Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 30/09/2016
Heure de l'analyse: 11:17:26
Fichier journal: Malware.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.09.30.06
Base de données de rootkits: v2016.09.26.02
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé

Système d'exploitation: Windows Vista Service Pack 2
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Steed

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 272849
Temps écoulé: 45 min, 57 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 13
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\APPID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\CLSID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\TYPELIB\{A1011E88-B997-11CF-2222-0080C7B2D6BB}, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\INTERFACE\{0142D788-C4FC-4ED8-2222-D654E27AF7F8}, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1843388-EFC2-49C9-2222-FC0C403B0EBB}, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\spdfrmon.Gate.1, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\spdfrmon.Gate, , [034b16628c0e73c3596d3ec00cf804fc], 
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\APPID\SPDFRMON.EXE, , [de700870aaf043f31b2be41c3dc86898], 
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1ABC7F0B-5FBD-461B-A202-519EA6B3E18B}, , [6ae4a5d34d4d072fcde0ce21a65d8d73], 
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{326643BA-CA91-4077-8805-F445B52841DF}, , [bd919bdd3c5e0a2c6449529d12f1748c], 
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7E8B46A0-D661-4165-A061-72EB8CC7F56A}, , [36184731dbbf0d29eac3d01f8380966a], 
PUP.Optional.RegCleanerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8DC76C1E-1659-4FA0-BE87-422854A36F42}, , [58f6a8d081190c2aaa049935fb0738c8], 

Valeurs du Registre: 5
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\APPID\SPDFRMON.EXE|AppID, {A245B088-41FA-478E-8DEA-86177F1394BB}, , [de700870aaf043f31b2be41c3dc86898]
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1ABC7F0B-5FBD-461B-A202-519EA6B3E18B}|Path, \APSnotifierPP1, , [6ae4a5d34d4d072fcde0ce21a65d8d73]
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{326643BA-CA91-4077-8805-F445B52841DF}|Path, \APSnotifierPP2, , [bd919bdd3c5e0a2c6449529d12f1748c]
PUP.Optional.AnyProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7E8B46A0-D661-4165-A061-72EB8CC7F56A}|Path, \APSnotifierPP3, , [36184731dbbf0d29eac3d01f8380966a]
PUP.Optional.RegCleanerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8DC76C1E-1659-4FA0-BE87-422854A36F42}|Path, \ASP, , [58f6a8d081190c2aaa049935fb0738c8]

Données du Registre: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[83cb3048fb9ff73ff2cda2d4f01413ed]

Dossiers: 2
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer, , [5ef0e7915743da5c9626d02e9a6ac63a], 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer1, , [fa54db9de7b37bbb0ab3c539e22250b0], 

Fichiers: 11
PUP.Optional.OpenCandy, C:\Users\Steed\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.0.8.windows.exe, , [77d74236bbdfae88327bd5b42fd509f7], 
PUP.Optional.OpenCandy, C:\Users\Steed\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.1.3.windows.exe, , [6be3abcde0ba8aacc9e496f39b69857b], 
PUP.Optional.Conduit, C:\Users\Steed\AppData\Roaming\ZHP\Quarantine\bittorrent.exe.VIR, , [65e95a1eedadf4428ea0540ac440cb35], 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer1\PCOptimizerProSetup.exe, , [f45afb7d9dfd4bebf570a51dab56f907], 
PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstr_01009.Wdf, , , 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer\ThankYou, , [5ef0e7915743da5c9626d02e9a6ac63a], 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer\delayexec.exe, , [5ef0e7915743da5c9626d02e9a6ac63a], 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer\wait.exe, , [5ef0e7915743da5c9626d02e9a6ac63a], 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer1\ThankYou, , [fa54db9de7b37bbb0ab3c539e22250b0], 
PUP.Optional.PCOptimizerPro, C:\Program Files\Display Offer1\newdelayexec.exe, , [fa54db9de7b37bbb0ab3c539e22250b0], 
PUP.Optional.SpeedItUp, C:\ProgramData\spds90.txt, , [410d3345d4c663d31b28827e887d19e7], 

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)