Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'examen: 27/04/2014
Heure de l'examen: 17:17:59
Fichier journal: jrt.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de donn�es Malveillants: v2014.04.27.03
Base de donn�es Rootkits: v2014.03.27.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Chameleon: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: asaverus
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 240353
Temps �coul�: 18 min, 43 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Shuriken: Activ�(e)
PUP: Avertir
PUM: Activ�(e)
Processus: 1
Adware.Adpeak, C:\Program Files\002\yewimmxqbs64.exe, 2576, , [76d9d956c0bb0f27736879ac23e1bc44]
Modules: 0
(No malicious items detected)
Cl�s du Registre: 4
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\yewimmxqbs64, , [76d9d956c0bb0f27736879ac23e1bc44],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [034c959a86f589ad1999e26ea161b749],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, , [8dc282ad235881b557f95b1724de7c84],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-3818067875-2166740548-1819496326-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings, , [5bf4d25df685bd79acaa1a58fc060df3],
Valeurs du Registre: 0
(No malicious items detected)
Donn�es du Registre: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[46095cd3c1baec4adeb076bb07fd09f7]
PUP.Optional.Conduit.A, HKU\S-1-5-21-3818067875-2166740548-1819496326-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MA5195F2E-9E00-4F49-8B8A-75116732212C&SearchSource=55&CUI=&UM=5&UP=SP2501EA2E-7D7E-4C99-AB8D-6805ADDD8FA4&SSPV=, Bon: (http://www.google.com), Mauvais: (http://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MA5195F2E-9E00-4F49-8B8A-75116732212C&SearchSource=55&CUI=&UM=5&UP=SP2501EA2E-7D7E-4C99-AB8D-6805ADDD8FA4&SSPV=),,[cd82a18e433889ad0fe87aad42c2ce32]
Dossiers: 0
(No malicious items detected)
Fichiers: 8
Adware.Adpeak, C:\Program Files\002\yewimmxqbs64.exe, , [76d9d956c0bb0f27736879ac23e1bc44],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nscDCCF.exe, , [53fc1e115c1fba7c82e933f24fb2d22e],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nsm6CF.exe, , [39160827f18a0c2a2f3c4adbec15c43c],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nss25C.exe, , [7ed15fd0f18ab87ee18a50d5c23f27d9],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nsxD86B.exe, , [2f20210ec2b9df578dde6bba8d74cd33],
PUP.Optional.Conduit.A, C:\Users\asaverus\AppData\Local\Temp\nscAAD5\SpSetup.exe, , [f659a28dfe7dbc7a62f885953ac76799],
PUP.Optional.Conduit.A, C:\Users\asaverus\AppData\Roaming\Mozilla\Firefox\Profiles\9mfvjh9q.default\searchplugins\conduit-search.xml, , [e06f5fd0f289ff370ae2ff7b689aab55],
PUP.Optional.Conduit.A, C:\Users\asaverus\AppData\Roaming\Mozilla\Firefox\Profiles\9mfvjh9q.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.newtab.url", "http://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MA5195F2E-9E00-4F49-8B8A-75116732212C&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP2501EA2E-7D7E-4C99-AB8D-6805ADDD8FA4");), ,[c28d121d37448aaca1a7283537cda35d]
Secteurs physiques: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Date de l'examen: 27/04/2014
Heure de l'examen: 17:17:59
Fichier journal: jrt.txt
Administrateur: Oui
Version: 2.00.1.1004
Base de donn�es Malveillants: v2014.04.27.03
Base de donn�es Rootkits: v2014.03.27.01
Licence: Gratuite
Protection contre les malveillants: D�sactiv�(e)
Protection contre les sites Web malveillants: D�sactiv�(e)
Chameleon: D�sactiv�(e)
Syst�me d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Syst�me de fichiers: NTFS
Utilisateur: asaverus
Type d'examen: Examen "Menaces"
R�sultat: Termin�
Objets analys�s: 240353
Temps �coul�: 18 min, 43 sec
M�moire: Activ�(e)
D�marrage: Activ�(e)
Syst�me de fichiers: Activ�(e)
Archives: Activ�(e)
Rootkits: D�sactiv�(e)
Shuriken: Activ�(e)
PUP: Avertir
PUM: Activ�(e)
Processus: 1
Adware.Adpeak, C:\Program Files\002\yewimmxqbs64.exe, 2576, , [76d9d956c0bb0f27736879ac23e1bc44]
Modules: 0
(No malicious items detected)
Cl�s du Registre: 4
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\yewimmxqbs64, , [76d9d956c0bb0f27736879ac23e1bc44],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [034c959a86f589ad1999e26ea161b749],
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, , [8dc282ad235881b557f95b1724de7c84],
PUP.Optional.RRSavings.A, HKU\S-1-5-21-3818067875-2166740548-1819496326-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings, , [5bf4d25df685bd79acaa1a58fc060df3],
Valeurs du Registre: 0
(No malicious items detected)
Donn�es du Registre: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[46095cd3c1baec4adeb076bb07fd09f7]
PUP.Optional.Conduit.A, HKU\S-1-5-21-3818067875-2166740548-1819496326-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MA5195F2E-9E00-4F49-8B8A-75116732212C&SearchSource=55&CUI=&UM=5&UP=SP2501EA2E-7D7E-4C99-AB8D-6805ADDD8FA4&SSPV=, Bon: (http://www.google.com), Mauvais: (http://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MA5195F2E-9E00-4F49-8B8A-75116732212C&SearchSource=55&CUI=&UM=5&UP=SP2501EA2E-7D7E-4C99-AB8D-6805ADDD8FA4&SSPV=),,[cd82a18e433889ad0fe87aad42c2ce32]
Dossiers: 0
(No malicious items detected)
Fichiers: 8
Adware.Adpeak, C:\Program Files\002\yewimmxqbs64.exe, , [76d9d956c0bb0f27736879ac23e1bc44],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nscDCCF.exe, , [53fc1e115c1fba7c82e933f24fb2d22e],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nsm6CF.exe, , [39160827f18a0c2a2f3c4adbec15c43c],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nss25C.exe, , [7ed15fd0f18ab87ee18a50d5c23f27d9],
PUP.Optional.SearchProtect.A, C:\Users\asaverus\AppData\Local\Temp\nsxD86B.exe, , [2f20210ec2b9df578dde6bba8d74cd33],
PUP.Optional.Conduit.A, C:\Users\asaverus\AppData\Local\Temp\nscAAD5\SpSetup.exe, , [f659a28dfe7dbc7a62f885953ac76799],
PUP.Optional.Conduit.A, C:\Users\asaverus\AppData\Roaming\Mozilla\Firefox\Profiles\9mfvjh9q.default\searchplugins\conduit-search.xml, , [e06f5fd0f289ff370ae2ff7b689aab55],
PUP.Optional.Conduit.A, C:\Users\asaverus\AppData\Roaming\Mozilla\Firefox\Profiles\9mfvjh9q.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.newtab.url", "http://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MA5195F2E-9E00-4F49-8B8A-75116732212C&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP2501EA2E-7D7E-4C99-AB8D-6805ADDD8FA4");), ,[c28d121d37448aaca1a7283537cda35d]
Secteurs physiques: 0
(No malicious items detected)
(end)