Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 21/08/2014 Heure de l'examen: 10:08:00 Fichier journal: Rapport.txt Administrateur: Oui Version: 2.00.2.1012 Base de données Malveillants: v2014.08.21.02 Base de données Rootkits: v2014.08.16.01 Licence: Premium Protection contre les malveillants: Activé(e) Protection contre les sites Web malveillants: Activé(e) Self-protection: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: romain Type d'examen: Examen "Personnalisé" Résultat: Terminé Objets analysés: 649856 Temps écoulé: 2 h, 10 min, 12 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Heuristics: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 46 PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\pRicEcHop.pRicEcHop, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\pRicEcHop.pRicEcHop.3.9, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pRicEcHop.pRicEcHop, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pRicEcHop.pRicEcHop.3.9, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{03E84503-BC3A-B3D7-446B-EB174AE05CBC}\INPROCSERVER32, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{3EE13F8E-8856-1450-7992-304A17A34F42}, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3EE13F8E-8856-1450-7992-304A17A34F42}, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3EE13F8E-8856-1450-7992-304A17A34F42}, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\preicechoOp.preicechoOp, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\preicechoOp.preicechoOp.3.9, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\preicechoOp.preicechoOp, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\preicechoOp.preicechoOp.3.9, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3EE13F8E-8856-1450-7992-304A17A34F42}, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3EE13F8E-8856-1450-7992-304A17A34F42}, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3EE13F8E-8856-1450-7992-304A17A34F42}, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{3EE13F8E-8856-1450-7992-304A17A34F42}\INPROCSERVER32, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{A047FA08-61BB-F0BF-5716-B1669D052849}, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A047FA08-61BB-F0BF-5716-B1669D052849}, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A047FA08-61BB-F0BF-5716-B1669D052849}, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\Adblocker.Adblocker, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\Adblocker.Adblocker.1.0, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adblocker.Adblocker, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adblocker.Adblocker.1.0, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A047FA08-61BB-F0BF-5716-B1669D052849}, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A047FA08-61BB-F0BF-5716-B1669D052849}, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A047FA08-61BB-F0BF-5716-B1669D052849}, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{A047FA08-61BB-F0BF-5716-B1669D052849}\INPROCSERVER32, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [1730f6d195e6b68086a5e864a25e4cb4], PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [1730f6d195e6b68086a5e864a25e4cb4], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [1730f6d195e6b68086a5e864a25e4cb4], PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [1730f6d195e6b68086a5e864a25e4cb4], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}, , [8fb88b3c601b55e11649a62fe51d40c0], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, , [1f289c2bb2c9e650df814e8726dc6a96], Valeurs du Registre: 0 (No malicious items detected) Données du Registre: 1 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[3e09487f4338a393220c77637e86748c] Dossiers: 4 PUP.Optional.MultiPlug.A, C:\ProgramData\priicechoop, , [8fb88b3c601b55e11649a62fe51d40c0], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\priicechoop, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, C:\ProgramData\priceChop, , [2d1a4c7bb0cb86b023f434a206fc7c84], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\priceChop, , [0641b611ef8c4ee866b21abcc9390df3], Fichiers: 41 PUP.Optional.Preload, C:\Program Files (x86)\priicechoop\anUKhfl6K.x64.dll, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, C:\Program Files (x86)\priicechoop\anUKhfl6K.dll, , [65e2784ff388e74f67006b34af528f71], PUP.Optional.Preload, C:\Program Files (x86)\priceChop\0HRfB.x64.dll, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, C:\Program Files (x86)\priceChop\0HRfB.dll, , [52f50cbb7b00ce68e5823867f20fb44c], PUP.Optional.Preload, C:\Program Files (x86)\Adblocker\2yX.x64.dll, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Preload, C:\Program Files (x86)\Adblocker\2yX.dll, , [ce79cff8cdae10266304801f40c147b9], PUP.Optional.Boxore.A, C:\AeriaGames\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\SoftwareUpdate.exe.vir, , [3e0922a5354679bdb0c32239887c659b], PUP.Optional.Boxore.A, C:\AeriaGames\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\1.3.25.0\SoftwareCrashHandler.exe.vir, , [d572be09a3d8f046690a64f729db8e72], PUP.Optional.Boxore.A, C:\AeriaGames\AdwCleaner\Quarantine\C\Program Files (x86)\Software\Update\1.3.25.0\SoftwareUpdate.exe.vir, , [f84fcef97cffe155cfa4baa19470629e], PUP.Optional.AdLyrics.A, C:\AeriaGames\AdwCleaner\Quarantine\C\Program Files (x86)\Video-Saver\Video-Saver.exe.vir, , [db6c547314678da9a624d06d9d63e020], PUP.Optional.Preload, C:\AdsFix\Quarantine\C\Program Files (x86)\Adblocker.AdsFix\kR1zw.x64.dll, , [0f38c2056318290d3433a6f9d829d030], PUP.Optional.Preload, C:\AdsFix\Quarantine\C\Program Files (x86)\pricechop.AdsFix\iS.x64.dll, , [e463982f720956e0baadaef1827fb24e], PUP.Optional.MultiPlug, C:\AdsFix\Quarantine\C\Users\All Users\Adblocker.AdsFix\m30rZG.exe, , [84c39235403b4de9d2e47f1ec9385fa1], PUP.Optional.MultiPlug, C:\AdsFix\Quarantine\C\Users\All Users\pricechop.AdsFix\k8k.exe, , [2c1b16b15229c4729323afee837e758b], PUP.Optional.InstallCore.A, C:\AdsFix\Quarantine\C\Users\romain\AppData\Roaming\InstallW.AdsFix\Full_Setup.exe, , [074030977b003105e9c2710c5ca5a759], PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll.vir, , [ff485671c5b6fc3ab82d7ee0f50c817f], PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll.vir, , [4bfc06c18fec75c12eb780dedf226997], PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialsrv.exe.vir, , [1e29d1f6fe7daf87e401f16d2ed32dd3], PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll.vir, , [76d116b1b9c290a69a4b045afb06a759], PUP.Optional.MySearchDial.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll.vir, , [da6d5374fa81c5710dd8530b28d97789], PUP.Optional.NetCrawl.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NetCrawl\NetCrawlBHO.dll.vir, , [a3a47255502b6ec80e036c2b8d7428d8], PUP.Optional.NetCrawl.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NetCrawl\updateNetCrawl.exe.vir, , [8dba6b5c790283b3ee24494ee1200ff1], PUP.Optional.NetCrawl.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe.vir, , [d07722a5ec8fee486aa88116c041b54b], PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.BrowserAdapterS.dll.vir, , [1433a12654272a0c93f8c5cc39c88977], PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.FeSvc.dll.vir, , [b295b512afcc66d0926a693436cbb848], PUP.Optional.Sanbreel.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\NetCrawl\bin\plugins\NetCrawl.PurBrowseG.dll.vir, , [87c0a91e9fdce551803fe39f808122de], PUP.Optional.Booster.A, C:\Users\romain\AppData\Local\Temp\s2vc\temp\usetup.exe, , [47005374cbb07db9de289ccb18ea6e92], PUP.Optional.Booster.A, C:\Users\romain\AppData\Local\Temp\s598\temp\usetup.exe, , [91b60cbbd4a72f07887ec5a200022dd3], PUP.Optional.MultiPlug, C:\Users\romain\Downloads\Maska - Rahh.mp4.exe, , [1730f6d195e6b68086a5e864a25e4cb4], PUP.Optional.BundleInstaller.A, C:\Users\romain\Downloads\Setup.exe, , [b88f20a788f3fa3cf4e4edc1fb069967], PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys, , , PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys, , , PUP.Optional.MultiPlug.A, C:\ProgramData\priicechoop\tEgK_v66s4.dat, , [8fb88b3c601b55e11649a62fe51d40c0], PUP.Optional.MultiPlug.A, C:\ProgramData\priicechoop\tEgK_v66s4.exe, , [8fb88b3c601b55e11649a62fe51d40c0], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\priicechoop\anUKhfl6K.dat, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\priicechoop\anUKhfl6K.tlb, , [1f289c2bb2c9e650df814e8726dc6a96], PUP.Optional.MultiPlug.A, C:\ProgramData\priceChop\PQPBYI.dat, , [2d1a4c7bb0cb86b023f434a206fc7c84], PUP.Optional.MultiPlug.A, C:\ProgramData\priceChop\PQPBYI.exe, , [2d1a4c7bb0cb86b023f434a206fc7c84], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\priceChop\0HRfB.dat, , [0641b611ef8c4ee866b21abcc9390df3], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\priceChop\0HRfB.tlb, , [0641b611ef8c4ee866b21abcc9390df3], PUP.Optional.MySearchDial.A, C:\Users\imite_000\AppData\Roaming\Mozilla\Firefox\Profiles\0ki33aix.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.startup.homepage", "http://start.mysearchdial.com/?f=1&a=tele0202ch&cd=2XzuyEtN2Y1L1QzuyByEtByB0E0AtD0EyDzztB0A0EyE0FzytN0D0Tzu0CyByByBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2035330451&ir=");), ,[d1762e99483389ad5d5f0cffed186f91] Secteurs physiques: 0 (No malicious items detected) (end)