
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, En quarantaine, [fd8e3a437516f541eb444d41f40fdf21],
Adware.Trace, C:\END, En quarantaine, [72197a034d3e05315beafed916ed59a7],
Adware.InstallPedia, C:\Program Files (x86)\InstallPedia\Ionic.Zip.Reduced.dll, En quarantaine, [0a81f9842b60b97d06b3a4a0af53d927],
PUP.Optional.OpenCandy, C:\Users\Mon Pc\AppData\Roaming\OpenCandy\8AED6DFF5ECA4C029BB6263A185F75A7\2657.ico, En quarantaine, [7912bdc04e3d37ff95381f2eaa5807f9],
PUP.Optional.OpenCandy, C:\Users\Mon Pc\AppData\Roaming\OpenCandy\8AED6DFF5ECA4C029BB6263A185F75A7\EBB77268-338F-4C6A-8590-AD88FED26F4A, En quarantaine, [7912bdc04e3d37ff95381f2eaa5807f9],
PUP.Optional.OpenCandy, C:\Users\Mon Pc\AppData\Roaming\OpenCandy\8AED6DFF5ECA4C029BB6263A185F75A7\Linkury_ALL_p2v1.exe, En quarantaine, [7912bdc04e3d37ff95381f2eaa5807f9],
PUP.Optional.OpenCandy, C:\Users\Mon Pc\AppData\Roaming\OpenCandy\8AED6DFF5ECA4C029BB6263A185F75A7\OCBrowserHelper_1.0.3.85.dll, En quarantaine, [7912bdc04e3d37ff95381f2eaa5807f9],
PUP.Optional.DataMngr, C:\Users\Mon Pc\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, En quarantaine, [becd790427646ec8c3098ed625dd6e92],
PUP.Optional.DataMngr, C:\Users\Mon Pc\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}64, En quarantaine, [becd790427646ec8c3098ed625dd6e92],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\dtx.ini, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\geodata.xml, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\geoip.xml, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\guid.dat, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\log.txt, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\preferences.dat, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\stats.dat, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\uninstallIE.dat, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\coupons\merchants.xml, En quarantaine, [e5a66419b5d642f41601284f669cc937],
PUP.Optional.SearchQu, C:\Users\Mon Pc\AppData\LocalLow\searchqutoolbar\coupons\merchants2.xml, En quarantaine, [e5a66419b5d642f41601284f669cc937],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité