Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 12/10/2015 Heure de l'analyse: 23:30 Fichier journal: virus malwarebytes.txt Administrateur: Oui Version: 2.2.0.1024 Base de données de programmes malveillants: v2015.10.12.03 Base de données de rootkits: v2015.10.06.01 Licence: Essai Protection contre les programmes malveillants: Activé Protection contre les sites Web malveillants: Activé Autoprotection: Désactivé Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Savoie Jm Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 456058 Temps écoulé: 16 min, 6 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Désactivé Rootkits: Activé Heuristique: Désactivé PUP: Activé PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 9 PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0903B3D2-77C8-4AAB-94B2-50D1C4303C67}, , [5eb565f15734ef47f27911b5df26a55b], PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0903B3D2-77C8-4AAB-94B2-50D1C4303C67}, , [5eb565f15734ef47f27911b5df26a55b], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3470606961-1956297705-624639543-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0903B3D2-77C8-4AAB-94B2-50D1C4303C67}, , [5eb565f15734ef47f27911b5df26a55b], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0903B3D2-77C8-4AAB-94B2-50D1C4303C67}, , [5eb565f15734ef47f27911b5df26a55b], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3470606961-1956297705-624639543-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0903B3D2-77C8-4AAB-94B2-50D1C4303C67}, , [5eb565f15734ef47f27911b5df26a55b], PUP.Optional.CrossRider, HKU\S-1-5-21-3470606961-1956297705-624639543-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6AF4AB12-1B14-4E07-9B5B-151502DEBC70}, , [7e95e86e6724d85e3ac00d9eac58ec14], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\conduitEngine, , [4bc8d284cbc01b1bab7cfb99fa0af20e], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\APPDATALOW\SOFTWARE\conduitEngine, , [6da61244c4c7be788a9cfe9612f29967], PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}, , [888b65f167245fd7dd6fe9c406fe669a], Valeurs du Registre: 6 PUP.Optional.SweetPacks, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EEE6C35B-6118-11DC-9C72-001320C79847}, , [51c2e3733a5141f58cfe57aa0af99d63], PUP.Optional.SweetPacks, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, ????????, , [51c2e3733a5141f58cfe57aa0af99d63] PUP.Optional.CrossRider, HKU\S-1-5-21-3470606961-1956297705-624639543-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6af4ab12-1b14-4e07-9b5b-151502debc70}|AppName, Plus-HD-2.5-buttonutil.exe, , [7e95e86e6724d85e3ac00d9eac58ec14] PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|DisplayName, default-search.net, , [888b65f167245fd7dd6fe9c406fe669a] PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|URL, http://www.default-search.net/search?sid=476&aid=125&itype=a&ver=12791&tm=359&src=ds&p={searchTerms}, , [c44f391daae154e21636e4c9e91b8878] PUP.Optional.DefaultSearch.ShrtCln, HKU\S-1-5-21-3470606961-1956297705-624639543-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}|SuggestionsURL_JSON, http://www.default-search.net?sid=476&aid=125&itype=a&ver=12791&tm=359&src=ds&p={searchTerms}&ft=json, , [f91aafa72863082ece7edad35ca8f60a] Données du Registre: 0 (Aucun élément malveillant détecté) Dossiers: 0 (Aucun élément malveillant détecté) Fichiers: 18 PUP.Optional.Conduit, C:\Program Files (x86)\Freecorder\FreecorderToolbarHelper1.exe, , [cc4773e3602bfa3caed88acce020f20e], PUP.Optional.Conduit, C:\Program Files (x86)\Freecorder\hk64tbFre0.dll, , [fc172333593270c6c578e9431ee28977], PUP.Optional.Conduit, C:\Program Files (x86)\Freecorder\hktbFre0.dll, , [27ec20362d5ef0467fbee844827e2bd5], PUP.Optional.Conduit, C:\Program Files (x86)\Freecorder\ldrtbFre0.dll, , [ec274d0948435bdb5ce1032914ec21df], PUP.Optional.Conduit, C:\Program Files (x86)\Freecorder\tbFre0.dll, , [17fc0e489cefda5c5ce152daad5336ca], PUP.Optional.ConduitTB.Gen, C:\Program Files (x86)\Freecorder\tbFree.dll, , [5eb565f15734ef47f27911b5df26a55b], Spyware.Passwords, C:\Windows\SysWOW64\ALZZip.BIN, , [060d2d294e3d4aec3cd82354d22e37c9], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\hk64tbFre0.dll, , [43d046107d0e2c0a45aa88a4778a2dd3], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\hk64tbFre2.dll, , [ed261a3c28630135727da78524dd7090], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\hktbFre0.dll, , [a66dff57c0cb8aac955a71bbe21ff30d], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\hktbFre2.dll, , [f71c35216a2126105f90270544bd8878], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\ldrtbFre0.dll, , [040f3c1a7516b680737cfd2f2ad727d9], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\ldrtbFre2.dll, , [fe15c98de9a21a1c57980c208f727888], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\prxtbFre0.dll, , [9d7693c3a7e4e551985744e8ee134cb4], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\prxtbFre2.dll, , [2ce76fe7f299ca6c7976949829d8cc34], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\tbFre0.dll, , [42d162f4107bfb3b16d9ab81966bd927], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\tbFre1.dll, , [f71ce47227649d9948a7b676c53caa56], PUP.Optional.ClientConnect, C:\Users\Savoie Jm\AppData\Local\Freecorder\tbFre2.dll, , [a66de6700487072faa4584a8a85948b8], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)