cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 06/12/2015
Heure de l'analyse: 21:48
Fichier journal: Rapport_mamh.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2015.12.06.05
Base de données de rootkits: v2015.11.26.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Cécile

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 336254
Temps écoulé: 34 min, 41 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 3
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , En quarantaine, [23ba871a97f41b1ba705872b4ab97090],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, En quarantaine, [1bc2277a88030a2cb162d620b64d926e],
PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, En quarantaine, [2bb2aaf725666ec863b18076946ff709],

Valeurs du Registre: 7
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [5a832e73eba057df109bd1e1778cf20e]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [9d40d9c898f3a492c6e506ac29da07f9]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [deffa001a7e4e6504f5ce2d0a36014ec]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [6a73376a9cef15210d9ef4be669d867a]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [29b400a1cbc0f442decdfcb6c73ccb35]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [4a93960bbccfc76f7932872b9b68d62a]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130641498726801200, En quarantaine, [23ba871a97f41b1ba705872b4ab97090]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\xpi, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\ct3281675, En quarantaine, [02dbe4bd850689ad5f82e2be0afa1fe1],

Fichiers: 70
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\cltmng.exe, En quarantaine, [d20b5e438cffbe7838c7f33747ba9f61],
PUP.Optional.Boxore.WnskRST, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\MediaStreamingAgent.exe, En quarantaine, [cf0e0f92612a112512d5b0e60bf9ce32],
PUP.Optional.SoftwareUpdate, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\npSoftwareUpdate3.dll, En quarantaine, [02dbf5ac5e2de84eb16853ddae53ff01],
PUP.Optional.SoftwareUpdate, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SoftwareUpdate.exe, En quarantaine, [419c9809fd8ecf6767b22d0333ce0cf4],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM.exe, En quarantaine, [11cccbd6f794ff37488be9a223e18b75],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Communicator\mgcommon.dll, En quarantaine, [9449cad7791286b061726d1ed62e827e],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Communicator\mgcommunication.dll, En quarantaine, [4c915150eba044f25b788b00ea1aa65a],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Communicator\mgxml_wrapper.dll, En quarantaine, [a8355948791241f59142bccf45bfe719],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgMediaPlayer.dll, En quarantaine, [4796bae7c6c5b581e2f1c6c503012bd5],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\ContentPackagesActivationHandler.exe, En quarantaine, [538a9d04602bbf77c70c7a1129dbc040],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgAdaptersProxy.dll, En quarantaine, [9548178abecd8fa7e9ea2467fa0af40c],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgArchive.dll, En quarantaine, [419c326f0e7d999d4a89fd8eac58f50b],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgcommon.dll, En quarantaine, [5489a0017a11d75fd300ccbfd232c33d],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgcommunication.dll, En quarantaine, [d20b2081810af54121b239527f854db3],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgconfig.dll, En quarantaine, [8d50aaf78902bb7b547f206bea1a12ee],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgFlashPlayer.dll, En quarantaine, [e9f48c155b30989e9e35711abe46ee12],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mghooking.dll, En quarantaine, [dffe6140424945f17d563e4dd331629e],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgICQAuto.dll, En quarantaine, [03da623fbdce54e2c60da2e946bec13f],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgICQMessengerAdapter.dll, En quarantaine, [f8e57d243358d066993a07840bf92fd1],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mglogger.dll, En quarantaine, [8a5330718dfe51e5a72cf5967c882bd5],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgMsnAuto.dll, En quarantaine, [deffe6bbb8d377bf63706b20d33128d8],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgMsnMessengerAdapter.dll, En quarantaine, [627b5a47e7a441f59b38a0eb5ea628d8],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgSweetIM.dll, En quarantaine, [904d722f771450e661721576a65e7d83],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgUpdateSupport.dll, En quarantaine, [d4096938216a3105468d018abc487f81],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgxml_wrapper.dll, En quarantaine, [b4291f82bdce340231a2622916ee728e],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgYahooAuto.dll, En quarantaine, [f8e5970ab1da6ec815be3556ce36b44c],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SweetIM\Messenger\mgYahooMessengerAdapter.dll, En quarantaine, [7e5f8a173e4d10269d36bdceb25219e7],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\OpenCandy\915DB16298544234BA94EAA870F72426\mconduitinstaller.exe, En quarantaine, [c11c445d07840f277ea072baa45cb749],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\ChromeModule.dll, En quarantaine, [39a4f1b00586f73fef104ddd36cb36ca],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\CltMngSvc.exe, En quarantaine, [9746653c8dfe22148e7148e215ecbd43],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\FirefoxModule.dll, En quarantaine, [55885a47d6b566d018e774b6808107f9],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\InternetExplorerModule.dll, En quarantaine, [6d706041e8a30b2beb14ba704ab70000],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\SPHook32.dll, En quarantaine, [ad30e8b9e5a690a634cb23079170c838],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\SPHook64.dll, En quarantaine, [5c819c054a417db95aa57dad45bc5ea2],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\SPRunner.exe, En quarantaine, [7e5f4c5544474beb46b94fdba45d639d],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\SPTool64.exe, En quarantaine, [7469366b2962e84eaf50aa80ed14a65a],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect\bin\uninstall.exe, En quarantaine, [13caeab76f1cfe388d728f9b1ee3c739],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\ChromeModule.dll, En quarantaine, [09d4237e96f51b1b52add65429d8ee12],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\CltMngSvc.exe, En quarantaine, [b12c445d1774c86e8b7485a5768baf51],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\FirefoxModule.dll, En quarantaine, [6a733b66b2d941f5aa55d456966b6997],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\InternetExplorerModule.dll, En quarantaine, [04d9d5cc8704ac8aa35c44e6c73af20e],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\SPHook32.dll, En quarantaine, [8c51c7daf89387afde2135f5867b26da],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\SPHook64.dll, En quarantaine, [13ca643ded9e1d194db257d3d82959a7],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\SPRunner.exe, En quarantaine, [65786c35c3c85ed8ec1335f5c63ba35d],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\SPTool64.exe, En quarantaine, [b627dbc60b8083b3d827a88217ea7987],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Roaming\ZHP\Quarantine\SearchProtect.DIR\bin\uninstall.exe, En quarantaine, [b02da00198f36dc92bd495956e937e82],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\tbedrs.dll, En quarantaine, [a736a0011c6fe84ee388256ead570bf5],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\tbentr.dll, En quarantaine, [15c84061f19ad363ddd543cc48b8ba46],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\tbuTor.dll, En quarantaine, [dd00cad71279e84e8be0f2a1f50f1ce4],
PUP.Optional.SweetIM, C:\Users\Cécile\AppData\Local\Temp\mgsqlite3.dll, En quarantaine, [617ccbd667245adc874c612a63a156aa],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\nsbCF4A.exe, En quarantaine, [03da6b36474445f12ad52ffb49b812ee],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\nsgAD6.exe, En quarantaine, [7568b1f08b00f0464db2f03a07faa957],
PUP.Optional.OpenCandy, C:\Users\Cécile\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe, En quarantaine, [904df3ae2863bf776994841114ec2ad6],
Trojan.Dropper, C:\Users\Cécile\AppData\Local\Temp\BoxoreInstaller.exe, En quarantaine, [1bc29d04761582b47b5116f1f1109c64],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\ct3281675\ctbe.exe, En quarantaine, [e4f90f92bfcc34020f2a75b7b050fa06],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\ct3281675\statisticsStub.exe, En quarantaine, [9746049de6a5d561d32339f1f9086b95],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\ct3281675\stub.exe, En quarantaine, [a439990893f89e9851ca59d36e927987],
PUP.Optional.InstallCore, C:\Users\Cécile\Documents\Avira-Free-Antivirus-2012.exe, En quarantaine, [4598ebb6eba0e0567079fc10fc0412ee],
PUP.Optional.Komodia, C:\Windows\Installer\29644b.msi, En quarantaine, [ac313968a7e4fb3b854452f3e21ebb45],
PUP.Optional.SweetIM, C:\Windows\Installer\31fe4f.msi, En quarantaine, [a33a425fbad1a591785b9eedec18bc44],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\manifest.json, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\conduitStatistics.csf, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\CT2851639.txt, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\CT2851639.xpi, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\initData.json, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\version.txt, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
PUP.Optional.ConduitTB.Gen, C:\Users\Cécile\AppData\Local\Temp\CT2851639\xpi\install.rdf, En quarantaine, [eeeff4ad6922033311d0f0b4bc461be5],
Rogue.Link, C:\Users\Cécile\Favorites\MP3 downloads www.MyFreeMp3.cc.url, En quarantaine, [f0edffa2dcaff73f553c35a60bf7966a],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\ct3281675\setup.ini.txt, En quarantaine, [02dbe4bd850689ad5f82e2be0afa1fe1],
PUP.Optional.Conduit, C:\Users\Cécile\AppData\Local\Temp\ct3281675\chromeid.txt, En quarantaine, [02dbe4bd850689ad5f82e2be0afa1fe1],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité