cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 08/02/2016
Heure de l'analyse: 18:30
Fichier journal: viruq mal.txt
Administrateur: Oui

Version: 2.2.0.1024
Base de données de programmes malveillants: v2016.02.08.03
Base de données de rootkits: v2016.01.20.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: NICOLE

Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 535912
Temps écoulé: 1 h, 22 min, 21 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 17
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{4a4554a5-d948-4494-9029-654b07ff7cf9}, , [b29107572c6d90a632d1307354ae7e82],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{4A4554A5-D948-4494-9029-654B07FF7CF9}, , [b29107572c6d90a632d1307354ae7e82],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{4A4554A5-D948-4494-9029-654B07FF7CF9}, , [b29107572c6d90a632d1307354ae7e82],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\APPID\{ebd97674-544c-4473-bf66-dd1ece99f781}, , [182b3f1f5544d85ec93ba102689aad53],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{EBD97674-544C-4473-BF66-DD1ECE99F781}, , [182b3f1f5544d85ec93ba102689aad53],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{EBD97674-544C-4473-BF66-DD1ECE99F781}, , [182b3f1f5544d85ec93ba102689aad53],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9B27F744-5C2F-4486-9B80-CBF725196CDF}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9B27F744-5C2F-4486-9B80-CBF725196CDF}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{9B27F744-5C2F-4486-9B80-CBF725196CDF}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EF1EC0B8-B41D-4489-8061-55790F8B0B13}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EF1EC0B8-B41D-4489-8061-55790F8B0B13}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3507101761-2711143210-323578003-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EF1EC0B8-B41D-4489-8061-55790F8B0B13}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.Wajam, HKU\S-1-5-21-3507101761-2711143210-323578003-1001\SOFTWARE\WajIEnhance, , [0f34b1ad5c3daf878365f80a719332ce],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3507101761-2711143210-323578003-1001\SOFTWARE\APPDATALOW\SOFTWARE\conduitEngine, , [d1723e206435d066c84ae1def60db24e],

Valeurs du Registre: 4
PUP.Optional.ConduitTB, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [1d26b7a7e7b28ea886c0b4ddfd0518e8],
PUP.Optional.ConduitTB, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{30F9B915-B755-4826-820B-08FBA6BD249D}, Conduit Engine, , [1d26b7a7e7b28ea886c0b4ddfd0518e8]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848}, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SVCHOST|ORBTR, Orbiter^^, , [f3509dc18c0d6fc7e1781ecd48bafb05]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.ConduitTB.Gen, C:\Users\NICOLE\AppData\LocalLow\ConduitEngine, , [5ce79dc16b2e45f1da8e43744eb4a65a],
PUP.Optional.ConduitTB.Gen, C:\Users\NICOLE\AppData\LocalLow\ConduitEngine\Logs, , [5ce79dc16b2e45f1da8e43744eb4a65a],
PUP.Optional.ConduitTB.Gen, C:\Users\NICOLE\AppData\LocalLow\ConduitEngine\MyStuffApps, , [5ce79dc16b2e45f1da8e43744eb4a65a],

Fichiers: 8
PUP.Optional.BrowseFox, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Constant Fun\Uninstaller.exe.vir, , [d56e2d31c3d6181e44455b6c28d98977],
PUP.Optional.Conduit, C:\AdwCleaner\Quarantine\C\Program Files (x86)\ORBTR\orbiter.dll.vir, , [d172e7770a8fbb7bfa1f3303847d29d7],
PUP.Optional.SearchProtect.AppFlsh, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir, , [4ef5ee70f4a5ac8a207b9320af520cf4],
PUP.Optional.SearchProtect.AppFlsh, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir, , [a89bda84e1b866d08b10aa09bb468c74],
PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\Users\NICOLE\AppData\Roaming\RHEng\26C1B77FCCE84312AB1CFE9C26A2A632\setup.exe.vir, , [fe4597c70198ea4c9a8c449c946d5ba5],
PUP.Optional.Wajam, C:\AdwCleaner\Quarantine\C\Users\NICOLE\AppData\Roaming\RPEng\113FAC4E25F84CB4B13C243CB9E1ACFE\WWE_1.58.105.13.exe.vir, , [84bfd18d4950e84ef5ed9668fe069c64],
PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Avanquest_FR\tbAvan.dll, , [64df342aa6f3d36314ac7582f60e6799],
PUP.Optional.ConduitTB.Gen, C:\Users\NICOLE\AppData\Roaming\ZHP\Quarantine\ConduitEngine.dll, , [49fa8dd16a2f4fe70eb2c532659f6b95],

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)

Publicité


Signaler le contenu de ce document

Publicité